How to Set Up and Manage Emails on Hetzner Auction Servers

Uncategorized
By Azon Vault

How to Set Up and Manage Emails on Hetzner Auction Servers

Buying a low‑cost Hetzner auction server is a great way to get powerful hardware without breaking the bank. But many newcomers wonder how to turn that server into a reliable email host. In this guide we walk you through the entire process – from initial setup to ongoing maintenance – so you can send and receive email with confidence.

Why Choose a Hetzner Auction Server for Email?

  • Performance: Dedicated resources mean fast mail delivery.
  • Cost‑effective: Auction prices are often 50%‑70% cheaper than standard dedicated servers.
  • Flexibility: Full root access lets you install any mail stack you prefer.

Prerequisites Before You Start

Make sure you have the following ready:

  1. A Hetzner auction server with a clean OS install (Ubuntu 22.04 LTS is recommended).
  2. Root SSH access.
  3. A domain name you own (e.g., example.com).
  4. Basic familiarity with Linux command line.

Step 1 – Prepare DNS Records

Correct DNS configuration is the foundation of any mail system. Log in to your domain registrar and add these records:

  • MX record: Point to mail.example.com with priority 10.
  • A record: Create mail.example.com pointing to your Hetzner server’s public IP.
  • SPF (TXT) record: v=spf1 ip4:YOUR.SERVER.IP ~all
  • DKIM: Generated later – add the public key as a TXT record.
  • DMARC (TXT) record: v=DMARC1; p=none; rua=mailto:postmaster@example.com

Propagation usually takes 5–15 minutes, but allow up to 24 hours for full global availability.

Step 2 – Install a Mail Stack

There are many options, but the most beginner‑friendly combination is Postfix (SMTP) + Dovecot (IMAP/POP3) + Roundcube (webmail). Run the following commands on Ubuntu:

apt update && apt upgrade -y apt install -y postfix dovecot-imapd dovecot-pop3d dovecot-lmtpd mailutils spamassassin clamav unzip curl

During the Postfix installer, select “Internet Site” and set the system mail name to example.com.

Configure Postfix

postconf -e "myhostname = mail.example.com" postconf -e "mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain" postconf -e "relay_domains =" postconf -e "home_mailbox = Maildir/" postconf -e "smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem" postconf -e "smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key" systemctl restart postfix

Configure Dovecot

cat > /etc/dovecot/conf.d/10-mail.conf <<'EOF' mail_location = maildir:~/Maildir namespace inbox {   inbox = yes } EOF  cat > /etc/dovecot/conf.d/10-auth.conf <<'EOF' auth_mechanisms = plain login !include auth-system.conf.ext EOF  systemctl restart dovecot

Step 3 – Secure Your Server

Security is non‑negotiable for email servers because spammers love to abuse them.

  • Enable UFW firewall: allow only SSH (22), SMTP (25, 587), IMAP (143), IMAPS (993).
  • Install Fail2Ban: protects against brute‑force login attempts.
  • Enable SpamAssassin and ClamAV: filter spam and viruses.
ufw allow OpenSSH ufw allow 25/tcp ufw allow 587/tcp ufw allow 143/tcp ufw allow 993/tcp ufw enable  apt install -y fail2ban systemctl enable fail2ban && systemctl start fail2ban  systemctl enable spamassassin && systemctl start spamassassin systemctl enable clamav-freshclam && systemctl start clamav-freshclam

Step 4 – Set Up DKIM Signing

DKIM adds a cryptographic signature to outgoing mail, dramatically improving deliverability.

apt install -y opendkim opendkim-tools mkdir -p /etc/opendkim/keys/example.com opendkim-genkey -s mail -d example.com -D /etc/opendkim/keys/example.com chown -R opendkim:opendkim /etc/opendkim/keys/example.com  cat > /etc/opendkim.conf <<'EOF' Syslog          yes UMask           002 Domain          example.com KeyFile         /etc/opendkim/keys/example.com/mail.private Selector        mail Socket          inet:12301@localhost EOF  systemctl restart opendkim

Copy the contents of mail.txt (the public key) into a TXT record named mail._domainkey.example.com at your DNS provider.

Step 5 – Test Your Configuration

Use online tools (e.g., MXToolbox) to verify MX, SPF, DKIM, and DMARC. Also send a test email to a Gmail address and check the “Show original” view for proper headers.

Ongoing Maintenance Tips

  • Update packages regularly: apt update && apt upgrade -y.
  • Monitor mail logs (/var/log/mail.log) for rejected connections.
  • Renew your DKIM key every 1‑2 years.
  • Consider adding a backup MX in another data center for redundancy.

Frequently Asked Questions

Can I host multiple domains on one Hetzner server?
Yes. Add virtual domains in Postfix and create separate mailboxes in Dovecot.
Do I need a dedicated IP for each domain?
Not strictly. A single IP works with proper SPF/DKIM, but a dedicated IP can improve reputation.
What if my server’s IP gets blacklisted?
Check blacklists regularly, ensure SPF/DKIM/DMARC are correct, and request delisting with a clear remediation plan.

Conclusion

Setting up email on a Hetzner auction server may seem daunting, but following these steps gives you a secure, high‑performance mail system that scales with your needs. With proper DNS, a solid mail stack, and ongoing monitoring, you’ll enjoy fast delivery and low spam rates without paying premium prices.

Ready to power your own email? Grab a Hetzner auction server today, follow this guide, and start sending professional‑grade mail from day one.

Azon Vault 5765 posts 0 comments
You might also like More from author

Comments are closed, but trackbacks and pingbacks are open.