Quick Start
How to set up domain based email hosting and accounts.
For first time users without a mailadmin logon to ZGUS Email
Currently participation is by invitation. Hence we need to have agreed ZGUS will host Email for one or more domains for you beforehand.
If you do not own domains for email hosting yet and do not have an account on https://namcheap.com then create an account with them and purchase one or more domains:
For each domain:
- Click on ‘Domain List’
- Click on ‘Manage’ for the chosen domain
- Click on ‘Sharing & Transfer’
- In Share Access box, enter zgus in lower case and click ADD
- Check ‘New Manager’ is zgus in lower case
- For ‘Manager’s Access’, change drop down box to ‘Give manager some permissions’
- Only tick one box below in ‘Advanced DNS’ section: the ‘Manage Host Records’ box
- Add in your password in the ‘Namecheap Password’ box at end
- Click on Confirm box
- Repeat if you have more than one domain for email hosting.
Email us to confirm we have correct relevant admin contact details and so we can confirm the domain names are spelt as intended and that we have the complete list of domains for managing host records. We will not take any action until you email us. If more than one domain then tell us your primary domain name is. Tell us at least one email address for the primary domain, such as admin@mydomain.tld.
Using your primary domain name we will create a login ID into ZGUS Email. If your primary domain name is mydomain.tld then your logon ID will start with mydomain and be followed by some random letters, such as mydomaintxdc, for security purposes. Suppose your login ID was set to mydomainadmin (which it won’t be). You can consider mydomainadmin@mydomain.tld to be an inactive email account that should not be used for email but has extra account privileges.
We will let you know when setup is complete and what the initial password to login is to ZGUS Email is and what the password for the email accounts created.
You can then login to website https://mailadmin.mydomain.tld with user name mydomainadmin and password provided, change passwords, add more email addresses and add forwarding or aliasing. In other parts of this site we call this your mailadmin.
If you lose or cannot remember your mydomainadmin password we can reset it, even if you have changed it.
You can configure email client software, as per information in the introduction. You can also access an email account through webmail with https://webmail.mydomain.tld. Your users can also change their email account passwords with webmail.
If you do not need us to do any more DNS management you can remove zgus as a DNS manager.
Migrating Email and Keeping IMAP storage use low
Keeping a permanent archive on IMAP is not sound when it comes to a time to migrate email and is not sound with regard to protected information.
Migrating email is not fast, but is straightforward.
You need to have decided on a strategy. If not discussed otherwise, we think an appropriate strategy is not to migrate email to ZGUS Email but to export email to disc storage first, have some email removed, have more recent email moved to ZGUS Email and the rest left as a protected archive on disc. Thunderbird is convenient for this.
We also think a good strategy is to regularly export Email entirely to disc, and from disc remove email with protected information that no longer should be stored, such as with Thunderbird, so becoming a backup that can be protected. Email on IMAP that is now backed up to disc can be deleted from IMAP folders.
Thunderbird even allows exported email to be searched.
Keeping mail storage use low and
It is not sound practice to use IMAP storage as a permanent archive. In addition it has become important to have a policy with regard to storing personal or protected information.
A written straegy with
For experienced users already with a mailadmin logon to ZGUS Email
You don’t need to contact ZGUS once you have your mydomainadmin login, even when adding domains. ZGUS Email provides delegated control
DNS
Since the pattern to add domains in DNS is identical, just copy an existing example from one of your other domains. It just takes a bit of practice. In fact six of the seven records can be identically written (since mydomain.tld can be assumed), except for the x._domainkey DKIM record.
In summary this is what you need to set:
For Email
Suppose your domain name is mydomain.tld then for ZGUS Email hosting you need to set seven DNS records (three CNAME, two MX and two TXT)
- CNAME mail (or mail.mydomain.tld) to
mx.zgus.com - CNAME mailadmin (or mailadmin.mydomain.tld) to
mx.zgus.com - CNAME webmail (or webmail.mydomain.tld) to
mx.zgus.com - MX @ (or mydomain.tld) to
mx.zgus.comwith priority 10 - MX @ (or mydomain.tld) to
mx-relay.zgus.comwith priority 20 - TXT @ (or mydomain.tld) to
"v=spf1 include:spfmx.zgus.com ~all"(without the quotes) - TXT x._domainkey to a value provided by ZGUS Email in the DKIM section for the particular domain
Optionally Adding a DNS Record for DMARC
This is optional.
Caution: if you do use DMARC with a policy of quarantine or reject AND you use a maillist service then you need to insert CNAME records that point to DKIM servers for the mail service to act on your behalf.
Suppose you have an email account or email alias to receive DMARC reports, such as dmarc@mydomain.tld. Then to just receive reports without providing recommendations, make the following DNS entry
TXT @ _dmarc (or _dmarc.mydomain.tld) to "v=DMARC1; p=none; rua=mailto:dmarc@mydomain.tld" (without the quotes)
For reference, see also DMARC for organisations and DMARC Alignment and maillist services
Optionally Adding DNS Records For More Reliable Autodiscovery
Depending on email client, a mix of one or more of additional CNAME and SRV DNS records and website hosting can help
Thunderbird for Desktop
Can use a static web site to return static configuration information for a single mail domain, such as looking up autoconfig.mydomain.tld
More conveniently, a dynamic (non static) web site can suit multiple domains by using a CNAME DNS record for autoconfig site to point to a different but common site that reads what site configuration is being looked for and tailors the response accordingly.
Thunderbird and K-9 for Android
K-9 for Android is to be rebranded as Thunderbird and will use the same configuration methods as for Thunderbird for Desktop
Others
A lot of options are available.
For web hosting
For website hosting with a managed server you will need to set, with DNS, at least two A records and a TXT record:
- Address A record for mydomain.tld
- Address A record for www.mydomain.tld
- TXT record to verify to a managed server that a domain belongs to you.
ZGUS Email
Login to https://mailadmin.mydomain.tld with user name mydomainadmin.
General setup
- Use the Menu button (four dots) on the left for most of the tasks following
- Overall examine and add extra domains from ‘Account Manager’, ‘Domain Setup’
- Set a domain for administration from the ‘Domain’ dropdown at the top. This does not use the menu button
- Add, delete, edit and remove Email accounts from ‘E-Mail Manager’, ‘E-Mail Accounts’
- Add, delete, edit and remove Forwarders from ‘E-Mail Manager’, ‘Forwarders’
- Setup SSL certificates both for web and email secure access from ‘Account Manager’, ‘SSL Certificates’. More details below.
- Determine the DKIM entry for the x._domainkey TXT record from ‘Account Manager’, ‘DKIM Key (ONLY USE DKIM ENTRY)’
Generating SSL certificates:
- Choose ‘Get automatic certificate from ACME Provider’
- For each domain chosen, you must only tick three AND ONLY THREE boxes mail.mydomain.tld, mailadmin.mydomain.tld and webmail.mydomain,tld. YOU MUST NOT CHOOSE mydomain.tld (REMOVE THE TICK), even though offered and you must not choose from any other domain, even though offered
- Click green SAVE button on right
- Wait if necessary and click green SAVE button on right
- At the end, make sure ‘Force SSL with https redirect’ has a tick. If not, tick box and click SAVE on white Save button on left
DNS for web site hosting
TBD (To Be Documented)
Free web hosting with Google Firebase
TBD