Once you have a custom domain, you usually want an email to go along with it. Unlike traditional hosts, this isn't built in with DigitalOcean. Usually setting up an entire mail server is overkill and usually insecure. So we're going to set up a way to forward mail to your external email with a tool called Postfix.
First create an A record for mail.domain.com in addition to the MX record previously created.
Setup your mail domain for Apache. If you have a previously setup .conf you can just:
sudo cp www.mydomain.com.conf mail.mydomain.com sudo nano mail.mydomain.com.conf
and change the relevant variables (ServerName / Server Alias). If you don't have one set up copy the '000-defaulf.conf' file instead.
ServerAlias mail.mydomain.com ServerName mail.mydomain.com ServerAdmin firstname.lastname@example.org DocumentRoot /var/www/html/ <Directory /var/www/html/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory>
Once saved, we'll have to tell apache to use our new .conf file:
sudo a2ensite mail.mydomain.com.conf
and restart apache:
sudo service apache2 restart
Only follow these if you have https set up or want to set it up
Setup letsencrypt for your domain and your mail subdomain. This is a really cool service which will allow you to have a valid HTTPS certificate for your domain and allow us to use secure channels to deliver mail. We'll be using a tool called cert-bot to help us manage them.
sudo apt-get update
sudo apt-get install python-letsencrypt-apache
Once those are complete run:
sudo letsencrypt --apache
And make sure all the domains are selected, choose the options wanted for your config (if you haven't switched all your external scripts and stylesheets on your website to https, select easy instead of secure or you'll get warnings about resources being loading insecurely or go in and change them.) Certbot will walk you through renewing your certificates which only last for 90 days but it's easy to set up automatic renewal.
sudo apt-get install postfix
Configuration can be a bit confusing but follow the first 4 steps in this tutorial and you'll be up and running.
Once those steps are complete, we add the emails we want to forward.
sudo postmap /etc/postfix/virtual
email@example.com firstname.lastname@example.org email@example.com firstname.lastname@example.org
sudo service postfix reload
Now we need to integrate letsencrypt into our config.
sudo nano /etc/postfix/main.cf
smtpd_tls_cert_file= line to:
and change the
smtpd_tls_key_file= line to
sudo systemctl reload postfix
That's it! Wait for your DNS and MX to propogate and test your setup. Pingability is a nice tool which will show you if you have any errors.