Configure and Test DNS and Secure Email: CyberPanel Part 3 of 4

CyberPanel Part 3

Now that we have a clean installation of CyberPanel, there are some immediate steps that should be taken with regards to configuration. Part 3 of the series will focus on these. Specifically, this article will step through the following:

Part 3:

Let’s get started with the configuration now!

Update CyberPanel admin account

  1. Log into your freshly installed CyberPanel page at https://your-server-FQDN:8090
  2. Click Users, then Modify User
  3. Select the “admin” account from the dropdown
  4. Update the first & last name fields, e-mail address, and validate the password.
  5. Optionally enable 2 Factor Authentication. I would highly recommend this! Just be sure to have a phone/tablet ready with your Authentication app. Personally, I use 1Password since it can scan the QR code and store the TOTP with a password entry. This makes it particularly easy to fill-in the TOTP when prompted at login!

Create a root website for web and e-mail

Next, we’ll get a root website setup with SSL and enable e-mail.

Create Website

  1. Under “Websites” on the left, click “Create Website”
  2. For Website Details:
  • Select Package: Defaults
  • Select Owner: admin
  • Domain Name: type in your root domain name here
  • Email: specify your e-mail address
  • Select PHP: Select your desired PHP version. You cannot leave this unselected as it will prevent you from submitting the from.
  • Additional Features: Check the additional features.
    • SSL: will enable Lets Encrypt automatic SSL Ceritifcate for the website
    • DKIM Support: Creates necessary DNS records (default RSA sha256 domainkey) in the CyberPanel DNS Server
    • Open basedir protection: prevents PHP sccripts from accessing files outside of the website’s root directory
    • Create Mail Domain: (optional) This will create a child domain (and relevant DNS records) named mail.your-root-domain (for example, mine created mail.mylab.page)

Configure NameServers in CyberPanel

Now let’s get our CyberPanel setup for NameServer functionality.

Config Default Nameservers

  • On the left side of the page, click “DNS”, then “Config Default Nameservers”
  • Enter the FQDN of each of the Nameservers you defined with your registrar
  • Click “Save” when done

Now that the Nameservers are defined, let’s actually create them!

Config Default Nameservers

  • On the left side of the page, click “DNS”, then “Create Nameserver”
  • For Domain Name, enter your root domain name that these Nameservers will be servicing
  • Next, for First and Second Nameserver, Enter the FQDN of each of the Nameservers you defined with your registrar
  • Finally, enter the IP Address of the server (VPS) that you have installed CyberPanel on
  • Click “Create Nameserver” when done

Review DNS Records

The Nameserver is setup, so it’s time to verify all the necessary records have also been initialized.

  • On the left side of the page, click “DNS”, then “Add/Delete Records”
  • Next, select your root domain from the Select Domain dropdown
  • Click the “A” to review your “A” records, then proceed through each of the tabs. CNAME, MX, TXT, NS, and SOA should all have records in them

Run DNS check

It’s a good idea to use some external tools to verify that the world sees your DNS server and can properly do lookups with your DNS server. Here are a couple great tools to check your records and DNS health:

Enable SSL on the mail server

Being able to have secure authentication when sending and receiving e-mail is a critical feature of mail that cannot be ignored these days. In order to allow for SSL/TLS enabled connections to the mail server, a valid SSL Certificate must be installed on the mail server, and each component told where to find the certificate files. Fortunately, CyberPanel makes this a pretty easy task due to its integration with Lets Encrypt. Follow these steps to enable SSL for the mail services in your newly installed server:

Issue SSL for Mail Server

  • On the left side of the page, click SSL, then select “MailServer SSL”
  • When the right side of the page loads, click the “Select Website” dropdown and select your mail server address; this should match the MX record.
  • Click the “Issue SSL” button

Create an e-mail account

Now that e-mail should be configured, you need an account to test things and use for any site notifications. Right now is a good time to create an address for your admin account.

  • On the left, click Email, then select Create Email
  • Click the “Select Website” dropdown and select your root domain. Create Mail Account
  • Specify the User Name you wish to create as an email address. (Note that to the right of the User Name field, the remaining part of the address is shown. @mylab.page for example…)
  • For Password, enter a secure password (or optionally use the Generate button) - be sure to save/document the password for this address.
  • Click Create Email

Get e-mail server details for 3rd party mail clients

While webmail offers a bit of convenience, it is not always the preferred method of accessing email. People will need to know the server info to use in their desktop/mobile email clients such as Outlook, Thunderbird, Apple Mail, etc… You can find this information as follows:

  • On the left, click Email, then List Emails
  • Select Domain, choose your root domain (or whichever domain you had created the account on)
  • Retrieve the necessary SSL details for POP3, IMAP, and SMTP. Mail Server Details

Test mail using Rainloop webmail

CyberPanel does have a built in webmail client: Rainloop. It can be accessed at the same address as your CyberPanel admin page + /rainloop. For example, https://your-server-address:8090/rainloop

  • Enter the full e-mail address in the Email field
  • Enter the password you set for the account and hit [ENTER] Rainloop Login
  • You will then be able to manage your mail: Rainloop Client

Run mail-tester.com test on mail server

Now that you have a mail account setup, you should do some basic tests yourself with an additional account. An extra step is to use a simple 3rd party website like Mail-Tester to run some extra checks: Mail-Tester.com Results

The goal with Mail-Tester is to score 10/10.

If you want more in-depth analysis of your Mail configuration, take a look at the great tools by MX Toolbox:

MXToolbox

Configure and test Thunderbird with SSL/TLS

Everything is looking good, now we can proceed with setting up a mail client to confirm SSL/TLS connectivity. Since I’m using a Linux Mint OS at the time of this tutorial, I’ll setup Thunderbird. These settings are used in just about any mail client, regardless of OS.

When Thunderbird is launched, you are prompted for an e-mail account. Enter the appropriate details. Double-check that the Server address, ports, SSL, and Authentication are all specified correctly. As seen in the video, Thunderbird did not include the “mail.” prefix to my domain name when it auto-detected the mail settings based on my mail address.

Thunderbird Mail Client Settings

That’s it for Part 3. Join me again for Part 4 where we get a nicer URL for our CyberPanel admin access (and Rainloop), remove the need to use port 8090, enable Dark Mode for CyberPanel, and install Wordpress!

Video Walk-through

Any comments? Please post them on the YouTube Video - thanks!

Popular Domains for just 99 Cents at Namecheap!

Copyright