SSL Part 2: Configure hMailServer

From The Uniform Server Wiki
Jump to navigation Jump to search

MPG UniCenter

SSL Part 2: Home | Lock Down | No IP | hMailServer | Config hMailServer | PHP mail function | Generate CSR | CAcert | CAcert Signing Process

Configuring hMailServer
Signed Certificate Project
Uniform Server 3.5-Apollo

The sole purpose of running this mail server is to obtain a signed certificate from CAcert. All they expect is a mail server running under your domain hence there is nothing special in the configuration.

The configuration steps below show how to set up hMailServer. Topics covered, how to add a domain and user account, alias creation, how to set the server host name. The server is pre-configured to prevent SMTP open relay and has correct settings for RFC however it is still worth checking these.

Note: SMTP can be problematic not that its difficult to set-up, invariably problems are associated with your service provider hence be prepared for some experimentation.

hMailServer Configuration

1) Login to Administrator

Start administrator:

Start > All programs > hMailServer > hMailServer Administrator

Click Connect a pop-up will display enter your admin password.

Uc hms install 9.gif

2) Add domain

For a new installation you are taken to the Welcome page.

Click Add domain

Note: If you need to add additional domains the first port of call is welcome.

Uc hms config 1.gif

3) Enter domain and catch all address

Enter your domain name and a catch all email address.

Any mail sent to your domain not having a matching POP account or alias are redirected to this catch all address.

postmaster” is a standard hence I am using postmaster@mpg123.no-ip.org

Click Save

Uc hms config 2.gif

4) Adding email Accounts

Every user requires an account name (email address) and password. This includes the catchall email address. Set this account by entering name postmaster in the Account address field and provide a password.

Click Save

Note: The above user name (full email address) and password are required when you set-up your email client (such as Outlook Express).

Uc hms config 3.gif

5) Adding additional Accounts

To add more accounts click on a domain name (only one shown however you can have as many domains as you like supporting your virtual hosts in Apache) in the left window.

This opens a page displaying the domain details, bottom of this page are three buttons allowing you to add accounts, aliases and distribution list.

In the next step we are going to add an alias hence:

Click the Add alias button

Uc hms config 4a.gif

6) Adding an Alias

An alias is effectively a nonexistent account, any email sent to an alias is redirected to a real account.

I have set-up an alias for admin@mpg123.no-ip.org and redirected it to postmaster@mpg123.no-ip.org. Remember to click save.

Note: Postmaster@ is required by RFC 2821. An address is required for each domain's SMTP host accepting mail.

Abuse@ is "required" by RFC 2142 this is a de-facto standard.

(Add separate accounts or an alias for each of these addresses)

Uc hms config 4.gif

7) Select Protocols

There are three email services provided by hMail, you require SMPT and POP3 to send and receive emails. If you wish to support webmail make sure to enable IMAP.

By default all three services are enabled, check by expanding the settings menu tree on the left, click Protocols, all three protocols are displayed on the right.

I am not using IMAP hence it's not checked.

Uc hms config 5.gif

8) SMTP

Display the SMTP settings page by clicking on SMPT under protocols.

A) Host name: Required always set a host name.
B) SMTP Relayer: Leave blank
C) Server requires authentication: Leave un-checked

If you do not set a Host name some email servers will either not accept your email or mark it as spam.

The name you enter is the full host name you specified in your MX records for example mail.mpg123.no-ip.org

Note 1: Free accounts at DynDNS and No-ip do not allow you to set a specific MX record.

Email servers that cannot find an MX record default to using the domain name and attempt delivery to it (standard operation).

Hence if for any reason you cannot set an MX record for your domain make sure you set “Host name” to your domain name. I am using mpg123.no-ip.org for that very reason.

Testing: At the end of this configuration page you will find a test section that assumes you have set A) only.

Note 1: A large number of mail servers black list mail servers running from a dynamic IP addresses hence the reason I specified my ISP as an SMTP Relayer.

Note 2: If your mail server is connected to a static IP address and your domain has correct MX records there should be no reason for setting B) and C)!

Uc hms config 6.gif

9) SMPT RFC Check

It’s worth checking the default settings for RFC compliance.

While on the above SMTP page click the RFC Compliance tab. The two-default settings Allow empty sender address and Allow incorrectly formatted line endings should be adequate for most purposes.

Uc hms config 7.gif

10) Internet IP ranges

From the left menu expand the Advanced and IP Ranges tree.

Click on Internet

The default settings on this page are suitable for most applications.

Important:

At the bottom of this page make sure External to external accounts box is unchecked.

This prevents your mail server being an open relay (prevents spam and other undesirable material being relayed through your mail server).

Uc hms config 8.gif

11) Start and Stop

From the left menu window click on Status this displays the server status page.

Click the Server tab, from here you can start and stop the server.

Note: Certain settings require a server restart before they become effective.

Uc hms config 9.gif

Top

Mail Client

That completes the hMailServer configuration, to test this configuration at least one account must be set in your mail client. The following are the settings for Outlook Express

12) Set-up Wizard

Using the set-up wizard:

  1. Start Outlook Express
  2. Select Tools > Accounts, Select Mail Tab and click Add
  3. Display Name: Postmaster click next
  4. Email address: postmaster@mpg123.no-ip.org click next
  5. E-mail Server Names:
  1. Incoming mail (POP3) server: localhost
  2. Outgoing mail (SMPT) server: localhost
  3. Click next
  1. Internet Mail Logon:
  1. Account name: postmaster@mpg123.no-ip.org
  2. Password: test123 (use your own)
  3. Remember password: Check box
  4. Logon using (SPA): Leave un-checked
  5. Click next
  1. Finished

Uc hms config 10.gif

13) General and Servers Tabs

If you are using Outlook Express view the Postmaster prosperities account. Click the general and servers tab corresponding properties are shown on the right.

All mail clients are slightly different to set-up however they all require basic information as shown above. In particular server POP and SMPT address is localhost user name is the full email address you set.

Note: In section 8) you may need to enter your service providers SMTP server details into the SMTP relayer address box (B).

To obtain this information view the properties of the account that you normally connect with. Click the Servers tab and copy details in Outgoing mail (SMTP) box.

Uc hms config 11.gif

Top

Testing

Internal routing test:

In your email client send an email to admin, remember this is an alias and will be forward to the postmaster:

  1. From: postmaster@mpg123.no-ip.org
  2. To: admin@mpg123.no-ip.org
  3. Subject: Test 1
  4. Message: Test 1 Basic test server test

In Outlook express select Tools > Send and Receive > Receive all or use whatever method your client requires to retrieve email.

Your inbox will display a message from “Postmaster”; this confirms hMailServer is working (and you have an excellent test server). If for some reason it fails check the above configuration steps.

Running hMailServer on a local machine you should have no problem with this test; recheck settings and if the problem persists it may require a trip to hMailServer site and forum to resolve the issue.


14) External Access:

If you are working behind a router make sure to forward ports 25 and 110 (need help visit Port Forward)

Check your mail server is on-line by visiting mxtoolbox.

In the SMTP Diagnostics box enter your mail server's full host name for example mail.mpg123.no-ip.org alternatively if you are using free services such as DynDNS or No-IP enter your domain name (e.g. mpg123.no-ip.org).

Expected results, four green lights as shown on the right. Note the open relay test.

Uc hms mxtoolbox result.gif


Outgoing Email test:

Using your email client send an email from postmaster to a friend or other address, make sure their email address is not hosted by your ISP.

  1. From: postmaster@mpg123.no-ip.org
  2. To: freind@some_other_ip.com
  3. Subject: Test 2
  4. Message: Test 2 round trip test, please reply to this email

If you receive an error message similar to this:

  • The following recipient(s) could not be reached:
  • friend@some_other_ip.com
  • Error Type: SMTP
  • Remote server (999.99.999.999) issued an error.
  • hMailServer sent: RCPT TO:<friend@some_other_ip.com>
  • Remote server replied: 554 EMail from mailserver at 99.99.99.999 is refused. See http://spamblock.something.com/88.888.88.888

The above error is because dynamic IP's are listed in spam databases and blocked accordingly. The solution is to reroute all outgoing mail through your ISP's mail server.

See note in section 13) pick-up your ISP's SMTP server details and insert it into the SMTP relayer address box (B) section 8).

Repeat the above test, your email will not be bounced expect a reply from your friend.

That completes testing, you now have a working email server. Add additional accounts as required and change settings to meet you own requirments.

Summary

You now have a fully operational e-mail server this will allow you to verify your domain at CAcert and obtain a signed certificate.

If you host several domains using Apache’s virtual host you can map these into hMailServer and provide mail facilities.

The next page looks at PHP’s mail function its a small digression from the main theme hence can be skipped.

Top


Uc small logo.gif Ric