Add better documentation

README.md

@@ -1,2 +1,59 @@
 # SimpleMailserver
-A script to facilitate easy installation of a Postfix + GMail proxy for custom emails you can easily access from the gmail client
+A script to facilitate easy installation of a Postfix + Gmail relay for custom emails you can easily access from the gmail client or other clients supporting SMTPS and POP3
+
+# Before installing
+1. Some ports must be exposed to be able to host a mailserver, and to prevent abuse most registrars disable these ports by default. Contact support to have them opened:
+   * 25: SMTP
+   * 110: POP3
+   * 143: IMAP
+   * 465: SMTPS
+   * 587: Submission
+   * 993: Secure IMAP
+   * 995: Secure POP3
+2. Certain DNS records must be added, namely MX and AAAA. MX must contain the mail.domain.com domain and AAAA must contain the mail subdomain
+![Example DNS records](images/aaaa.png)
+2. Generate an app password at [https://myaccount.google.com/apppasswords](https://myaccount.google.com/apppasswords)
+3. Select `Other (Custom name)` and enter a distinctive identifier, like `Mailserver mail.domain.com`
+![Select app](images/select_app.png)
+4. Select generate and keep this app password for installation. You will not be able to see it again so make sure to record it somewhere
+![Generate app password](images/app_password.png)
+
+# Installing
+Run the following command to install
+```shell
+curl -fsSL https://raw.githubusercontent.com/TheGreatRambler/SimpleMailserver/main/install.sh | sudo -E bash -
+```
+The installation script will ask for some values:
+* Domain name: Domain name used in the email, also required to configure SSL
+* Mail subdomain: Subdomain where actual mailserver will be hosted, it is good practice to not put the mailserver at root
+* Admin user: User where administrator mail like webmaster,postmaster etc will be sent
+* Certbot email: Email where certbot, SSL, updates will be sent
+* Gmail email: Email required to authenticate with the Gmail relay
+* App password: Google app password under previous gmail that identifies this server to Google
+
+# After installation
+Your new mailserver is most useful when paired with a email client supporting SMTPS and POP3. Gmail has been tested to work but other clients likely work
+1. Open `See all settings` on Gmail and navigate to `Accounts and import`
+![Gmail account settings](images/settings.png)
+2. Click `Add another email address` and fill out the forms.
+Uncheck `Treat as an alias`
+![Add email settings](images/add_email.png)
+3. Configure using the desired user on the mailserver, like the admin user you entered earlier
+![Enter mailserver](images/send_mail.png)
+4. SSH into your mailserver
+Check the mail using `runuser -l user -c 'mail'` with the user you entered. Enter the number of the most recent email from `Gmail Team` and search for `Confirmation code: XXXXXXXXX` in the body of the email. Copy that code and enter it into the dialog on the Gmail client. Exit `mail` by pressing q twice and pressing Enter.
+5. Disable `Always reply from default address`
+![Disable default address](images/default_address.png)
+6. Click `Check mail from other accounts` and enter your custom email
+![Enter email for check mail](images/check_mail.png)
+7. Enable `Import emails from my other account (POP3)`
+8. Fill out the form, making special care to use port 995
+![Import email for check mail](images/import_email.png)
+9. You can now send email under your custom email
+![Send mail under custom email](images/send_message.png)
+
+# Uninstalling
+Run the following command to uninstall
+```shell
+curl -fsSL https://raw.githubusercontent.com/TheGreatRambler/SimpleMailserver/main/uninstall.sh | sudo -E bash -
+```

install.sh

@@ -70,11 +70,12 @@ ln -s /snap/bin/certbot /usr/bin/certbot > /dev/null
 
 # Create certificate
 echo "----- Creating SSL certificate -----"
-#sudo certbot certonly --standalone --non-interactive --domains $MAIL_SUBDOMAIN --agree-tos -m $CERTBOT_EMAIL > /dev/null
-#if [[ $? -ne 0 ]]; then
-#	echo "Certbot failed, check that you have AAAA records for ${MAIL_SUBDOMAIN}"
-#	exit 1
-#fi
+sudo certbot certonly --standalone --non-interactive \
+	--domains $MAIL_SUBDOMAIN --agree-tos -m $CERTBOT_EMAIL > /dev/null
+if [[ $? -ne 0 ]]; then
+	echo "Certbot failed, check that you have AAAA records for ${MAIL_SUBDOMAIN}"
+	exit 1
+fi
 
 # Install postfix
 echo "----- Installing postfix -----"
@@ -337,16 +338,16 @@ ssl_key = </etc/letsencrypt/live/$MAIL_SUBDOMAIN/privkey.pem
 "
 echo "$DOVECOT_CONF_CONTENTS" > /etc/dovecot/dovecot.conf
 
-# Verify hostname is set correctly, can conflict with mail
+# Verify hostname is set correctly, can default to localhost otherwise, breaking mail
 hostnamectl set-hostname $DOMAIN_NAME
 
 # Open firewall
 echo "----- Opening firewall -----"
 ufw allow Postfix > /dev/null
+ufw allow "Postfix SMTPS" > /dev/null
+ufw allow "Postfix Submission" > /dev/null
 ufw allow "Dovecot IMAP" > /dev/null
 ufw allow "Dovecot Secure IMAP" > /dev/null
-ufw allow 465/tcp > /dev/null # SMTPS
-ufw allow 995/tcp > /dev/null # POP3
 
 # Start services
 echo "----- Starting services -----"

uninstall.sh

@@ -36,20 +36,12 @@ systemctl stop dovecot > /dev/null
 apt-get purge postfix libsasl2-modules -y > /dev/null
 apt-get purge dovecot-core dovecot-imapd dovecot-pop3d > /dev/null
 
-# Delete configuration files
-echo "----- Delete configuration files -----"
-rm /etc/postfix/master.cf
-rm /etc/postfix/main.cf
-rm /etc/postfix/sasl/sasl_passwd
-rm /etc/postfix/sasl/sasl_passwd.db
-rm /etc/dovecot/dovecot.conf
-
 # Revert certain configs, certbot and UFW are common enough that the user
 #     may have had them before running install.sh
 echo "----- Revert certbot/UFW config -----"
 sudo certbot delete --cert-name $MAIL_SUBDOMAIN > /dev/null
 ufw deny Postfix > /dev/null
+ufw deny "Postfix SMTPS" > /dev/null
+ufw deny "Postfix Submission" > /dev/null
 ufw deny "Dovecot IMAP" > /dev/null
-ufw deny "Dovecot Secure IMAP" > /dev/null
-ufw deny 465/tcp > /dev/null # SMTPS
-ufw deny 995/tcp > /dev/null # POP3
+ufw deny "Dovecot Secure IMAP" > /dev/null