Installation guide

OVA & Server Setup Guide

Start by importing the mail-archiver.ova into your virtualization software, then power on the VM and follow the server configuration steps to set network, DNS, domain, and Docker build settings. Finally, configure journaling in your mail platform to forward copies of all emails to the archiver.

Get License & Download OVA Start Setup Steps
1

Open Your Virtualization Software

Launch your virtualization software (e.g. VMware Workstation 16 Pro). You will see the home screen with options to create, open, or connect to virtual machines.

VMware Workstation 16 Pro home screen
2

Open Virtual Machine & Select the OVA File

Click Open a Virtual Machine on the home screen. In the file browser that appears, navigate to the location where you saved the OVA, select mail-archiver.ova (or mail-archiver.ovf), and click Open.

File browser with mail-archiver.ovf selected
3

Assign a VM Name & Import

The Import Virtual Machine dialog will appear. Enter a name for the virtual machine — for example, mail-archiver — leave the storage path as the default or choose a preferred location, then click Import to begin the import process.

Import Virtual Machine dialog with mail-archiver name entered
4

Power On Your VM

Once the import completes, your VM will appear in the library on the left. Select it and click Power On (or press the play button) to start the virtual machine. The server setup wizard will launch on the first boot.

5

Choose DHCP or Static IP

On the Network Setup screen, select how this server should receive its network settings. Choose DHCP if your router or DHCP server will assign the address automatically. Choose Static if the archiver server must always use a fixed IP address.

DHCP

Select DHCP when the network can automatically provide the IP address, subnet, and gateway.

Static IP

Select Static IP when you already know the server IP address, subnet/CIDR, gateway, and DNS values.

Starting Page
DHCP 2

Enter Primary DNS

Enter the primary DNS server that the archiver should use for domain lookups. The screen suggests 8.8.8.8 as an example; replace it with your preferred internal or public DNS server if needed, then select OK.

Primary DNS
DHCP 3

Enter Secondary DNS Optional

Enter a secondary DNS server if you have one. This field is optional, so you can leave it blank if the primary DNS server is enough, then select OK.

Secondary DNS
Static 2

Enter IP Address

For Static IP setup, enter the fixed address for this archiver server in CIDR format. Use the format 192.168.x.x/24, replacing the x values with the correct network address for your environment.

STATIC_IP=192.168.x.x/24
Static IP address
Static 3

Enter Gateway

Enter the default gateway for the server network. This is usually the router or firewall address on the same subnet as the static IP.

GATEWAY=192.168.x.1
Static gateway
Static 4

Enter Primary DNS

Enter the primary DNS server for the static network configuration. Use an internal DNS server if your domains resolve internally, or a public resolver if that is appropriate for your deployment.

Static primary DNS
Static 5

Enter Secondary DNS Optional

Enter a secondary DNS server if available. This value is optional and can be left blank when there is no backup DNS server.

Static secondary DNS
DHCP 4
Static 6

Enter Primary Domain

Enter the primary domain for the archiver server itself. This should be the server domain name users or services will use to reach the email archiver.

SERVER_DOMAIN=squadsystems.com
Primary Domain
DHCP 5
Static 7

Enter Email Archive Domain

Enter the email domain that will be archived. This is the customer or organization domain whose mail flow should be handled by the archiver.

ARCHIVE_DOMAIN=squadsystems.in
Email Archive Domain
DHCP 6
Static 8

Check Configuration and Apply

Review the configuration summary carefully. Confirm the interface, selected network mode, primary domain, archive domain, DNS values, and any static IP details. Select Yes only when the values are correct.

Check Configuration and Apply
DHCP 7
Static 9

Setup Complete

The completion screen confirms that the setup has been applied and that the required services are running. Verify that Docker and Postfix show as running, then select OK to continue.

Setup Complete
DHCP 8
Static 10

Login or Reboot Server

After setup completes, choose Login to continue directly into the server console, or choose Reboot if you want the server to restart before the final command-line steps.

Login or Reboot Server
DHCP 9
Static 11

Login with Username archiver

At the console login prompt, sign in with the default archiver user. Type the username exactly as shown below and press Enter.

USERNAME=archiver
Login with Username archiver
DHCP 10
Static 12

Enter Password

When the password prompt appears, enter the default password for the archiver user. The password characters may not appear on screen while typing.

PASSWORD=archiver@7011
Enter Password
DHCP 11
Static 13

Switch to Root User

After logging in, switch to the root user so the deployment commands have the permissions required to build and start the archiver services.

sudo su
Switch to root user
DHCP 12
Static 14

Download & Edit the .env File

Download the pre-configured .env template below, transfer it to the Squad-archiver directory on the server, then edit only the values marked in red before starting Docker.

Save this file as .env (no extension) inside ~/Squad-archiver/ on the server.

nano .env in terminal
① Place the file on the server Copy the downloaded .env file into the Squad-archiver directory: cd Squad-archiver nano .env
② Set your server hostname (required) Change SERVER_HOSTNAME to the domain running on this server — this must match the domain you configured in the setup wizard. SERVER_HOSTNAME=your-domain.example.com
③ Change database credentials (recommended) Replace the default MYSQL_ROOT_PASSWORD, DB_USER, and DB_PASS with strong, unique values before first boot.
④ Set storage path (optional) Leave STORAGE_PATH blank to use the default local Docker volume, or set it to an NFS share, USB drive, or local folder path. # NFS example: STORAGE_PATH=/mnt/nas/archiver # USB example: STORAGE_PATH=/mnt/usb/squadsystems
All other values (FLASK_SECRET, ENCRYPTION_KEY, performance tuning) are pre-filled with safe defaults and do not need to be changed for a standard deployment.
DHCP 13
Static 15

Build the Archiver with Docker

After saving the .env file, run the Docker compose build command to build and start the archiver application services.

docker compose up -d --build
Build the Archiver with Docker
DHCP 14
Static 16

Open PhylaxVault

No other .env values need to be changed. The remaining security keys and internal settings are automatically generated when the container starts.

Open the domain name configured on the server in your browser. The archiver will start automatically from that domain.
Default admin username: admin Default admin password: Admin123! You can change these credentials later from the admin panel.
Journal

Set Up Email Journaling

Configure your mail platform to send a copy (journal) of every email to the archiver. The archiver receives these copies via SMTP on port 25. Choose the option that matches your email platform:

DNS MX Record Required The domain running on the archiver server must have an MX record in DNS pointing to the server's public hostname or IP address. Without this record, your mail platform will not be able to deliver journal copies to the archiver.
① Option A — Microsoft 365 (MS365)
  1. Log in to the Microsoft Purview Compliance Portal.
  2. Go to Data Lifecycle Management → Exchange (legacy).
  3. Select Journal Rules and click + New rule.
  4. Set Send journal reports to as the archiver address, e.g.:
    journal@<SERVER_DOMAIN>
  5. Set Journal what to All messages and click Save.
  6. Also send a journal report to: ext-journal@squadsystems.com
  7. Now go to Archiver → First run → Archiver policy and select how you want inboxes handled.
② Option B — Google Workspace
  1. Log in to Google Admin Console (admin.google.com).
  2. Go to Apps → Google Workspace → Configure (or Gmail) → Routing.
  3. Scroll down to Add Another Rule and click Add Archiver Route.
  4. Name the route, e.g. Squad Archiver, and select Inbound, Outbound, Internal sending for journal traffic.
  5. Check the box “Also deliver to” and enter:
    journal@<SERVER_DOMAIN>
  6. Under Change Route, click Add & Move Attributes, select Archiver’s Host, and check the box for Require Secure Transport (TLS).
  7. Under Change source route, select Advanced and move it to Attributes.
  8. Check the box for Require Secure Transport (TLS) (key post).
Once journaling is active, all inbound, outbound, and internal emails are automatically forwarded to the archiver and stored in PhylaxVault.
© 2026 PhylaxVault. ISO setup guide for Squad Archiver deployments.