AgentSkillsCN

mox-email-server

Mox 邮件服务器的安装、配置与管理。当您遇到以下场景时,可优先选用此技能: (1) 在 VPS 上搭建 Mox 邮件服务器; (2) 配置邮件相关的 DNS 记录(MX、SPF、DKIM、DMARC、MTA-STS); (3) 将 Mox 与 Caddy 反向代理及 Docker 集成; (4) 管理邮箱账户、域名与别名; (5) 排查邮件投递、TLS 或连接性问题; (6) 将 Caddy 中的 TLS 证书同步至 Mox。

SKILL.md
--- frontmatter
name: mox-email-server
description: |
  Mox email server installation, configuration, and administration. Use when:
  (1) Setting up Mox mail server on a VPS
  (2) Configuring DNS records for email (MX, SPF, DKIM, DMARC, MTA-STS)
  (3) Integrating Mox with Caddy reverse proxy and Docker
  (4) Managing email accounts, domains, and aliases
  (5) Troubleshooting email delivery, TLS, or connectivity issues
  (6) Syncing TLS certificates from Caddy to Mox

Mox Email Server

Mox is a modern, self-hosted email server written in Go. This skill covers installation, Caddy integration, and administration.

Quick Reference

TaskCommand/Location
Start/stop servicesystemctl start/stop/restart mox
View logsjournalctl -u mox -f
Test configsudo -u mox /home/mox/mox config test
List accountssudo -u mox /home/mox/mox config account list
Add accountsudo -u mox /home/mox/mox config account add user@domain.com
Set passwordsudo -u mox /home/mox/mox setaccountpassword user@domain.com
Admin UIhttps://mail.domain.com/admin/
Webmailhttps://mail.domain.com/webmail/

Installation Workflow

  1. DNS Setup - Configure A, MX, SPF, DMARC records

  2. Install Mox - Download binary, run quickstart

  3. Configure for Docker - Add Docker bridge IPs, set up listeners

  4. Caddy Integration - Reverse proxy, certificate sync

  5. Create Accounts - Admin UI or CLI

Architecture: Caddy + Mox

code
Internet → Caddy (Docker, ports 80/443) → Mox (Host, port 8080) [Web UI]
Internet → Mox (Host, ports 25/465/587/993) [SMTP/IMAP]

Caddy handles:

  • TLS certificates via ACME
  • Reverse proxy for web interfaces (admin, webmail, autoconfig, MTA-STS)

Mox handles:

  • SMTP (25), SMTPS (465), Submission (587), IMAPS (993)
  • Web interfaces on port 8080

Certificate sync: Caddy obtains certs → systemd timer copies to Mox → Mox uses for SMTP/IMAP TLS.

Critical Configuration Points

Docker Bridge IPs in mox.conf

Mox internal listener must include Docker bridge IPs for Caddy to reach it:

sconf
internal:
    IPs:
        - 127.0.0.1
        - ::1
        - 172.17.0.1
        - 172.18.0.1
        - 172.19.0.1
        - 172.20.0.1
        - 172.21.0.1
        - 172.22.0.1
    Hostname: localhost

Caddyfile Admin Path

Admin interface requires Host header rewrite:

caddyfile
handle /admin/* {
    reverse_proxy host.docker.internal:8080 {
        header_up Host localhost
    }
}

UFW Firewall Rule

Allow Docker-to-host communication:

bash
sudo ufw allow from 172.16.0.0/12 to any port 8080 comment 'Docker to mox'

Reference Files

FileWhen to Read
dns-records.mdSetting up DNS for new domain
mox-config.mdEditing mox.conf, understanding sconf format
caddy-integration.mdSetting up reverse proxy, certificate sync
administration.mdManaging accounts, domains, backups
troubleshooting.mdDiagnosing issues with connectivity, TLS, delivery

Health Check

Run the included health check script:

bash
sudo scripts/mox-health-check.sh [PUBLIC_IP]

Checks: service status, port connectivity, certificate validity, configuration, recent errors.