From Wiki@Commgate

Contents 1 Antispam 1.1 Overview 1.2 Configuration 1.2.1 Discard Policy (Block Policy) 1.2.2 Subject Tag 1.2.3 Image Processing (OCR) 1.2.4 Whitelists and Blacklists 1.3 Improving Effectiveness 1.3.1 Spam Training 1.3.2 Greylisting and Blacklists 1.4 Links 2 Antispam - Dspam 2.1 Overview 2.2 Configuration 2.2.1 Signature Location 2.2.1.1 Headers 2.2.1.2 Body 2.2.2 Subject Tag 2.3 Improving Effectiveness - Spam Training 2.4 Links 3 Antispam - Training 3.1 Overview 3.2 Installation 3.3 Training 3.3.1 Webmail 3.3.2 E-mail Forwarding 3.4 Links 4 Antivirus 4.1 Overview 4.2 Configuration 4.2.1 Mail Policies 4.2.2 Virus Detected Policy 4.2.3 Banned File Extension Policy 4.2.4 Banned File Extensions 4.3 Links 5 Aliases 5.1 Overview 5.2 Installation 5.3 Configuration 5.3.1 Add Mode 5.3.2 Edit Mode 5.3.3 Add External E-mail (Mail Forwarding) 5.4 Troubleshooting 5.5 Links 6 Archive 6.1 Overview 6.2 Installation 6.3 Configuration 6.3.1 E-mail Archive Settings 6.3.2 Archive [Enable/Disable] 6.3.3 Policy 6.3.4 Configure (Policy) 6.3.5 Discard Attachments 6.3.6 Auto Archive 6.3.7 Encrypt Archives 6.4 Searching the Database Archives 6.4.1 Current vs. Search Database 6.4.2 The Current Database 6.4.3 Performing a Search 6.4.4 The Search Database 6.4.5 Performing a Search 6.4.6 Resetting the Search Database 6.4.7 Viewing/Restoring E-mails 6.4.8 Original Header 6.4.9 Sending 6.4.10 Admin (root) account vs. Users Account 6.5 Advanced Users 6.5.1 Accessing the Database 6.6 Troubleshooting 6.6.1 What if I forget my password? 6.7 Links 7 Filters / Greylist 7.1 Overview 7.2 Installation 7.3 Configuration 7.3.1 Greylisting 7.3.2 Status 7.3.3 Delay 7.3.4 Data Retention Time 7.3.5 Blacklists 7.4 Links 8 Maildrop 8.1 Overview 8.2 Installation 8.3 Configuration 8.4 Troubleshooting 8.5 Links 9 POP and IMAP 9.1 Overview 9.2 Installation 9.3 Configuration 9.3.1 Server Configuration 9.3.1.1 Mail Server Protocols 9.3.1.2 Push E-mail 9.3.2 Mail Client Configuration 9.3.2.1 Secure POP/IMAP - Mozilla Thunderbird 9.3.2.2 Secure POP - MS Outlook/Outlook Express 9.3.2.3 Secure POP - Other Mail Clients 9.4 Troubleshooting 9.4.1 Connection Failures 9.4.2 Duplicate E-mails 9.5 Links 10 SMTP Mail Server 10.1 Overview 10.2 Services 10.3 Installation 10.4 Configuration 10.4.1 SMTP Mail Configuration 10.4.1.1 General Settings 10.4.1.2 SMTP Authentication - Thunderbird 10.4.1.3 SMTP Authentication - MS Outlook/Outlook Express 10.4.1.4 Trusted Networks 10.4.1.5 Outbound Relay Hosts 10.4.2 Additional Domains 10.4.2.1 Destination Domains 10.4.2.2 Virtual Domains 10.4.2.3 Mail Forward Domain List 10.5 Troubleshooting 10.5.1 Firewall 10.5.2 ISP Blocking 10.6 Links 11 Webmail 11.1 Overview 11.2 Installation 11.3 Accessing Webmail 11.4 Vacation / Auto-Reply 11.5 Server-Side Mail Filters and Mail Rules 11.6 Links

Antispam

Overview

Antispam	Information
Description	Antispam for mail servers.
Package Name	cc-spamassassin
Configuration Page	Software > Mail > Antispam

The antispam software works in conjunction with your mail server. The software identifies spam using a wide range of algorithms on e-mail headers and body text. The CommGate Server also includes Greylisting and additional Blacklists -- both are effective tools that can be used to detect spam.
Back to top

Configuration

Back to top

Discard Policy (Block Policy)

If you want to discard spam before it reaches mailboxes, you can configure the mail discard policy. For example, you can discard spam marked with high probability (or higher) by using this tool.
Back to top

Subject Tag

• Use Subject Tag - enable/disable e-mail subject tag when e-mail is marked as spam
• Subject Tag Threshold - spam score required to trigger a change in the e-mail subject
• Subject Tag - the subject tag to use when e-mail is marked as spam

A subject tag can be added to messages marked as spam. For instance a spam message with the subject "Premier Invest0r Rep0rt" will be transformed into "[SPAM] Premier Invest0r Rep0rt". This feature makes it easy for end users to identify and filter spam.
Back to top

Image Processing (OCR)

Enabling Image Processing will improve the spam identification rate for spam messages containing images. Using OCR (Optical Character Recognition), antispam engine will convert images to text and perform analysis on the word content of the image. White and Black Lists
Back to top

Whitelists and Blacklists

• White List - a list of e-mail addresses that should never be marked as spam
• Black List - a list of e-mail addresses that should always be marked as spam

The antispam engine includes both white and black lists. The white list is used to mark e-mail addresses that send non-spam, while the black list is used to mark e-mail addresses that are known spam.

Among others, newsletters and legitimate e-commerce e-mail can sometimes be marked as spam. The e-mail addresses for these messages can be added to the white list to prevent the message from becoming marked as spam.

E-mail addresses in the white and black lists can use the * wildcard character to match any characters. For instance, *@example.com and *.gov will mark all e-mail from the example.com and .gov domains.

Back to top

Improving Effectiveness

Back to top

Spam Training

You can improve the effectiveness of the antispam engine by following the instructions here.
Back to top

Greylisting and Blacklists

The CommGate Server also includes Greylisting and additional Blacklists -- both are effective tools that can be used to detect spam.
Back to top

Links

SpamAssassin website
Back to top

Antispam - Dspam

Back to top

Overview

Antispam - Dspam	Information
Description	Antispam for mail servers.
Package Name	cc-dspam
Configuration Page	Software > Mail > Antispam - Dspam

The Dspam antispam system tracks e-mail by mailbox. In other words, the antispam system bases its decisions on individual spam databases for each user on the system.

Warning! Since the Dspam antispam solution requires specific details about mailboxes and aliases, the software is not available on systems configured as a mail gateway. For example, a message destined to sales@example.com forwarded to an Exchange server may end up in Mary and David's mailbox. It is not possible for the Dspam system to determine this information in mail gateway mode.

Back to top

Configuration

Back to top

Signature Location

The antispam system tracks important elements and statistics on every e-mail message that you receive. This information is then stored as a "signature" -- basically a unique identification number. To train the antispam system (see next section), this signature must be included in an e-mail. You can track these signatures either in the body of the message, or in the message header.
Back to top

Headers

• advantage: does not clutter the body of e-mail messages
• disadvantage: message must be forwarded as an attachment to train the antispam system

Back to top

Body

• advantage: message can be forwarded (no attachment) to train the antispam system
• disadvantage: spam signature clutters the body of e-mail messages

Back to top

Subject Tag

Select the subject tag used to mark any messaged deemed to be spam.
Back to top

Improving Effectiveness - Spam Training

You can improve the effectiveness of the antispam engine by following these instructions.
Back to top

Links

Dspam
Back to top

Antispam - Training

Back to top

Overview

You can improve the effectiveness of the antispam systems on your CommGate system by identifying:

• Messages that were spam, but not identified as such
• Messages that were innocent, but identified as spam (false positive)

With a week or two of diligent training with these messages, you can expect to see a more effective antispam engine.
Back to top

Installation

At least one of the antispam engines must be installed on your system.

• SpamAssassin
• Dspam

Back to top

Training

There are two ways to train the antispam systems on your CommGate Server: webmail and mail-forwarding.
Back to top

Webmail

Training the antispam system via webmail is simple and more effective. Simply select the messages that you wish to process and press either the Report as Spam or Report as Innocent buttons (see screenshot). You will then be shown a confirmation message before the actual processing takes place.

Back to top

E-mail Forwarding

Training via e-mail forwarding is not as effective since information is lost when you forward a message. If you decide to use this method, there are two e-mail addresses used for training:

• train.notspam@example.org -- e-mail address for messages incorrectly identified as spam
• train.spam@example.org -- e-mail address for spam that was not identified as such

In order to use this style of spam training, messages must be forwarded as an attachment (see screenshot).

Back to top

Links

Dspam
Back to top

Antivirus

Back to top

Overview

Antivirus for Mail Servers	Information
Description	Antivirus for mail servers.
Package Name	cc-clamav
Configuration Page	Software > Mail > Antivirus

The antivirus system scans mail messages as they pass through your mail server.
Back to top

Configuration

Back to top

Mail Policies

When configuring the antivirus system, you must make some mail policy decisions. There are three types of policies available:

• Bounce bounce the e-mail
• Discard - silently discard the e-mail
• Pass Through - send e-mail with warning (original sent as an attachment)

Back to top

Virus Detected Policy

When a virus is detected, you can choose to either discard the message, or pass the message through. We recommend discard mode for most installations.
Back to top

Banned File Extension Policy

The antivirus software not only performs virus scanning, but also manages file attachment policies. Certain types of file attachments are prone to viruses. The ability to block attachments by file extension is another layer of security for your mail system.
Back to top

Banned File Extensions

Select the file extensions that you wish to ban from going through your mail system. Both internal and external mail are checked.

Back to top

Links

ClamAV web site
Back to top

Aliases

Back to top

Overview

Mail Server - Aliases	Information
Description	Mail server aliases tool.
Package Name	cc-postfix
Configuration Page	Software > Mail > Aliases

Mail aliases allow you to route extra e-mail addresses (for instance sales@, info@, etc) to one or more e-mail addresses. This tool can also be used to create mail distribution lists - for example, staff@example.com can be used to send e-mail to all users on the system.
Back to top

Installation

If you did not select this module to be included during the installation process, you must first install the module.
Back to top

Configuration

Back to top

Add Mode

When you first click on the "Mail Aliases" navigation link, current aliases set up by domain will be displayed (along with Edit and Delete options) and a form below this list provides the fields required to add a new alias. In other words, you are in "add mode".

As an example, if you wanted to create an email alias mapping veruca.salt to a user that you had created on the system named 'veruca', enter "veruca.salt" in the "Alias" field and select "veruca" from the "Available" mail accounts list, then click "Add".

There is no limit to how many mailbox accounts an aliased name can be sent to. For example, if you wanted all three people to receive all email sent to the address "sales@yourdomain.com", you could add the alias "sales" and select the three users on the "Available" list. Multiple users can be selected by holding down the "Control" key on your keyboard while clicking on the user in the list.
Back to top

Edit Mode

To enter "edit mode", you must have at least one alias present. Click on the "Edit" link next the alias you wish to edit. The form below will now display which of the available recipient's are set-up as aliased (highlighted) and which are not (listed as available but not highlighted). Select/deselect amongst the available recipient names using the "Control" key and your mouse and click "Update" to save your settings.
Back to top

Add External E-mail (Mail Forwarding)

Mail forwarding to another address/server can be done by addint the e-mail address to the External E-mail field and clicking on the "Add" link, as shown in the screenshot below.

Back to top

Troubleshooting

If you are working with multiple domains on your system (ie. virtual domains are being used), make sure to select the correct domain from the dropdown list prior to starting your edits.

Back to top

Links

Adding users to the server
Back to top

Archive

Back to top

Overview

Mail Archive System	Information
Description	Mail archival system for mail servers.
Package Name	cc-archive
Availability	4.2 and above
Configuration Page	Software > Mail > Mail Archive

The Mail Archival System logs all incoming and outgoing e-mail passing through the gateway to a central database. This module can be used to meet regulatory compliance or assist an organization to enforce internal policies for e-mail use in the workplace.
Back to top

Installation

If you did not select this module to be included during the installation process, you must first install the module.
Back to top

Configuration

On first configuring the mail archiver after installation, a warning will be displayed prompting the user to initialize the database. This is perfectly normal and should be done before continuing.

A table containing three form tabs is displayed as indicated in the screenshot above.

• Mail Archive Settings - General configuration settings
• Current Statistics - Data and actions relating to the current database
• Search Statistics - Data and actions relating to the search database

An explanation of the difference between the Current and Search databases will be explained below.
Back to top

E-mail Archive Settings

Activation and configuration of the email archive system can be done via the "Mail Archive Settings" tab. The section below explains each setting in details.
Back to top

Archive [Enable/Disable]

Enables or disables the archiving of email passing through the SMTP server.
Back to top

Policy

Allows an administrator to archive all email passing through the server or restrict (exempt) certain users, as required. Set this to "All messages" to archive email for every user. Select "Filter messages" to configure a filter to archive only some users email.
Back to top

Configure (Policy)

A configure link will be displayed when "Filter messages" is selected as the policy. Click on this link to 'fine tune' which users' email should be archived.

Back to top

Discard Attachments

The "Discard Attachments" drop down option is only available when the "Policy" is set to "All messages" - otherwise, discarding of attachments is done in the 'Configure' page.

To save on storage space (and assuming attachments are not required to be archived either by corporate policy or law), select "Always". Otherwise, select a level in which attachments should be discarded (i.e. "Never", > 1MB etc.).

Files which are identical but attached to different e-mails as attachments only consume the size of the file, not N x the size of the file, where N is the number of emails going through the archive system with the same attachment.

Back to top

Auto Archive

Auto archive controls the movement of archive data from the "Current" database to an archived file. This allows the email archive to be easily moved from the server to a storage medium (for example, another server, a USB Mass Storage Device, a tape drive etc.) for safe storage. All emails that have been archived to this file can be retrieved and searched at a later date, if required.

Use this field to provide consistent archive files for a give period (i.e. weekly or monthly) or of a certain size (i.e. a DVD etc.).
Back to top

Encrypt Archives

The transition of data from the database to a dump file can be encrypted to prevent unauthorized access. This can be extremely important (and may be required by law) if e-mails contain confidential information. AES Encryption Password

The password used to encrypt the archive file if "Encrypt Archives" is set to "Yes". By default, this password must be at least 12 characters and contain both upper and lower case letters and at least 1 number.

Twelve characters was chosen as a length to ensure the security of the encrypted file. If a smaller password is desired, you can override this setting in the /etc/archive.conf file by setting the 'encrypt-password-length' parameter.

Back to top

Searching the Database Archives

Back to top

Current vs. Search Database

The mail archive operates using two databases. The 'Current' database is used to retrieve and store new messages arriving from the SMTP (mail) server. The 'Search' database is a transient database - its contents can be deleted and replaced with data corresponding to the search requirements and space of the drive.

The dual-database system is designed for maximum scalability. A single database could quickly become of such enormous size that an administrator would be continually adding drive storage space to accomodate the email archives. By giving the user the ability to take certain sized (or certain periods of time) snapshots from the current database and allowing one or more to be loaded to the 'Search' database, searching for past emails can be done quickly and efficiently without the overhead of hundreds of GB of disk space.

Think of the search database as a 'sandbox', where archives can be dumped, searched and then removed (reset).

Back to top

The Current Database

The current database contains all archived emails since the last file archive was performed. A file archive can either be performed manually or can occur automatically if the Auto Archive setting is enabled and triggered.
Back to top

Performing a Search

To view how many emails and the approximate size of the archive in the 'Current' database, click on the Current Statistics tab.

Click on the Search button. A new form will be displayed allowing you to enter your search criteria.

Using the add links you can customize your search using a maximum of five (5) criteria using either AND or OR logic (Match all vs. Match any). The results from your search will be displayed in the results table below.
Back to top

The Search Database

The Search Database will normally be empty until at least one file-based mail archive restore is performed (or if data from a prior search still in the database). Remember, the Search Database is designed to be reset often so that you can work with datasets that will scale with the ever-increasing demands of archived e-mails.

To restore a file-based archive, click on the Restore Archive button.

All prior restores will be listed in the Archives table. Rows with a green status mean the link is intact (archive exists on the server). Rows with a red status icon indicate the link is broken. If you need to restore from a file whose status is red (broken link), you will need to use Flexshares and the storage device where the archive was moved to in order to re-establish the link.

Simply click on the Restore button to start a restore to the Search database. Once complete, you can Search the database as normal.

Back to top

Performing a Search

To navigate to the Search Database, go to the Mail Archive page and click on the Search Statistics tab. If there is data that you wish to search in the database (given the statistics you may find that there is data, but you do not remember which file archive it originates from - in this case, it is advised to reset the database and start again), click the Search button. A search form will be displayed - the same as occurs when you are searching the Current Database.

You can toggle between searching the Current and Search databases by selecting the appropriate radio button in the search form.

Enter your search criteria and click Search. Any hits (results) will be displayed in the table below.
Back to top

Resetting the Search Database

Since the Search Database is simply a MySQL database created by the import of one more archive files, it is perfectly safe to Reset the search database to reinitialize the database. You may want to reset the search database to make make searching the database faster or because searching an entire index (i.e. mail archive over several years) becomes too large a dataset for your existing hard disk.
Back to top

Viewing/Restoring E-mails

Once an e-mail has been found using a search procedure, click on the View link next to the e-mail of interest. A new page will be displayed containing the email body contents.
Back to top

Original Header

It is sometime of interest to view the original e-mail header. This information is stored in the archive database and can be viewed by clicking on the Original Header link (a '+' icon).

The screen capture below displays an e-mail view with the headers expanded.

Back to top

Sending

To resend the email (either to the original recipient or a separate user), click on the Resend E-mail link. A new form will appear allowing you to resend the email.

Warning! Resending the e-mail uses the SMTP relay module...make sure it has been configured correctly to send outgoing mail through your local mailserver or your ISP.

Back to top

Admin (root) account vs. Users Account

The mail archives (both current and search databases) can be searched by the system administrator (logged in under the 'root' account) or by users. To give users access to the archive, use the System Administration ACL to grant access to specific users to the Mail Archive module.

When logged in as 'root', all emails will be returned from a search query. However, when logged in as a 'user' system administrator, only email that has been sent to or by the user will be returned from a search query. In other words, users can view/restore mail that was sent or received by them, but no one else.
Back to top

Advanced Users

Back to top

Accessing the Database

This module makes use of the system MySQL service for the database back-end. The system MySQL server is a 'sandboxed' service running on a non-standard port. To access the database from the command line, you will need to fetch the database password:

cat /etc/system/database

password = AAAAAAAAAAAAAAA

reports.password = BBBBBBBBBBBBBB

zoneminder.password = CCCCCCCCCCCCCCC

archive.password = PASSWORD

dspam.password = DDDDDDDDDDDDD

The email archive database password is keyed on 'archive.password'.

Next, you'll need to access the MySQL console in a slightly different manner than the default MySQL server.

/usr/share/system-mysql/usr/bin/mysql DBNAME -uUSER -pPASSWORD

Where:

DBNAME = archive_current or archive_search

USER = archive

PASSWORD = the password retrieved from the /etc/system/database file
Back to top

Troubleshooting

Back to top

What if I forget my password?

In a word: don't. If you forget your archive password, there is absolutely no way to recover any e-mail from the encrypted mail archive file.
Back to top

Links

Using Flexshares
Back to top

Filters / Greylist

Back to top

Overview

Greylisting and Filters	Information
Description	Greylisting and filters for mail servers.
Package Name	cc-filters
Configuration Page	Software > Mail > Filters

Greylisting and mail filters are extra tools to prevent spam from reaching your users' mailboxes.
Back to top

Installation

If you did not select this module to be included during the installation process, you must first install the module.
Back to top

Configuration

Back to top

Greylisting

Greylisting can dramatically reduce the amount of spam reaching your mailboxes. When the service is enabled, a mail message that is not recognized will be gently rejected. If the mail message is legitimate, the sending mail server will re-attempt subsequent deliveries and the CommGate server will then accept it. For the most part, spammers do not bother with the second delivery attempt and this results in less spam. The parameters that you can use to fine tune the greylisting engine are described below.
Back to top

Status

State of the greylisting engine.
Back to top

Delay

The amount of time that must pass before a subsequent delivery attempt is allowed.
Back to top

Data Retention Time

The greylisting engine keeps track of both mail servers and sender e-mail addresses for a specified amount of time (default is 35 days). If messages from validated sender or server arrives, the greylisting engine will accept delivery on the first attempt. For example, if dave@example.com sends an e-mail to one of your users on a weekly basis, only the very first mail message is delayed. All subsequent messages are delivered automatically since dave@example.com has been validated.
Back to top

Blacklists

CommGate provides extra mail blacklists to protect against spam. You can enable or disable this blacklist at any time.
Back to top

Links

Postgrey

SA-Blacklist
Back to top

Maildrop

Back to top

Overview

Maildrop	Information
Description	Fetchmail/maildrop software to fetch mail from external servers.
Package Name	cc-fetchmail
Configuration Page	Software > Mail > Maildrop

The fetchmail package can conveniently retrieve mail from other servers allowing the 'centralization' of e-mail on a single server.
Back to top

Installation

If you did not select this module to be included during the installation process, you must first install the module.
Back to top

Configuration

Any number of servers can be added to the maildrop list using the "Add Maildrop Entry" form. The interval polling time can be configured from 1 minute up to 3 hours.

Server - The server name. For example, gmail.com.

Protocol - The server protocol. Currently, POP3, IMAP and APOP protcols are supported. If you do not know the protocol, you can have the system auto-detect by selecting 'auto'.

Username - This is the username on the source server.

Password - This is the password on the source server.

Local User - This is the username of a mail account configured to receive mail on the server you are configuring.

Keep On Server - Enable this checkbox to leave a copy of the mail on the server.

Active - Enable this checkbox to start polling the remote server for mail to fetch.

Note: As with any other POP3 or IMAP connection, your username and password for the mail account on the destination mail server will be passed in clear text.

Back to top

Troubleshooting

Have a look at the system logs if you are having problems. The fetchmail daemon logs to /var/log/maillog. Ignore any entries you see similar to:

Server CommonName mismatch: localhost.localdomain != mail.commgate.net

This entry is a result of fetchmail attempting to use SSL for authentication.
Back to top

Links

Fetchmail Home Page
Back to top

POP and IMAP

Back to top

Overview

POP and IMAP	Information
Description	Mail access for desktop mail clients.
Package Name	cc-dovecot
Configuration Page	Software > Mail > POP and IMAP

The CommGate Server provides both POP and IMAP servers for providing mail delivery to desktop clients.
Back to top

Installation

If you did not select this module to be included during the installation process, you must first install the module.

Upgrade Issues

For those upgrading from version 3.x, please review the documentation on how to migrate mail to CommGate Enterprise Server 2009 in the HowTo section.
Back to top

Configuration

Back to top

Server Configuration

Back to top

Mail Server Protocols

The mail server supports four different protocols (see screenshot):

• IMAP
• Secure IMAP
• POP
• Secure POP

We strongly suggest using the secure protocols if possible. Keep in mind, you will need to generate an SSL Certificate to enable the secure protocol.
Back to top

Push E-mail

Some mail clients support the push e-mail feature (also known as the IMAP Idle feature). With this feature enabled on both the server and client, e-mail will appear in your mailbox as soon as it arrives. This feature is most useful on wireless and handheld devices. The following mail clients are known to support push e-mail (IMAP Idle):

• [Thunderbird] - Many platforms
• [Chattermail] - Palm Treo
• [FlexMail] - Windows Mobile

Back to top

Mail Client Configuration

Back to top

Secure POP/IMAP - Mozilla Thunderbird

If you are using Mozilla's Thunderbird, click on "Tools --> Account Settings", then select "Server Settings" from the navigation bar. Ensure the "Use secure connection (SSL)" checkbox is enabled.

Back to top

Secure POP - MS Outlook/Outlook Express

For Outlook and Outlook Express, click on "Tools --> Accounts", select the account you wish to configure and click on the Properties button.

File:Email-ss smtp auth outlook.png

Next, click on the "Advanced" tab, and ensure the "This server requires a secure connection (SSL)" checkbox is enabled.

File:Email-ss secure pop outlook.png
Back to top

Secure POP - Other Mail Clients

For other mail clients, similar set-up/configuration will exist. Please refer to documentation for your mail client for specific instructions.
Back to top

Troubleshooting

Back to top

Connection Failures

Do not forget to open up firewall ports for e-mail. You only need to open the POP or IMAP ports if you plan on picking up your mail from outside your local network. The default ports are listed below:

• POP - 110
• Secure POP - 995
• IMAP - 143
• Secure IMAP - 993

Back to top

Duplicate E-mails

If you find your POP mail account is downloading the same message over and over, follow the advice on the following web site
Back to top

Links

Dovecot Secure IMAP Server
Back to top

SMTP Mail Server

Back to top

Overview

Mail Server - SMTP	Information
Description	SMTP/MTA mail server.
Package Name	cc-postfix
Configuration Page	Software > Mail > SMTP Mail Server

You can manage your own mail server. There are a number of reasons this might be advantageous:

• Ability to have a customized user and domain name - ie. anyone@anydomain.com
• Mailboxes limited only by hard disk storage capacity and your own administration settings
• Alias support - i.e. sales@yourcompany.com can be sent to bob@yourcompany.com and joe@yourcompany.com
• No waiting around for new users to be added
• Custom antispam control
• Antivirus support
• Privacy
• Full control

Back to top

Services

A number of services are available for mail services:

• Antivirus ASP
• Antispam ASP
• Mail Backup

Back to top

Installation

If you did not select this module to be included during the installation process, you must first install the module.
Back to top

Configuration

Back to top

SMTP Mail Configuration

Back to top

General Settings

The Hostname does not have to be related to the e-mail domains that you host. It can be ANY valid Internet name for your machine. For example, you may wish to have a dedicated mail server on your network. In this case, you might want to name this machine mail.yourdomain.com. This would be the Hostname you would enter.

The Primary Domain field indicates the domain name this server will act as an SMTP/Mail server for. If you have a single domain name that you receive mail for, enter the domain here.

If SMTP Authentication field is set to on, any client attempting to send mail through the server will require a username/password before accepting mail for delivery.

The Maximum Message Size sets the maximum size of an individual mail message. Most Internet service providers (ISPs) block mail larger than 10 or 20 MB, so do not expect to have larger messages delivered to outside users. Due to the way e-mail systems work, an attached file may be 50% larger once attached.

The Catch-All setting can be used to catch mis-addressed e-mail and deliver it to a specific user account. We highly recommend avoiding this feature for the following reasons:

• Your system will scan all messages for viruses and spam instead of bouncing the message right away. This means more system resources (CPU, RAM) are required.
• Your system will attract more spam. Spammers will avoid invalid e-mail addresses, but setting a catch-all user means all e-mail addresses to your domain are valid.

Back to top

SMTP Authentication - Thunderbird

For Mozilla's Thunderbird, click on "Tools --> Account Settings" and then click on the "Outgoing Server (SMTP)" field. You should see a window similar to the screenshot below.

Ensure the "Use name and password" setting is checked and enter the username of the mail account in the username field. The password will be requested by the mail client application on the first attempt to send mail. There will be an option to save it to the "Password Manager" so that you do not have to enter each time you send mail through the server.
Back to top

SMTP Authentication - MS Outlook/Outlook Express

If you are using MS Outlook/Outlook Express, click on "Tools --> Accounts". Select the account which will use this mail server to send mail and click on the "Properties".

File:Email-ss smtp auth outlook.png

Make sure the "My server requires authentication" is checked. Click on the "Settings" button to enter the details of your username/password.

File:Email-ss smtp auth outlook servers.png

Setting the Catch All User to an valid user on the server will pass all mail sent to an "Unknown user" to this account. To bounce mail addressed to an invalid recipient, set to Return to sender.
Back to top

Trusted Networks

A trusted network is a list of networks that are allowed to send mail through the SMTP server. Dynamic IP's should not be added to this list. It is important that you do not make an error with this parameter. The default setting allows any user with a 192.168.x.x address send e-mail through the server. If you use a 10.x.x.x address, you should add 10.0.0.0/8 to the list of trusted networks.
Back to top

Outbound Relay Hosts

Some ISPs will block all traffic on port 25 unless it it destined for their mail servers. In this case, you would want to specify your ISPs mailserver as the Outbound Relay Hosts.

In addition, if you are subscribed to the ASP Antivirus service and want to scan your user's outgoing mail, you should enter the following:

• antivirus.mycommgate.com

This address points to a cluster of three (or more) mail servers. The change is required since the newer version of Postfix included with CommGate Server supports only one outbound relay host.
Back to top

Additional Domains

Back to top

Destination Domains

If your company/organization has multiple domains and you wish to receive email sent to any user for any of the domains, enter additional domains to the Destination Domains list. For example, if our primary domain was setup to be "commgate.net" and we wanted all emails sent to the following registered domains to be valid:

• commgate.com
• commgate.org

we would add the bulleted domain list above to the "Destination" domains list.
Back to top

Virtual Domains

Warning! Virtual domains will not be supported in version 5.0 and we do not recommend using this feature in version 4.x. The feature is only in 4.x to support legacy systems.

Use the "Virtual Domains" list if you are using CommGate Server as an SMTP server for multiple clients. By adding to the Virtual Domains list rather than the Destination Domains list, you will have complete control over which user receives mail for a particular domain.
Back to top

Mail Forward Domain List

CommGate Server can be configured to be an antivirus and antispam mail gateway. For example, you can put a CommGate Server system between the Internet and a Microsoft Exchange server.

If you are configuring your server as a mail gateway, add the domain name to the Mail Forward Domain List. If the antispam engine is installed and running on the server, mail will be subject to the spam identification rules you have configured. Similarly, if the antivirus module is installed and running, all mail for the domains will be scanned before passing the mail on to the destination server.

• Follow the link for more information on Configuring an Antivirus and Antispam Gateway.

Back to top

Troubleshooting

Back to top

Firewall

Do not forget to open up firewall ports for your e-mail server: port 25 on the firewall configuration page.
Back to top

ISP Blocking

Some ISPs are known to block SMTP (port 25) traffic to residential broadband connections in an attempt to cut down on SPAM originating from their network. If you think your configuration is set-up correctly and you suspect your ISP is blocking SMTP traffic, try a port scan. Virtual Domains

If you are using the server to provide mail service to multiple domains (virtual domains), it is advisable to set up all domains on the system as virtual and enter a false domain (ie. placeholder.com) in the "Primary Domain" field. Otherwise, all users would have access to the domain listed in the primary domain field.
Back to top

Links

Postfix Documentation
Back to top

Webmail

Back to top

Overview

Webmail	Information
Description	Web-based mail system.
Package Name	cc-horde
Configuration Page	none

A web-based e-mail solution ideal for allowing users 'on the road' and without a mail client to access mail on the server using any computer connected to the Internet.
Back to top

Installation

If you did not select this module to be included during the installation process, you must first install the module.

This module is described as the "Web Access Module" under Webconfig's "Software Modules" list.

Back to top

Accessing Webmail

• The webmail system runs on port 83 on the HTTPS protocol. To access the system type https://192.168.1.1:83/ or https://yourdomain.com:83/

• If webmail access is required from the Internet, please allow connections to port 83 (webmail) on the firewall.

• Web-based mail requires the IMAP server to be running.

• Users will receive a pop-up warning in their web browser similar to that shown below. This is normal and does not diminish the fact that the connection is encrypted and secure. If desired, you can customize and manage the secure certificate using the SSL Certificate Manager.

Back to top

Vacation / Auto-Reply

The webmail system includes a vacation / auto-reply system. To access this feature:

• Login to your webmail account
• Click on Mail > Filters in the menu
• Select the Vacation filter

Back to top

Server-Side Mail Filters and Mail Rules

The webmail system includes server-side mail filters and rules. For instance, you can send all mail with the word SPAM into a specified spam folder, or simply discard the mail.

• Login to your webmail account
• Click on Mail > Filters in the menu
• Configure you mail filters/rules

Back to top

Links

Horde Web Site
Back to top