Strategy Review: Migrating 12 Domains and 50+ Email Accounts to YunoHost via imapsync

Discuss

Hi everyone,

I am planning to migrate my current email infrastructure from a shared hosting provider to a dedicated VPS running YunoHost. I would appreciate some feedback on my proposed workflow to ensure a seamless transition with zero data loss and minimal downtime.

Project Scope:
Source: Shared Hoster (IMAP/SMTP)

Target: VPS with YunoHost

Volume: 12 Domains and approximately 50 individual email accounts.

My Proposed “Zero-Downtime” Workflow:
Pre-Provisioning: I intend to add all 12 domains to the YunoHost web admin and create all 50 user accounts/mailboxes before changing any DNS settings.

Initial Migration (The “Big Bulk”): While the MX records still point to the old provider, I plan to run imapsync for every account. Since the domains won’t resolve to the new VPS yet, I plan to point the imapsync target to the VPS IP address directly (or use a local /etc/hosts override).

DNS Cutover: Once the bulk of the data (years of history) is synced, I will update the DNS settings (A, MX, SPF, DKIM, and DMARC records) to point to the YunoHost VPS.

Final Delta Sync: After the DNS propagation is complete, I will run a final imapsync pass to catch the “residual” emails that arrived at the old host during the TTL handover period.

Technical Questions & Concerns:
DNS Validation in YunoHost: Does YunoHost allow the creation of domains and mail accounts if the DNS records do not yet point to the server? I want to avoid “Domain not verified” errors blocking the account creation process.

SSL/TLS Certificates: Since Let’s Encrypt requires a valid DNS challenge, I won’t have “real” certificates on the VPS during the initial sync. Will imapsync handle self-signed or missing certificates gracefully (e.g., via --noverify-ssl-host), or is there a better way to handle this?

Internal Mail Routing: If I move Domain A on Monday and Domain B on Tuesday, will YunoHost’s internal Postfix configuration cause issues if a user from Domain A tries to mail a user on Domain B (which is created on the server but not yet “live” via DNS)?

Tooling & Scaling: For 50 accounts, is imapsync still the gold standard, or are there specific YunoHost apps or scripts that might handle a “batch migration” more efficiently?

Pitfalls: Are there any known issues regarding YunoHost’s default mailbox quotas or spam filter (Rspamd) learning phases that I should be aware of during a mass import?

I’m looking forward to your insights and experience. If anyone has performed a multi-domain migration of this scale to YunoHost before, I’d love to hear your “lessons learned.”

Thanks in advance!

Hello,

I recently had more of less the same process, albeit on a much smaller scale (~10 users on a single domain.

What I did is very similar to what you plan to do, except I first install yunohost on a dedicated temporary subdomain (temp.mydomain.org) which allowed me to have all certificates, apps and diagnosis to be ok.

I then sync the emails using imapsync (my domain=>temp.mydomain).

I then rerun it so that the mails received during the sync (which lasted a few hours) were also synched.

Then, I changed the DNS records and used a script to switch the YunoHost main domain and change user aliases to the final domain.

I had only one issue as I was changing the DNS servers from office365 () to OVH’s and the TTL was 24h, but if you don’t need to change them, it should be ok.

I would recommend to migrate only one domain at a time though, as it took some minutes to have all the changes and certificates ready.

In your process, I’m not sure the “final sync” would work, as imaps6nc will not be able to access the source mailbox on which no MX records will be directed

That’s my 2 cents, good luck!

Yes

This looks OK but I recommend to inform all users of the migration before proceeding and recommend them to make local backups of their mail boxes using thunderbird for ex

Regarding your questions:

DNS Validation in YunoHost: Does YunoHost allow the creation of domains and mail accounts if the DNS records do not yet point to the server?

Yes, but I’m not sure imapsync does

SSL/TLS Certificates

My technic avoid this problem

Internal Mail Routing: If I move Domain A on Monday and Domain B on Tuesday, will YunoHost’s internal Postfix configuration cause issues if a user from Domain A tries to mail a user on Domain B (which is created on the server but not yet “live” via DNS)?

Same

Tooling & Scaling: For 50 accounts, is imapsync still the gold standard

Yes, it is

If you need a GUI alternative to Imapsync, be sure to check out SysTools IMAP Migration Tool. It does everything Imapsync can without dealing with scripts.