Secure Email with Hexamail Server: Best Practices and Configuration Tips

Hexamail Server: Complete Setup Guide for Windows and Linux

Overview

Hexamail Server is a self-hosted mail and collaboration server offering SMTP/IMAP/POP3, webmail, CalDAV/SyncML calendar sync, shared contacts, archiving, anti-spam/antivirus, and admin APIs. It runs on Windows and Linux and provides both a Windows admin console and a WebAdmin interface.

Quick checklist (prerequisites)

• Server with sufficient disk (≥2GB for basic install; more for mail stores).
• Windows (⁄₆₄-bit) or Linux (CentOS/Ubuntu/RedHat) OS.
• Static public IP or hostname and DNS MX record pointing to it.
• Administrator/root access on the machine.
• Open required firewall ports (common defaults below).
• SSL certificate for secure services (recommended).

Ports to open (defaults)

• SMTP: 25
• SMTP (SSL): 465
• Submission/SMTP alternative: configurable (often 587)
• IMAP: 143
• IMAP (SSL): 993
• POP3: 110
• POP3 (SSL): 995
• Webmail/WebAdmin: 880 (HTTP), ⁄₈₀₈₀ (HTTPS/http depending on config)
• Calendar (CalDAV/SyncML): ⁄₄₄₃ (configurable)
• Remote admin: 23006 (Windows admin console)
• Developer API: 1880 (configurable)

Windows installation (steps)

1. Download the appropriate installer (32- or 64-bit) and license file.
2. Run hexamailserversetup.exe as Administrator.
3. Install both the Windows service and Administration console if prompted.
4. Choose install folder and complete setup—installer starts configuration wizard.
5. Use the wizard to create domains, users/mailboxes, and basic mail routing.
6. Configure SMTP relay/smarthost if your ISP blocks port 25.
7. Install SSL certs (WebAdmin, IMAP/POP3/SMTP) via the administration interface.
8. Open required ports on Windows Firewall and your network firewall/router.
9. Test sending/receiving and connect clients (Outlook, Thunderbird, mobile) via IMAP/SMTP or webmail.

Linux installation (steps)

1. Download the Linux build and copy to target machine.
2. Ensure required packages and correct architecture (64-bit recommended).
3. Switch to root for ports <1024 access.
4. Unpack and run provided start.sh to begin the service.
   • Example: ./start.sh
5. Optionally create a systemd service file (/etc/systemd/system/hexamailserver.service) pointing ExecStart to start.sh and ExecStop to stop.sh.
6. Start the service and check logs (logs/Hexamail Server.log).
7. Open ports in iptables/firewalld/ufw and configure NAT/port forwarding on router if needed.
8. Open WebAdmin at http://server:880/ (or configured port) to finish configuration: domains, users, routing, SSL.
9. Install SSL certs and configure mail client settings; configure smarthost if required.

Post-install configuration (recommended actions)

• Add your domains under SMTP Server → Domains.
• Configure DNS: MX record pointing to your FQDN; PTR record for reverse DNS where possible.
• Configure DKIM/DMARC/SPF to improve deliverability.
• Set up antivirus/antispam modules and quarantine policies.
• Configure mailbox storage paths and retention/archive policies.
• If using LDAP/Active Directory, configure sync under Authentication.
• Enable and test TLS/SSL for all client/server connections.
• Configure backups for mail store and Hexamail configuration files.
• Review logs and set up alerting/monitoring.

Running as a service on Linux (systemd example)

Create /etc/systemd/system/hexamailserver.service:

Code
Copy CodeCopied
[Unit] Description=Hexamail Server After=network.target[Service] Type=oneshot ExecStart=/path/to/hexamail/start.sh RemainAfterExit=true ExecStop=/path/to/hexamail/stop.sh

 
[Install] WantedBy=multi-user.target 

Then enable and start:

• systemctl enable hexamailserver
• systemctl start hexamailserver

Troubleshooting pointers

• If messages queue but not delivered: check SMTP Relay/Smarthost settings and network connectivity to next-hop.
• If remote servers reject mail: verify PTR, SPF, DKIM, and that your IP isn’t blacklisted.
• If WebAdmin unreachable: confirm service running and firewall/router port forwarding.
• Check logs in logs/Hexamail Server.log for startup and delivery errors.

Useful documentation links

• Hexamail official docs (installation, admin, config): https://www.hexamail.com/docs/ (see Windows/Linux installation and configuration guides)

If you want, I can produce a step-by-step configuration for a specific OS version (example: Ubuntu 22.04 or Windows Server 2019) including sample DNS records, firewall commands, and exact client settings.