migration guide

Remark: This guide may contain factual errors, so please doublecheck everything, and correct this wiki page.

This is a recollection of migrating from Microsoft Exchange server to wildduck.

Install wildduck

This is rather straightforward. Install it via the builtin setup script. The best is on a server or virtual server (I installed inside a kvm virtual server).

Check your email server

There are some useful website to check if your email server working correctly. You may need to remove yourself from some spam site.

Domain settings

SPF

You need to add a TXT record into DNS: v=spf1 a:yourdomain.com ~all

DKIM

Also DKIM settings.

jun2018._domainkey .yourdomain.com
v=DKIM1;p=MIIBIjANBgkqhkiG9...

Certification (for wildduck-webmail)

HOSTNAME="mail.yourdomain.com"
/root/.acme.sh/acme.sh --issue --nginx \
    -d "$HOSTNAME" \
    --key-file       /etc/wildduck/certs/privkey.pem  \
    --fullchain-file /etc/wildduck/certs/fullchain.pem \
    --reloadcmd     "/usr/local/bin/reload-services.sh" \
--force || echo "Warning: Failed to generate certificates, using self-signed certs"

Recheck the wildduck settings

/etc/zone-mta/plugins/wildduck.toml
hostname="yourdomain.com"
->
hostname="mail.yourdomain.com"

Outlook client settings

(Wildduck server is on your local network)

name: Anon Imous
email address: [email protected]

Server details
account type: IMAP
Incoming messages server: 192.168.0.1
Outgoing messages server: 192.168.0.1
Login details
username: anon
password: ftxgXXXXYYYYlhkf (generated via wildduck webmail, application specific password)
[x] password storage
[ ] Secure password ... login

[Advanced settings] ->
[Outgoing emails server]
[x] Outgoing server (SMTP) requires authentication
[x] Same settings with incoming email server

[Special]
Incoming server (IMAP): 993
The following secure connection type: SSL
Outgoing server (SMTP): 587
The following secure connection type: TLS

Add users to wildduck

The easiest with wildduck-webmail.

Migrate emails from old system (outlook clients)

The best method was to convert the outlook's .pst file to maildir format:

(I did the conversion inside a separate virtual machine (docker container)).

sudo apt-get install pst-utils
sudo apt-get install isync
mkdir anon_maildir; cd anon_maildir
readpst -M anon_inbox.pst 

Sync emails (in maildir format) to wildduck:

$ cat ~/.mbsyncrc
IMAPAccount yourdomain
# Address to connect to
Host 192.168.0.1
User [email protected]
Pass gbxiccfdfbqb
# To store the password in an encrypted file use PassCmd instead of Pass
# PassCmd "gpg2 -q --for-your-eyes-only --no-tty -d ~/.mailpass.gpg"
#
# Use SSL
SSLType IMAPS
# The following line should work. If get certificate errors, uncomment the two following lines and read the "Troubleshooting" section.
CertificateFile /pst/19216801.cert
#CertificateFile ~/.cert/imap.gmail.com.pem
#CertificateFile ~/.cert/Equifax_Secure_CA.pem

IMAPStore yourdomain-remote
Account yourdomain

MaildirStore yourdomain-local
Subfolders Verbatim
# The trailing "/" is important
Path /pst/maildir-anon/
Inbox /pst/maildir-anon/Inbox

Channel yourdomain
Master :yourdomain-remote:
Slave :yourdomain-local:
# Exclude everything under the internal [Gmail] folder, except the interesting folders
#Patterns * ![Gmail]* "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail"
# Or include everything
Patterns *
# Automatically create missing mailboxes, both locally and on the server
Create Both
# Save the synchronization state files in the relevant directory
SyncState *

Sync it: mbsync -a