Mailpit Setup
Docker Setup
Create docker-compose.yml:
version: '3'
services:
mailpit:
image: axllent/mailpit
container_name: mailpit
restart: unless-stopped
ports:
- "8025:8025" # Web UI
- "1025:1025" # SMTP port
environment:
MP_MAX_MESSAGES: 5000
MP_DATA_FILE: /data/mailpit.db
volumes:
- ./data:/data
Start Mailpit:
docker-compose up -d
Nginx Configuration
To limit the access, we need to add basic auth for the mailhog.
# Create password file
sudo htpasswd -c /etc/nginx/.htpasswd admin
Create /etc/nginx/sites-available/mailpit.conf:
server {
listen 80;
server_name mail.example.com;
location / {
# Basic Authentication
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
# Proxy Settings
proxy_pass http://localhost:8025;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Enable the site:
sudo ln -s /etc/nginx/sites-available/mailpit.conf /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
SSL Configuration (Optional)
sudo certbot --nginx -d mail.example.com
Firewall Configuration
Allow SMTP access from specific IPs:
# Allow development network
sudo ufw allow from 192.168.1.0/24 to any port 1025
# Allow VPN network
sudo ufw allow from 10.8.0.0/24 to any port 1025
# Allow specific server
sudo ufw allow from 203.0.113.15 to any port 1025
# Allow IPv6 network if needed
sudo ufw allow from 2001:0db8::/32 to any port 1025
# Verify rules
sudo ufw status numbered
Application Configuration
Configure your application to use Mailpit SMTP:
SMTP Host: localhost
SMTP Port: 1025
No authentication required
Security Notes
- Never expose port 1025 publicly
- Only allow specific IPs through firewall
- Use SSL for web interface
- Monitor access logs
- Regularly update Docker image