iRedMail version: 0.8.7
OS: Raspbian on Raspberry Pi
"Webserver URL": https://example.com
"My e-mail": me@example.com
(not my real webserver or e-mail, you get the idea)
======================================================
I'd like to add e-mail capabilities to my current server that hosts a website featuring ownCloud services via Apache2. The website is accessible by SSL on port 443, and my certificates are self-signed through my own CA.
Is it possible to provide e-mail on this same server that hosts my website? I imagine this would be possible... but I run into trouble when iRedMail starts overwriting my configuration, such as changing my website's SSLCertificateFile path to its own, making my website no longer accessible using my own SSL certificates. Etc.
Can anyone help point me in the right direction? I've searched all over and attempted installing iRedMail a few times, but I just can't get the configuration right so that the webserver and e-mail function can co-exist on the same machine. There seems to be something about the Apache2 configuration for iRedMail that conflicts with the current webserver, but I'm not sure what that is.
======================================================
/etc/apache2/sites-available/example-ssl.conf
My webserver's configuration file -- again "example" is just an example 
<VirtualHost *:443>
# Main configuration statements
ServerName example.com
DocumentRoot /var/www/
CustomLog /var/log/owncloud/ssl-access_log combined
ErrorLog /var/log/owncloud/ssl-error_log
ServerSignature Off
TraceEnable off
Options -Indexes -Includes -MultiViews
# SSL configuration
SSLEngine on
SSLCertificateFile /etc/ssl/crt/exampleServer-cert.pem
SSLCertificateKeyFile /etc/ssl/key/exampleServer-key.pem
SSLCACertificateFile /etc/ssl/crt/exampleCAcert.pem
SSLVerifyDepth 2
SSLCompression Off
# Force all traffic to remain on HTTPS:
Header set Strict-Transport-Security "max-age=16070400;
includeSubDomains"
# Directory permissions
<Directory />
Options None
AllowOverride None
Deny from All
</Directory>
<Directory /var/www/logs/>
Order Deny,Allow
Deny from all
AllowOverride None
Options None
</Directory>
# GeoIP settings: block all countries except US and France
<Directory /var/www/>
<IfModule mod_geoip.c>
Options FollowSymLinks
Order Deny,Allow
Deny from all
GeoIPEnable On
# RewriteCond %{ENV:GEOIP_COUNTRY_CODE} !^(US)$
# RewriteRule ^(.*)$ http://www.google.com$1 [R,L]
SetEnvIf GEOIP_COUNTRY_CODE US AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE FR AllowCountry
Allow from env=AllowCountry
AllowOverride None
</IfModule>
</Directory>
</VirtualHost>
Other information
* Server is "hardened" and set up to be as secure as a beginner-intermediate Linux dude can make it
* Fail2ban set up and working
* Mod_security is enabled
* Ports 443, 80, and 21 are forwarded on the router
* UFW firewall is keeping those ports open
* Dynamic DNS is set up
* Added a mail.example.com hostname on the DNS server website just in case it would be necessary, and added that for the MX server on the Dynamic DNS site (hopefully correctly, but I don't know if it makes a difference).
* Logwatch is installed
* Please ask if anything is missing