MRatWork Forum by Mustafa Ramadhan

Sawo Project - Kloxo-MR Discussions => Kloxo-MR Technical Helps => Topic started by: Spacedust on 2021-06-08, 17:22:12

Title: How to add MTA-STS support for Kloxo-MR
Post by: Spacedust on 2021-06-08, 17:22:12
1. Logon to Kloxo-MR panel.

2. Go to Domains -> yourdomain.com -> Pointer domains -> Click Add Redirected tab

3. In Pointer Domain type mta-sts in Destination Directory type anything like contact (this is just technical domain and will show 404 error). Leave Map Mail untouched.

4. Go to Mail accounts and add these e-mails tlsrpt@yourdomain.com and mta-sts@yourdomain.com. You can redirect them by clicking on them and choosing Mail forwards and typing Mail Forward Address.

5. Go to Domains -> yourdomain.com -> Manage DNS -> Add TXT:

_mta-sts as hostname and Value v=STSv1; id=20210806155900

Then again Add TXT:

_smtp._tls as hostname and Value  v=TLSRPTv1; rua=mailto:tlsrpt@yourdomain.com

6. Go to Domains -> yourdomain.com -> SSL Certificates. If you have your SSL already remove it. Click Add Let's Encrypt, leave default Key Bits 2048 and add mta-sts.yourdomain.com to Subject Alternative Name (SAN) list, then click Add.

7. Logon via SSH and create /var/run/letsencrypt/.well-known/mta-sts.txt with such content:

version: STSv1
mode: enforce
mx: mail.yourdomain.com
mx: *.yourdomain.com
max_age: 31557600

8. Check if all is working properly here: https://aykevl.nl/apps/mta-sts/