SSL Part 2: Configure hMailServer - Uniform Server Wiki System

http://wiki.uniformserver.com/index.php/SSL_Part_2:_Configure_hMailServer[9/26/2010 11:24:03 PM]

SSL Part 2: Home | Lock Down | No IP | hMailServer | Config hMailServer |PHP mail function | Generate CSR | CAcert | CAcert Signing Process

Contents[hide]1 hMailServer Configuration

2 Mail Client

3 Testing

4 Summary

Configuring hMailServerSigned Certificate ProjectUniform Server 3.5-Apollo

The sole purpose of running this mail server is to obtain a signed certificate from CAcert. All they expect isa mail server running under your domain hence there is nothing special in the configuration.

The configuration steps below show how to set up hMailServer. Topics covered, how to add a domain anduser account, alias creation, how to set the server host name. The server is pre-configured to preventSMTP open relay and has correct settings for RFC however it is still worth checking these.

Note: SMTP can be problematic not that its difficult to set-up, invariably problems are associated withyour service provider hence be prepared for some experimentation.

hMailServer Configuration

1) Login toAdministrator

Start administrator:

Start > All programs >hMailServer >hMailServerAdministrator

Click Connect a pop-upwill display enter youradmin password.

2) Add domain

For a new installationyou are taken to theWelcome page.

Click Add domain

Note: If you need to addadditional domains thefirst port of call iswelcome.

3) Enter domain andcatch all address

Enter your domain

SSL Part 2: Configure hMailServer - Uniform Server Wiki System

http://wiki.uniformserver.com/index.php/SSL_Part_2:_Configure_hMailServer[9/26/2010 11:24:03 PM]

name and a catch allemail address.

Any mail sent to yourdomain not having amatching POP account oralias are redirected tothis catch all address.

“postmaster” is astandard hence I amusingpostmaster@mpg123.no-ip.org

Click Save

4) Adding emailAccounts

Every user requires anaccount name (emailaddress) and password.This includes the catchallemail address. Set thisaccount by enteringname postmaster in theAccount address fieldand provide a password.

Click Save

Note: The above username (full emailaddress) and passwordare required when youset-up your email client(such as OutlookExpress).

5) Adding additionalAccounts

To add more accountsclick on a domainname (only one shownhowever you can haveas many domains as youlike supporting yourvirtual hosts in Apache)in the left window.

This opens a pagedisplaying the domaindetails, bottom of thispage are three buttonsallowing you to addaccounts, aliases anddistribution list.

SSL Part 2: Configure hMailServer - Uniform Server Wiki System

http://wiki.uniformserver.com/index.php/SSL_Part_2:_Configure_hMailServer[9/26/2010 11:24:03 PM]

In the next step we aregoing to add an aliashence:

Click the Add aliasbutton

6) Adding an Alias

An alias is effectively anonexistent account, anyemail sent to an alias isredirected to a realaccount.

I have set-up an aliasfor admin@mpg123.no-ip.org and redirected ittopostmaster@mpg123.no-ip.org. Remember toclick save.

Note: Postmaster@ isrequired by RFC 2821 .An address is requiredfor each domain's SMTPhost accepting mail.

Abuse@ is "required" byRFC 2142 this is a de-facto standard.

(Add separate accountsor an alias for each ofthese addresses)

7) Select Protocols

There are three emailservices provided byhMail, you require SMPTand POP3 to send andreceive emails. If youwish to support

SSL Part 2: Configure hMailServer - Uniform Server Wiki System

http://wiki.uniformserver.com/index.php/SSL_Part_2:_Configure_hMailServer[9/26/2010 11:24:03 PM]

webmail make sure toenable IMAP.

By default all threeservices are enabled,check by expanding thesettings menu tree onthe left, click Protocols,all three protocols aredisplayed on the right.

I am not using IMAPhence it's not checked.

8) SMTP

Display the SMTPsettings page by clickingon SMPT underprotocols.

A) Host name:Required always set ahost name.B) SMTP Relayer:Leave blankC) Server requiresauthentication: Leaveun-checked

If you do not set a Hostname some emailservers will either notaccept your email ormark it as spam.

The name you enter isthe full host name youspecified in your MXrecords for examplemail.mpg123.no-ip.org

Note 1: Free accounts atDynDNS and No-ip donot allow you to set aspecific MX record.

Email servers thatcannot find an MX recorddefault to using thedomain name andattempt delivery to it(standard operation).

Hence if for any reasonyou cannot set an MX

SSL Part 2: Configure hMailServer - Uniform Server Wiki System

http://wiki.uniformserver.com/index.php/SSL_Part_2:_Configure_hMailServer[9/26/2010 11:24:03 PM]

record for your domainmake sure you set “Hostname” to your domainname. I am usingmpg123.no-ip.org forthat very reason.

Testing: At the end ofthis configuration pageyou will find a testsection that assumesyou have set A) only.

Note 1: A large numberof mail servers black listmail servers runningfrom a dynamic IPaddresses hence thereason I specified myISP as an SMTP Relayer.

Note 2: If your mailserver is connected to astatic IP address andyour domain has correctMX records there shouldbe no reason for settingB) and C)!

9) SMPT RFC Check

It’s worth checking thedefault settings for RFCcompliance.

While on the aboveSMTP page click the RFCCompliance tab. Thetwo-default settingsAllow empty senderaddress and Allow

SSL Part 2: Configure hMailServer - Uniform Server Wiki System

http://wiki.uniformserver.com/index.php/SSL_Part_2:_Configure_hMailServer[9/26/2010 11:24:03 PM]

incorrectly formattedline endings should beadequate for mostpurposes.

10) Internet IP ranges

From the left menuexpand the Advancedand IP Ranges tree.

Click on Internet

The default settings onthis page are suitable formost applications.

Important:

At the bottom of thispage make sureExternal to externalaccounts box isunchecked.

This prevents your mailserver being an openrelay (prevents spamand other undesirablematerial being relayedthrough your mailserver).

11) Start and Stop

From the left menuwindow click on Statusthis displays the serverstatus page.

Click the Server tab,from here you can startand stop the server.

Note: Certain settingsrequire a server restartbefore they becomeeffective.

SSL Part 2: Configure hMailServer - Uniform Server Wiki System

http://wiki.uniformserver.com/index.php/SSL_Part_2:_Configure_hMailServer[9/26/2010 11:24:03 PM]

Top

Mail Client

That completes the hMailServer configuration, to test this configuration at least one account must be set inyour mail client. The following are the settings for Outlook Express

12) Set-up Wizard

Using the set-up wizard:

1. Start Outlook Express

2. Select Tools > Accounts, SelectMail Tab and click Add

3. Display Name: Postmaster clicknext

4. Email address:postmaster@mpg123.no-ip.orgclick next

5. E-mail Server Names:

1. Incoming mail (POP3) server:localhost

2. Outgoing mail (SMPT) server:localhost

3. Click next

6. Internet Mail Logon:

1. Account name:postmaster@mpg123.no-ip.org

2. Password: test123 (use yourown)

3. Remember password: Checkbox

4. Logon using (SPA): Leave un-checked

5. Click next

7. Finished

13) General and Servers Tabs

If you are using Outlook Express view thePostmaster prosperities account. Click thegeneral and servers tab correspondingproperties are shown on the right.

All mail clients are slightly different toset-up however they all require basicinformation as shown above. In particularserver POP and SMPT address is

SSL Part 2: Configure hMailServer - Uniform Server Wiki System

http://wiki.uniformserver.com/index.php/SSL_Part_2:_Configure_hMailServer[9/26/2010 11:24:03 PM]

localhost user name is the full emailaddress you set.

Note: In section 8) you may need toenter your service providers SMTP serverdetails into the SMTP relayer address box(B).

To obtain this information view theproperties of the account that younormally connect with. Click the Serverstab and copy details in Outgoing mail(SMTP) box.

Top

Testing

Internal routing test:

In your email client send an email to admin, remember this is an alias and will be forward to thepostmaster:

1. From: postmaster@mpg123.no-ip.org2. To: admin@mpg123.no-ip.org3. Subject: Test 14. Message: Test 1 Basic test server test

In Outlook express select Tools > Send and Receive > Receive all or use whatever method your clientrequires to retrieve email.

Your inbox will display a message from “Postmaster”; this confirms hMailServer is working (and you havean excellent test server). If for some reason it fails check the above configuration steps.

Running hMailServer on a local machine you should have no problem with this test; recheck settings and ifthe problem persists it may require a trip to hMailServer site and forum to resolve the issue.

14) External Access:

If you are working behind a router make sureto forward ports 25 and 110 (need help visitPort Forward )

Check your mail server is on-line by visitingmxtoolbox .

In the SMTP Diagnostics box enter yourmail server's full host name for examplemail.mpg123.no-ip.org alternatively if youare using free services such as DynDNS orNo-IP enter your domain name (e.g.mpg123.no-ip.org).

SSL Part 2: Configure hMailServer - Uniform Server Wiki System

http://wiki.uniformserver.com/index.php/SSL_Part_2:_Configure_hMailServer[9/26/2010 11:24:03 PM]

Expected results, four green lights as shownon the right. Note the open relay test.

Outgoing Email test:

Using your email client send an email from postmaster to a friend or other address, make sure their emailaddress is not hosted by your ISP.

1. From: postmaster@mpg123.no-ip.org2. To: freind@some_other_ip.com3. Subject: Test 24. Message: Test 2 round trip test, please reply to this email

If you receive an error message similar to this:

The following recipient(s) could not be reached:friend@some_other_ip.comError Type: SMTPRemote server (999.99.999.999) issued an error.hMailServer sent: RCPT TO:<friend@some_other_ip.com>Remote server replied: 554 EMail from mailserver at 99.99.99.999 is refused. Seehttp://spamblock.something.com/88.888.88.888

The above error is because dynamic IP's are listed in spam databases and blocked accordingly. Thesolution is to reroute all outgoing mail through your ISP's mail server.

See note in section 13) pick-up your ISP's SMTP server details and insert it into the SMTP relayer addressbox (B) section 8).

Repeat the above test, your email will not be bounced expect a reply from your friend.

That completes testing, you now have a working email server. Add additional accounts as required andchange settings to meet you own requirments.

Summary

You now have a fully operational e-mail server this will allow you to verify your domain at CAcert andobtain a signed certificate.

If you host several domains using Apache’s virtual host you can map these into hMailServer and providemail facilities.

The next page looks at PHP’s mail function its a small digression from the main theme hence can beskipped.

Top

Ric

Categories: UniCenter | Support | Installation | Application | Development