Services. Ipswitch V12
IMail Server v12 is a powerful email server solution designed to meet the needs of businesses of all sizes. It offers a comprehensive set of features, including anti-spam and anti-virus protection, secure email delivery, and easy-to-use administration tools. IMail Server v12 is designed to be reliable, scalable, and secure, making it an ideal choice for businesses looking to improve their email communication and security.
Advertisement
Advertisement
CHAPTER 10
Services
In This Chapter
Service Administration Overview ............................................................... 386
Commtouch (Premium Anti-spam)............................................................ 389
Service Administration Overview
How to get here
IMail Service Administration lets you manage a number of system services. The Service
Administration page lets you get a quick overview of these services and their status.
The list shows which services are installed. Each service, its version number, and its current state (Stopped or Running) is displayed. You can use the check boxes to the left of the Name list to stop and start individual services. By selecting or clearing all check boxes at once, you can also stop or start all services simultaneously. You can also click the link under any service to access its settings page.
Tip: Starting or Stopping multiple services may take a minute.
IMail IMAP4 Server Service (on page 392). Select this check box to let users access
remote message stores (on the mail server) as if they were local. Using an IMAP4 mail client, users can read their mail, move or delete mail, create mailboxes - all on the server system.
Note: IMail Web Messaging directly accesses the server to manage mail, and no longer requires IMAP.
386
IMail v12 Administrator Help
IMail LDAP Service (on page 395). Select this check box to publish and provide
access to user information on the server, and extend the IMail user database to include standard LDAP attributes such as name, address, organization name, and phone number. LDAP allows each user with an account on the system to add, delete, or modify information in his/her own LDAP entry.
IMail POP3 Server Service (on page 402). Select this check box to let any POP3 mail
client communicate with IMail Server.
IMail Queue Manager Service (on page 407). Select this check box to control the
flow of messages through the mail queue. The Queue Manager Service is a component of the SMTP delivery process.
IMail SMTP Service (on page 413). Select this check box to let the SMTP server send
and receive mail from other Internet hosts using the Simple Mail Transfer Protocol
(SMTP) and process all incoming and outgoing mail.
Symantec Anti-virus Scan Engine (on page 279) (available separately). Select this
check box to provide consistently current, premium anti-virus protection.
IMail Sys Logger Service (on page 429). Select this check box to view the log files in
the IMail spool directory.
IMail WorkgroupShare Service (on page 372). Select this check box to enable
shared Microsoft Outlook global calendars, tasks, notes and address books with the installation of the the IMail Collaboration Client.
IMail Commtouch Service (on page 389) (available only with IMail Premium). Select
this check box to provide automatically updated, language-aware premium anti-spam technology.
IMail Commtouch IP Rep Service (on page 389) (available only with IMail Premium).
Select this check box to provide automatically updated, language-aware premium anti-spam technology.
Ipswitch Instant Messaging Server. Select this check box to enable secure instant messaging with Smart Tag.
Related Topics
Viewing Service Status from a Web Browser
Click the Services tab. The Service Administration page appears. Look in the Current State column corresponding to the row for the specific service.
Stopped), and a Start/Stop button appears. This allows you to Start or Stop individual
Services from their respective web pages, as well as from the Service Administration page.
Configuring IMail Services (on page 388)
IMail Administrator Services (on page 388)
387
IMail v12 Administrator Help
Configuring IMail Services
To start a service, select the check box to the left of that service and click Start. To stop a service, select the check box to the left of that service and click Stop.
To verify that you have successfully stopped or started a service, a page with a progress bar appears. The Service Administration page displays the service's new status.
Viewing the Status of IMail Services
Click the Services tab. The Service Administration page appears. Look in the Current State column corresponding to the row for the specific service.
Stopped), and a Start/Stop button appears. This allows you to Start or Stop individual
Services from their respective web pages, as well as from the Service Administration page.
Logging into IMail Services
Before you can access the Service Administration page, a separate dialog may appear during each browser session prompting you for a Windows User name and Password. This depends on your platform and security settings.
If the dialog box does not appear, the Services Administration page opens.
If the dialog box does appear, enter the administrator user name (administrator for the computer) and password. The Services Administration page opens.
Setting Service Administration Options
How to get here
388
IMail v12 Administrator Help
IMail Service Administration lets you manage a number of system services. The Service
Administration page lets you get a quick overview of these services and their status.
The list shows which services are installed. Each service, its version number, and its current state (Stopped or Running) is displayed. You can use the check boxes to the left of the Name list to stop and start individual services. By selecting or clearing all check boxes at once, you can also stop or start all services simultaneously. You can also click the link under any service to access its settings page.
IMail IMAP4 Server. Select this check box to start this service, which lets users access remote message stores (on the mail server) as if they were local. Using an IMAP4 mail client, users can read, move, delete mail, and create mailboxes all on the server system.
Note: IMail Web Messaging directly accesses the server to manage mail, and no longer requires IMAP.
Ipswitch Instant Messaging Server. Select this check box to stop or start IIM . If you click the link, the IIM Home page appears.
IMail LDAP Service. Select this check box to publish and provide access to user information on the server, and extend the IMail user database to include standard
LDAP attributes such as name, address, organization name, and phone number. LDAP allows each user with an account on the system to add, delete, or modify information in his/her own LDAP entry.
IMail POP3 Server. Select this check box to let any POP3 mail client communicate with IMail Server.
IMail Queue Manager Service. Select this check box to control the flow of messages through the mail queue. The Queue Manager service is a component of the SMTP delivery process.
Premium Anti-spam Service. (Available only with IMail Premium) Select this check box to enable Commtouchs Advanced Security Daemon (a.k.a. ctasd™).
IMail SMTP Server. Select this check box to allow users to let the SMTP server send and receive mail from other Internet hosts using the Simple Mail Transfer Protocol
(SMTP) and process all incoming and outgoing mail.
IMail Sys Logger Service. Select this check box to allow users to view the log files in the IMail spool directory.
Ipswitch WorkgroupShare Service. Select this check box to enable IMail
Collaboration.
Commtouch (Premium Anti-spam)
How to get here
389
IMail v12 Administrator Help
Note: This Service page includes services for both the Premium Anti-spam
"IMailCommtouch" and Commtouch IP Reputation "IMailCommtouchIPRep".
Use the Commtouch Anti-spam Settings page to stop and start the IMailCommtouch and/or the IMailCommtouchIPRep service.
This page displays Commtouch license information, configuration settings for Commtouch
Advanced Security Daemon (ctasd™), and port settings for both Commtouch's IP Reputation port and Premium Anti-spam.
Note: Go to Anti-spam > Premium Filter to enable and set Commtouch Classification filters.
Server Settings
Port. Premium Anti-spam listening port number. (Default port is 8088)
IP Reputation Port. The HTTP listening server port number. (Default port is 8181)
Proxy Server Settings
Enable. Check box to enable proxy server settings. (Default not enabled)
Port. Port number used for connectivity with the proxy server.
Server Address. Specifies the host name or IP address of the proxy server.
Auth. Specifies the authentication mode for connectivity with the proxy server.
Options are Basic or NoAuth.
Username. The name of an authorized user.
Password. The password of the authorized user.
Save. Click to save your settings.
Related Topics
Commtouch Premium Anti-spam Filter
IP Ignore List
How to get here
The IP Ignore List contains a list of IP addresses of all local mail servers that should automatically be considered non-spammers and should not be validated for spam. When
390
IMail v12 Administrator Help
checking the servers from which the suspected message originated, ctasd™ ignores all references to local or remote mail servers predefined in the IP ignore list.
Note: Updating this list requires restarting the IMailCommtouch services.
Important: To edit an existing IP address or subnet mask, click the link under the IP address.
The Add IP Ignore List page appears with the existing information. Edit the information and click Save. Click Cancel if you no longer want to edit the IP address.
IP Address. This column lists all the local mail servers currently set to be considered non-spammers.
Subnet Mask. This column lists the Subnet Masks related to the IP Addresses.
Note: To edit, simply double click the IP Address to modify.
Add. Click this button to access the Add IP Ignore List page.
Delete. Click this button to remove an existing entry.
Related Topics
Premium Ant-spam (Commtouch) (on page 389)
IMAP
How to get here
Stopped), and a Start/Stop button appears. This allows you to Start or Stop individual
Services from their respective web pages, as well as from the Service Administration page.
You can use the IMAP Settings page to configure the IMAP Server. IMAP4 lets users access remote messages stored on the mail server as if they were local. Users can read, move, delete mail, and create mailboxes on the server system. Since messages reside on the server, users can access their mailboxes from multiple machines. the service.
Related Topic
Managing Mailboxes (on page 394)
391
IMail v12 Administrator Help
POP3 / IMAP - Control Access (on page 405)
IMAP Settings
How to get here
Stopped), and a Start/Stop button appears. This allows you to Start or Stop individual
Services from their respective web pages, as well as from the Service Administration page.
You can use the IMAP Settings page to configure the IMAP Server. IMAP4 lets users access remote messages stored on the mail server as if they were local. Users can read, move, delete mail, and create mailboxes on the server system. Since messages reside on the server, users can access their mailboxes from multiple machines. the service.
IMAP Logging
Save Logs To. Choose one of the following from the list box.
No Log. (Set by Default) Select this option to turn off event logging.
SYSMMDD.TXT. Select to send event information to a file of this name, where MM is the month and DD is the day the log was written. This file is stored in the Spool directory.
Log Server. Select to send event information to the Log file indicated on the Logging tab.
Debug Messages. Select the check box to enable writing debug messages to the log file.
General Options
Force Subscribe to Private Mailboxes. Select the check box to require the IMAP4 client to subscribe to use a private mailbox. A user who is not a subscriber is refused access. Do not enable this option if you wish to use web messaging. Choose this option if users are using Outlook or another client.
Force Subscribe to Public Mailboxes (on page 394). Select the check box to require
the IMAP4 client to subscribe to use a public mailbox. A user who is not a subscriber is refused access.
Allow Unsecured Access. Select the check box to allow users to login to the system without authenticating via secure mode (such as SSL).
392
IMail v12 Administrator Help
Account Harvesting Prevention
options. Changing an IMAP setting will also affect the POP3 setting.
Enable Session Security. (Turned on by default) Configurable session options for user authentication, allows the IMail Administrator to set the following session options.
Max Failed Logins Per Session. (Default set to 3) Once this setting has been reached by failed authentication attempts, the client will be disconnected.
Max Failed Sessions Per IP. (Default set to 9) After this setting has been met by disconnections from the failed authentication attempts, the client will be terminated and blacklisted.
Blacklist Duration (in Minutes). (Default set to 60) Length of time that the offending
IP will not be able to access the login page.
Tip: The Blacklist Duration is the length of time the IP address will be blocked and will remain in the Control Access list.
SSL Settings
Note: IMail Server uses OpenSSL Command Line Tool (v0.9.8e) which supports up to 4096-bit
RSA and 2048-bit DSA. OpenSSL is a cryptography toolkit implementing the Secure Sockets
Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them.
Enable SSL. Select the check box to enable a dedicated port that accepts only SSL- encrypted connections from the IMAP4 service. You can change the default port used by the SSL Listener in the SSL port box.
SSL Port. Enter the port used by the dedicated SSL Listener to accept connections.
The default IMAP4 SSL port is 993; the valid range is from 1 - 32,000.
Enable TLS. Select the check box to enable the IMAP4 service to accept SSL/TLS connections over the IMAP4 port through use of the STARTTLS command.
Advanced Options
When logging on to IMAP4, the service returns a welcome message that identifies the mail server version and vendor. You can use the IMAP Advanced options to change the service's welcome message, for example, if you want to hide the mail server version and vendor information.
Hello Message. Enter the text you want display in the IMAP service welcome message. The text is limited to 400 characters or less. If you enter over 400 characters, the system uses the default message. To intentionally revert back to the default message, clear this field.
393
IMail v12 Administrator Help
need to change these settings, be aware that they can change the operation of the server.
Save. Click to save your settings.
Related Topic
Managing Mailboxes (on page 394)
Creating Public Mailboxes (on page 394)
POP3 / IMAP - Control Access (on page 405)
Creating Public Mailboxes
The IMAP4 server options provide a means of creating a public mailbox in which you can post
messages for reading by IMAP4 clients. To create a public mailbox, create a user (on page 166)
ID named "public". Any mailboxes in this user's directory will be available for reading by
IMAP4 clients.
Administrators can use the public user ID to post messages. Users other than public can only read the public mailboxes. Administrators can set an option that determines whether users must subscribe to a public mailbox before they can read it.
Public mailboxes are read-only by design, and only the user public can administer the public mailboxes. Messages received for this account and its sub-mailboxes are treated as normal, but users other than public who access these mailboxes through IMAP4 have read-only permissions. If a user tries to mark a message in a public folder as read, he will be notified that the mailbox is read-only. subscribe to a mailbox unless the client application provides this capability.
Managing Mailboxes
When a user creates a mailbox, the mailbox is created on the IMail Server system. Because the
IMail Server will be the permanent storage location for IMAP4 users' mail, you need to configure the server with appropriate disk space and manage the disk space by monitoring mailbox disk usage.
You can set maximum mailbox size and maximum number of messages for each user or you can set the maximum mailbox size and maximum number of messages globally for all users on a selected e-mail domain :
394
IMail v12 Administrator Help
For more information about global settings for a selected e-mail domain, see
Changing IMail Standard User Settings (on page 117).
For more information about individual user settings for a selected e-mail domain, see
Changing IMail User File Directory Settings.
Administrators can set an option (on the IMAP4 tab) that determines whether users must subscribe to a private mailbox before they can read it.
LDAP
Short for Lightweight Directory Access Protocol, a set of protocols for accessing information directories. LDAP is based on the standards contained within the X.500 standard, but is significantly simpler. And unlike X.500, LDAP supports TCP/IP, which is necessary for any type of Internet access. Because it's a simpler version of X.500, LDAP is sometimes called X.500-lite.
Because LDAP is an open protocol, applications need not worry about the type of server hosting the directory.
About LDAP Server
Lightweight Directory Access Protocol (LDAP) provides a standard way for applications to request and manage directory information. LDAP has become another popular feature for standards-based mail servers. A simplified subset of the much more elaborate X.500 Directory
Access Protocol, LDAP is more appropriate for many of today's applications, on both the client and server sides, because it makes fewer demands on system resources.
LDAP implementations use a client/server architecture to publish user information (such as address books) on the server and provide access to that directory information from
LDAP-enabled clients.
IMail Server supports OpenLDAP to provide the following capabilities to users with
LDAP-enabled clients:
Locate LDAP directory information that may include name, phone number, e-mail address, organization, department, and address.
List all users at a site.
About LDAP Data
IMail Server provides an LDAP database by extending the IMail user database to include standard LDAP attributes (such as name, address, organization name, and phone number) and any other attributes that a site defines.
Each user with an account on the IMail Server has an LDAP entry. When a user is added to the
IMail user database an LDAP entry is defined with the following attributes:
395
IMail v12 Administrator Help
Basic User Attributes
ObjectClass The type of entry. The value would be "inetOrgPerson".
CN CommonName
UID
Surname
The full name of the user.
The IMail Server e-mail address for the user. This is constructed from the user ID and the host name.
The IMail Server user ID.
The surname or last name of the user.
When a user receives mail on the IMail Server system, his/her LDAP entry is activated.
Using an LDAP enabled client, the user can add, delete, and modify information in his or her own LDAP entry. A user cannot modify another user's entry. The following table describes several additional attributes that the user can add (by using an LDAP client that supports the
Modify function):
Optional User Attributes
Organization
OU
Street
L
ST
C telephoneNumber
The user's company.
The department within the company or organizational unit.
The user's street address.
The user's city or locality.
The user's state or province.
The user's country.
The user's telephone number.
These are the most common attributes used in the LDAP entry. The system administrator or the user can define other attributes. by the LDAP server. Do not click Initialize LDAP unless you want to overwrite the database with the user IDs only that are stored in the Windows registry. First try synchronizing the
LDAP database to resolve any problems.
If the Open LDAP server is not running, you are asked whether you want to start it. Initializing
LDAP deletes all user changes to the attribute values and adds all users back to the LDAP server in the default state.
LDAP Service Settings
How to get here
396
IMail v12 Administrator Help
the service.
Stopped), a Start/Stop button appears and a Restart button appears. This allows you to Start,
Stop, or Restart individual Services from their respective web pages, as well as from the
Service Administration page.
Install Location. Enter (or Browse to) the location of the directory where the
OpenLDAP files are located. By default, the installation path for IMail is
"C:\Program
Files\Ipswitch\Messaging\IMail\OpenLDAP"
. The following folders are located under the
"..\OpenLDAP"
folder:
bin. Folder where all OpenLDAP binaries are stored. These are:
Openldap-data. Folder where all folders with domain specific databases are stored, containing a folder named after each existing domain.
schema. Folder where all OpenLDAP schema files are stored. Schema files are text files that determine the properties of each object.
Share\ucdata. Contains supporting data files for the LDAP server. These files should not be modified. files manually to the location that you specify in this field. The slapd.exe
file must also be unregistered and re-registered in the new location. You can also browse to the installation location by clicking the Browse button.
Create New Folder
New Folder Name. Enter the name for the folder in which you wish to manually move the OpenLDAP files, as described in the preceding Important section. Click
Create. Click OK.
Port. Enter the Port that the LDAP server runs on. This can be changed to allow
OpenLDAP to run on the same server as another LDAP server.
LDAP Actions
Sync LDAP. Click this button to synchronize the LDAP database in order to clean up orphaned accounts or add accounts that do not yet exist.
397
IMail v12 Administrator Help
by the LDAP server. Do not click Initialize LDAP unless you want to overwrite the database with the user IDs only that are stored in the Windows registry. First try synchronizing the
LDAP database to resolve any problems.
If the OpenLDAP server is not running, you are asked whether you want to start it. Initializing
LDAP deletes all user changes to the attribute values and adds all users back to the LDAP server in the default state.
LDAP domain or all the LDAP domains. This utility can be used in the case when the Web
Administrator does not properly Init or Sync all the LDAP domains on a server. This issue sometimes occurs on servers running Microsoft Windows 2003 machines with over 30 domains.
Init LDAP. Click this button to initialize the LDAP database for the server.
Save. Click to save your settings. An Update Successful message and the time of the update appears.
Related Topics
About LDAP Server (on page 395)
LDAP User Information (on page 172)
Populating the LDAP Database Using Ldaper.exe (on page 400)
Init & Sync LDAP DB - iLDAP.exe utility (on page 401)
LDAP Settings
How to get here
Use the LDAP Settings page to configure host options for OpenLDAP. This information is necessary for an LDAP client to edit the LDAP database. It is not necessary to enter an ID or password if you only want to view the OpenLDAP data.
Domain: Shows the current selected domain. From the drop down you can pick any of the domains available to this administrative user account.
LDAP Settings
LDAP Admin ID. Displays the LDAP administrator ID for the e-mail domain. This information is auto-populated. The administrator ID cannot be an IMail user ID.
Password. Enter the LDAP administrator password.
398
IMail v12 Administrator Help
Confirm Password. Enter the password a second time to confirm the original password. The two password entries must match in order for the value to be saved. user IDs only that are stored in the Windows registry. First try synchronizing the LDAP database to resolve any problems. importation, we highly recommend that you change it as soon as possible after completing setting up LDAP.
Important: You can also use the iLDAP.exe utility (on page 401) to Init or Sync a specified
LDAP domain or all the LDAP domains. This utility can be used in the case when the Web
Administrator does not properly Init or Sync all the LDAP domains on a server. This issue sometimes occurs on servers running Microsoft Windows 2003 machines with over 30 domains.
LDAP Actions
Init LDAP (Initialize the LDAP database). Click to Initialize the LDAP database
created for the current e-mail domain by the LDAP server (on page 395).
Sync LDAP (Synchronize the LDAP database). Click to synchronize the LDAP database. Synchronizing removes multiple database entries, deletes old accounts, and adds new accounts.
Save. Click to save settings. An "Update Successful" message and the time of the update appear.
Related Topics
About LDAP Server (on page 395)
LDAP Service Settings (on page 396)
LDAP User Information (on page 172)
Populating the LDAP Database Using Ldaper.exe (on page 400)
Init & Sync LDAP DB - iLDAP.exe utility (on page 401)
LDAP Information
How to get here
Enter user information on the LDAP Information page. LDAP user information is published on the server and the information is made available to LDAP-enabled clients.
Domain Name (OHN). Displays the name of the specified user's domain.
399
IMail v12 Administrator Help
Userid. Displays the ID of the specified user.
The following information can be updated to the LDAP database for the specified user:
Full name
Organization
Department
Address
City
State
Postal Code
Country
Telephone
Related Topics
About LDAP Server (on page 395)
Setting IMail LDAP Options (on page 396)
Populating the LDAP Database Using Ldaper.exe (on page 400)
Populating the LDAP Database (ldaper.exe)
Ldaper.exe
populates the LDAP database with user properties for all users on a selected e-mail domain. This may be particularly helpful after you have added a large number of users
at once using the Adduser.exe utility (on page 440).
conversion occurs during installation. The conversion can take a lengthy amount of time depending on the number of domains to convert. If the LDAP data is not available after the upgrade, run the LDAP Convert utility to correct the issue. In the command line utility, type: ldaper /CONVERT /Y
Basic Command Syntax
ldaper [options]:
Ldaper.exe
supports the following command line options. Options can be prefixed with a hyphen or a forward slash.
400
IMail v12 Administrator Help
-GN
-SN
-S
-C
-ST
Option
-H
-U
-P
-CO
-Z
-T
-O
-OU
- CONVERT
Explanation
Host name
User ID
Password
First name
Last Name (Sur Name)
Street Address
City
State
Country
Postal Code
Telephone
Organization
Organizational Unit (Department)
Converts LDAP dbases prior to version 8.1 to the new OpenLDAP dbase schema
Required option with the CONVERT option
Keeps the LDAP service running
-Y
-LSTART
Related Topics
Init & Sync LDAP DB - iLDAP.exe utility (on page 401)
Adding Users Using Adduser.exe (on page 440)
Initializing and Synchronizing LDAP Databases (iLDAP.exe)
iLDAP.exe is a utility to Init or Sync a specified LDAP domain or all the LDAP domains. This utility can be used in the case when the Web Administrator does not properly Init or Sync all the LDAP domains on a server. This issue sometimes occurs on servers running Microsoft
Windows 2003 machines with over 30 domains.
Basic Command Syntax
iLdap -i|s[<domain>]
Where domain is the domain you want to Init or Sync. All the domains are initialized or synchronized if no domain is specified.
Command
-i
-s
Function
Initializes the specified LDAP database.
Synchronizes the specified LDAP database.
401
IMail v12 Administrator Help
Related Topics
Populating the LDAP Database Using Ldaper.exe (on page 400)
POP3
How to get here
Stopped), Start/Stop and Restart button appears. This allows you to Start, Stop, or Restart individual Services from your respective web pages, as well as from the Service
Administration page.
The POP3 Server lets any POP3 (Post Office Protocol, Version 3) mail client communicate with
IMail Server. Supported POP3 clients include Internet Explorer, Netscape Messenger or
Communicator, Eudora, Pegasus, NuPOP, Z-Mail, and UNIX mail.
POP3 clients use the "offline" method of accessing the mail server. Mail messages are delivered to the IMail Server system and the mail client periodically connects to the server and downloads the user's mail to the client system. Mail messages are automatically deleted from the server system. Therefore, mail messages are stored only temporarily on the mail server. This method of access is best suited to users who always read their mail from the same client system.
See Request for Comments (RFC) 1725 for a description of the POP3 protocol. the service.
Related Topics
POP3 - Control Access (on page 405)
POP3 Settings
How to get here
Stopped), Start/Stop and Restart button appears. This allows you to Start, Stop, or Restart individual Services from your respective web pages, as well as from the Service
Administration page.
402
IMail v12 Administrator Help
The POP3 Server lets any POP3 (Post Office Protocol, Version 3) mail client communicate with
IMail Server. Supported POP3 clients include Internet Explorer, Netscape Messenger or
Communicator, Eudora, Pegasus, NuPOP, Z-Mail, and UNIX mail.
POP3 clients use the "offline" method of accessing the mail server. Mail messages are delivered to the IMail Server system and the mail client periodically connects to the server and downloads the user's mail to the client system. Mail messages are automatically deleted from the server system. Therefore, mail messages are stored only temporarily on the mail server. This method of access is best suited to users who always read their mail from the same client system.
See Request for Comments (RFC) 1725 for a description of the POP3 protocol. the service.
POP3 Logging
Save Logs To. Choose one of the following from the list box.
No Log. (Set by Default) Select this option to turn off event logging.
SYSMMDD.TXT. Select to send event information to a file of this name, where MM is the month and DD is the day the log was written. This file is stored in the Spool directory.
Log Server. Select to send event information to the Log file indicated on the Logging tab.
Debug Messages. Select the check box to enable writing debug messages to the log file.
General Options
Use APOP. Select the check box to secure user authorization (password encryption).
For more information, see RFC 1939.
Enable XTND XMIT Command. Select the check box to enable the IMail Server to accept outbound mail sent via XTND XMIT. Clients such as WinQVT/Net require this functionality.
Allow Remote Password Change. Select the check box to enable internal commands that allow remote password changes with older mail clients (such as an older version of Eudora).
Auto Deny Possible Hack Attempts. Select the check box to enable a remote IP address to be temporarily denied access (Control Access file).
403
IMail v12 Administrator Help
command) the remote IP address is temporarily put in the Control Access file until you stop and restart the IMail service. This data appears to the IMail Server as an attempt to hack into
the server. The IP address is not displayed in the Control Access (on page 421) list, but it is
reported in the log file.
Account Harvesting Prevention
options. Changing an IMAP setting will also affect the POP3 setting.
Enable Session Security. (Turned on by default) Configurable session options for user authentication, allows the IMail Administrator to set the following session options.
Max Failed Logins Per Session. (Default set to 3) Once this setting has been reached by failed authentication attempts, the client will be disconnected.
Max Failed Sessions Per IP. (Default set to 9) After this setting has been met by disconnections from the failed authentication attempts, the client will be terminated and blacklisted.
Blacklist Duration (in Minutes). (Default set to 60) Length of time that the offending
IP will not be able to access the login page.
Tip: The Blacklist Duration is the length of time the IP address will be blocked and will remain in the Control Access list.
SSL Settings
Note: IMail Server uses OpenSSL Command Line Tool (v0.9.8e) which supports up to 4096-bit
RSA and 2048-bit DSA. OpenSSL is a cryptography toolkit implementing the Secure Sockets
Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them.
Enable SSL. Select the check box to enable a dedicated port that accepts only SSL- encrypted connections from the POP3 service. You can change the default port used by the SSL Listener in the SSL port box.
SSL Port. Enter the port used by the dedicated SSL Listener to accept connections.
Enable TLS. Select the check box to enable the POP3 service to accept SSL/TLS connections over the POP3 port through use of the STARTTLS command.
Advanced Options
When logging on to POP3, the service returns a welcome message that identifies the mail server version and vendor. You can use the POP3 Advanced options to change the service's
404
IMail v12 Administrator Help
welcome message; if for example, you wanted to hide the mail server version and vendor information.
Hello Message. Enter the text you want to be displayed in the POP3 service welcome message. The text is limited to 400 characters. If over 400 characters are entered, the default message is used. When APOP is enabled, if the message plus the timestamp exceed 400 characters, the message will be truncated. To revert back to the default message, clear this field. need to change these settings, be aware that they can change the operation of the server.
Save. Click to save your settings.
Related Topics
POP3 / IMAP - Control Access (on page 405)
POP3 / IMAP - Control Access
How to get here stop the service, wait 5-10 seconds and restart the service.
There are two ways to control who connects to this service. You can either grant access to everyone, except specific computers or subnets that you specify, or you can deny access to everyone, except specific computers or subnets that you specify.
Important: POP3 and IMAP both use and share the same Control Access settings.
ALLOW all computers to communicate with this server except. Select this option from the list box to grant access to specific computers or subnets. Click Add. A field with a cleared check box and an empty text box appears. Select the check box if you want to grant access to a single computer and enter its IP Address. If you want to grant access to a group of computers, select the check box and enter the IP address and Subnet Mask in the corresponding text boxes.
405
IMail v12 Administrator Help
DENY all computers from communicating with this server except. Select this option from the list box to deny access to specific computers or subnets. Click Add. A field with a cleared check box and an empty text box appears. Select the check box if you want to deny access to a single computer and enter its IP Address in the corresponding text box. If you want to deny access to a group of computers, select the check box and enter the IP address and Subnet Mask in the corresponding text boxes.
Control Access List
IP Addresses. This column lists the IP Address(es) of all computers either allowed or denied POP3 access.
Subnet Mask. This column lists the Subnet Mask(s) of all computer groups either allowed or denied POP3 access.
Never Expires. When added manually, this checkbox is set by default. Otherwise the expiration is controlled by the Blacklist duration setting.
Expires On. This expiration time is controlled by the Blacklist Duration setting fround on the POP3/IMAP Service page under Account Harvesting Prevention
Options.
Comments. Free format notes, for the IMail Administrator.
Attempts. Displays the actual attempts made by the offending listed IP Address. which radio setting is used (Deny All or Allow All) for the manual entries.
Add (on page 406). Click this button to add computers or computer groups you want
to be granted or denied access to the POP3 / IMAP service.
Edit (on page 406). Click this button to update an existing entry.
Delete. Click this button to delete selected computers or computer groups from the
Control Access list.
Save. Click to save your settings.
Add/Edit POP3 - IMAP Control Access
How to get here
Use the Access Control page to add or edit a single computer or group of computers to the
POP3 / IMAP Access Control List.
406
IMail v12 Administrator Help
Add a Single Computer. Select this option if you want to allow or deny access to a single computer. If you select this option, you may enter text into the IP address text box.
Add a Group of Computers. Select this option if you want to allow or deny access to a group of computers. If you select this option, you may enter text into the Subnet
Mask text box.
IP Address. Enter the IP address of a single computer that you want to allow or deny
POP3 / IMAP access.
Subnet Mask. Enter the subnet mask of the computer group that you want to allow or deny POP3 / IMAP access.
Expires. (Optional) Click the Calendar button to set an expiration date. Default is set to Never Expires.
--OR--
Never Expires. (Checked by Default) IP Address will never expire.
Comments. Free format notes, for the IMail Administrator.
Attempts. Displays the actual attempts made by the offending listed IP Address. which radio setting is used (Deny All or Allow All) for the manual entries.
Important: You must restart the POP3 and IMAP services for the changes to take effect.
Related Topics
POP3 / IMAP - Control Access (on page 405)
Queue Manager
The Queue Manager Service allows you to control the flow of messages through the mail queue. This service takes the place of SMTP32.exe, by delivering messages to both local and remote destinations. Although the SMTP32.exe program still exists, it simply informs the
Queue Manager when a message requires delivery.
Note: When sending mail, if a valid 1xx or 2xx response is not received when connecting, the
Queue Manager will roll to the next MX record.
The mail queue is also known as the spool is a directory that stores mail messages that are waiting for delivery. Files in the queue include incoming messages, outgoing messages, attachments, and error messages.
407
IMail v12 Administrator Help
The queue manager releases messages one at a time in the order that they were received.
Related Topics
Troubleshooting the Spool Directory (on page 412)
Daily Count Report - Queue Manager (on page 411)
Queue Manager Options
How to get here
Stopped), and a Start/Stop button appears. This allows you to Start or Stop individual
Services from your respective web pages, as well as from the Service Administration page.
The Queue Manager regulates the SMTP32 processes (or threads) so that the maximum number is not exceeded. This ensures that an attempt is made to deliver all messages and that delivery not be delayed by being bumped to a queue run delivery on heavily loaded systems. Files are processed according to priority, with files that have had no delivery attempt being first. Files that need to be retried are then processed based on the time that they were placed in the spool.
Disabling the Queue Manager may stop or delay mail delivery.
Delivery Threads. Enter the total number of delivery threads that can be used to deliver messages. Each thread processes one message at a time. This option is set to
30 by default; its minimum value is 5. Since each Queue Manager thread can deliver one message, if the option is set to 30, the Queue Manager can deliver 30 messages at a time. number of users who subscribe to list server mailing lists. If you do need to increase this value, you should do so in small increments, for, as you increase the number of SMTP processes, you increase the processing load on your mail server.
Max Retry Threads. Enter the maximum number of delivery threads that can be used simultaneously when the system retries to deliver messages in the queue. By default, this option is set to 15. The value for this option must be less than the number of Delivery Threads and cannot be less than 2.
408
IMail v12 Administrator Help
Listen Pipes. Enter the number of pipes that the queue manager opens in order to listen for files being dropped in the queue by other processes. This option is set to 4 by default. The minimum value for this option is 2 and the maximum is 20. The default value should be sufficient for most servers, but can be increased for better performance on busy servers. You must examine the log files to determine if you need to increase this number. If, prior to a queue run, you find log lines that say
"Adding Queue file XXX," this means that the Queue Manager has found files it was not notified of before. In this case, you should increase the number of listen pipes.
Retry Timer. Enter how often, in minutes, the Queue Manager will attempt to re-deliver messages that failed to be delivered on previous queue runs. This option works in conjunction with the Tries Before Return to Sender below. This option is set to 30 minutes by default. The minimum value for this option is 10; the maximum is
120.
Daily Report Address. Enter the e-mail address to which a Daily Count Report (on
page 411) will be sent. If no address is entered, no report will be sent. Through the
queue manager, IMail Server compiles and sends a daily report with detail server activity. These reports are sent once a day, 30 seconds after the date changes, to the e-mail address specified here.
Outgoing Helo/Ehlo Host Name. Enter the name you wish to use for outgoing communications with the recipient.
Tries Before Return to Sender. Enter the amount of times that delivery is attempted before returning the mail to the sender. Each time the Retry Timer reaches 0, a deliver attempt is made. We recommend leaving this at the default value of 20.
Example: If the Retry Timer is set to 30 (minutes) and the "Number of Tries" is set to 20
(default), then the message will be returned in about 10 hours. We recommend a value of 20.
Example: If the Retry Timer is set to 30 (minutes), and you want to attempt delivery for up to 3 days, then the "Number of Tries" box should contain 144.
Max Tries for NULL Senders. Enter the maximum number of times that IMail attempts to deliver a message that has no sender (including postmaster messages).
This value must be less than the value entered for Tries Before Return to Sender above. If the Tries Before Return to Sender value is less than the value entered here, the Max Tries for NULL Senders option is not enforced.
Delete After Max Tries. This will delete after Max Tries for NULL Senders criteria has been met.
Domain Name Server. Enter the IP address of the system that provides domain name service for your network. You can enter multiple names here, separated by a space. This option is required in order to send mail externally.
Auto Restart on Failure (recommended). Click this check box to enable SMTPD32 to check the status of the Queue Manager. If it is not running, SMTD32 attempts to restart it. The event is then written to the log file. The Queue Manager status is checked every 2 minutes. If, after two checks, the Queue Manager is not running,
IMail Server attempts to restart it. We recommend that you enable this option.
SMTP/Queue Manager Log Settings
Save Logs To. Select the file type from the drop down list, that you want to use for logging SMTP events:
409
IMail v12 Administrator Help
No Log. Selecting this option disables logging.
SYSMMDD.txt. Selecting this option causes all inbound and outbound mail to be logged in the file where MM is the month and DD is the day the log was written.
Log Server. Selecting this option causes messages to be sent to the log file specified on the Log Manager tab.
Debug Messages. Select the check box to write debug messages to the log file.
Verbose Logging. Select the check box to record more information than in standard logging. This can create very large log files; however, this can be helpful in troubleshooting problems.
DNS Caching
The DNS cache is an internal cache of positive DNS queries. The cached DNS response remains active for the length of time specified in the Time to Live (TTL) for the DNS record. and reusing positive queries.
Max DNS Entries. Enter the total number of entries allowed in the DNS cache. The
DNS cache is a first in, first out list, so the list is updated as new DNS queries are performed. We recommend that you enter a value of 200. However, you can enter any value between 5 and 5000.
Clear Cache. Click this button to clear the DNS cache in the Queue Manager. This is usually not required. When_to_Use.htm
Enable DNS Cache. Select this check box to enable the DNS cache.
Failed Domain Skipping Header
Failed Domain Skipping occurs when IMail Server tries to deliver a message but cannot connect to the domain. The domain is added to a list of failed domains (known as the Skip
List), and all recipients for that domain will be skipped for the amount of time entered as the
Skip Time. messages are destined for unreachable hosts.
Max Skip Tries. Enter the total number of entries allowed in the Skip List. This is a first in, first out list that is updated as new domains are added. We recommend entering a value of 500. However, you can enter any value between 5 and 5000.
Clear Skip List. Click this button to clear the current Skip List from memory.
Skip Time (minutes). Enter the amount of time, in minutes, that failed domains will remain in the Skip List before they are removed. Although we recommend 30, you can enter any value between 2 and 240 minutes.
Enable Domain Skipping. Select this check box to enable Failed Domain Skipping.
410
IMail v12 Administrator Help
Gateway Options
Remote Gateway Hostname. Enter the name of another domain to send mail to for further delivery, when that mail cannot be delivered directly to the destination host.
This can be used in conjunction with the Send All Remote Mail Through Gateway option, to force delivery of mail through the gateway host. Since IMail Server should be able to reach all hosts directly, this field should typically be blank.
Tries Before Send to Gateway. Enter the number of times that delivery directly to a remote host should be attempted before giving up and delivering to the gateway host. Proper function of this value is dependent on the validity of the Remote Mail
Gateway Host name and the Send All Remote Mail Through Gateway option.
Send All Remote Mail Through Gateway. Selecting this check box causes IMail
Server to send all mail to the Remote Mail Gateway Host above, which forwards it on to the addressee's mail host. If this option is not selected, IMail Server will send mail directly to the addressee's mail host.
Outbound SSL Connection Settings
Use SSL. Using SSL without Force SSL checked will attempt to use a TLS connection on port 25; if TLS is not supported then an attempt will be made to create an implicit
SSL connection on port 465. If a TLS connection or implicit connection cannot be made then the message is delivered normally on port 25.
Force SSL. This check box will attempt to use a TLS connection on port 25; if TLS is not supported then an attempt will be made to create an implicit SSL connection on port 465. If a TLS connection or implicit connection cannot be made then the message is not delivered. This method is useful for those who want to enforce a higher level of security.
Save. Click to save settings. A message at the top "Your changes have been saved" will confirm.
Queue Manager - Daily Count Report
Through the use of the Queue Manager, IMail Server has the ability to compile and send a
Daily Report that detail server activity. This report is sent once a day, 30 seconds after the date changes, to the e-mail address specified in the Daily Report Address text box located on the Queue Manager tab.
Performance Objects for IMail now exist for Perfmon utility.
IMail Objects
CTAS Spam Caught - Maintains a total ongoing count for Commtouch Anti-spam
CTAV Viruses Caught - Maintains a total ongoing count for Commtouch Anti-virus
CTZH Viruses Caught - Displays a total ongoing count for Commtouch Zero Hour.
SMTP Sessions Open - Displays the current sessions open for SMTP.
Daily Report Information
IMail Serial Number. XX-XXXXX-XXXXXXX.
Commtouch Anti-Spam License Days Left. Days left before expiration.
411
IMail v12 Administrator Help
Commtouch Anti-Virus License Days Left. Days left before expiration of updates.
Commtouch Zero-Hour Virus Protection License Days Left. Days left before expiration.
SpamContent. The number of statistical filtering matches.
SpamPhrase. The number of phrase filtering matches.
Virus. The number of viruses caught by IMail Anti-Virus.
LocalDeliver. The number of local deliveries.
RemoteDeliver. The number of remote deliveries.
SpamFeatures. The number of e-mails containing the selected HTML features.
SpamHREFDomain. The number of e-mails containing HTML links to one of the domains listed in the HREF domain blacklist.
Example Report
Date: Fri, 3 Jan 2003 08:50:47 -0500
Message-Id: <[email protected]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
From: "Postmaster" <[email protected]>
Sender: <[email protected]>
Subject: IMail Daily Report for Domain.Name
Commtouch Anti-Spam License Days Left 337
Commtouch Anti-Virus License Days Left 337
337 Commtouch Zero-Hour License Days Left
SpamContent 293
SpamPhrase 256
Virus 5
LocalDeliver 1281
RemoteDeliver 592
SpamFeatures 200
SpamHREFDomain 125
Troubleshooting the Spool Directory
Normally, IMail Server cleans up the .tmp and attached files as part of the delivery process.
However, if there is an SMTP failure during delivery, these files may not be deleted. You can
also run the Spool Cleaner utility (on page 114) (isplcln.exe) to delete old files.
A damaged or corrupt file in the queue can prevent mail from being received correctly. If you suspect that this is the cause of a problem you have, you can try moving all files from the
Spool directory to a temporary location (such as IMAIL\SPOOL\SAVE) and then see if you can
412
IMail v12 Administrator Help
receive mail. If you can receive mail, copy back pairs of files to the Spool directory and see if they get sent. Messages that are not sent may be damaged or corrupt files.
Related Topics
About the Spool Directory (Queue) (on page 112)
Beginning Character of Files in the Queue (on page 115)
File Extensions of Files in the Queue (on page 115)
SMTP
The SMTP service processes all incoming and outgoing messages. Outgoing mail is spooled until the SMTP server can confirm it has arrived at its destination. Incoming mail is spooled until users access it using POP3 or IMAP client. Spooling allows the transfer from client and server to occur in the background.
Related Topics
SMTP Control Access Options (on page 421)
SMTP Kill File Options (on page 422)
SMTP Accept List Options (on page 423)
SMTP Domain Forwarding (on page 425)
Supported SMTP RFCs (on page 427)
SMTP Service Options
How to get here
Stopped), Start/Stop and Restart button appears. This allows you to Start, Stop, or Restart individual Services from your respective web pages, as well as from the Service
Administration page.
413
IMail v12 Administrator Help
The SMTP Service processes all incoming and outgoing messages. Due to its openness, it is difficult to simultaneously block unwanted mail (spam) and keep your mail server available to its users. The following settings and options can be configured to help administer this protocol.
Important: After making changes, click Save, and restart the service.
General Options
Mail Relay Settings. Select one of the following from the drop down list:
No Mail Relay (Default setting). Selecting this option from the drop down list enables the SMTP server to refuse to accept mail destined for other hosts (any host not on the IMail Server), unless the user authenticates. Select this option if all of your users send and receive mail from the same host that IMail Server is on, or if they use web messaging to access mail. You will still receive mail for local users because a message destined for or originating from the IMail Server host does not use the relay function.
Relay Mail for Addresses. Select this option from the drop down list to allow the
SMTP server to transmit mail originating from local addresses and destined for other hosts. Likewise, the server will accept mail from other hosts that is destined for specified local addresses.
Addresses. This button is enabled when Relay Mail for Addresses is selected.
Click the Addresses button. The Relay Mail for Addresses (on page 419) page
appears.
Important: DomainKeys / DKIM Signature Verification will not be processed when an
address exists in the "Relay Mail for Addresses (on page 413)".
Relay for Local Users Only. Select this option from the drop down list to check the
"From" address of incoming mail and verify that it contains a valid IMail Server host name, then checks the host for the user ID. accept the named remote hosts and users as "local" hosts and users. If a user needs to use an alias for his/her e-mail address, the alias needs to be in the accept.txt file. You cannot use this option if you are using a "store and forward" setup to relay mail for another server. The accept.txt file is only used when the SMTP Relay Setting is set to Relay for Local.
Relay for Local Hosts Only. Select this option from the drop down list to check the
"From" address of incoming mail to determine that it contains a valid IMail Server host name, then checks that host for the user ID. It does not check user aliases. If the host name or User ID is not valid, the server does not relay mail.
414
IMail v12 Administrator Help
accept the named remote hosts and users as "local" hosts and users. If a user needs to use an alias for their e-mail address, the alias needs to be in the accept.txt file. You cannot use this option if you are using a "store and forward" setup to relay mail for another server. the accept.txt file is only used when the SMTP Relay Setting is set to Relay for Local.
Relay Mail for Anyone. Select this option from the drop down list to allow the SMTP server to accept mail from any host that is destined for any other host, and redeliver that mail (i.e. become a mail gateway). This option is the least secure because it allows your server to be used by anyone to send mail to anyone. Some bulk mailers may take advantage of this capability to not only relay mail through your server, but to make it appear as if mail is originating from your server.
open relay. To remedy this, you should choose to Relay Mail for Addresses. (on page 419)
SMTP/Queue Manager Log Settings
Save Logs To. Select the file type from the drop down list, that you want to use for logging SMTP events:
No Log. Selecting this option disables logging.
SYSMMDD.txt. Selecting this option causes all inbound and outbound mail to be logged in the file where MM is the month and DD is the day the log was written.
Log Server. Selecting this option causes messages to be sent to the log file specified on the Log Manager tab.
Debug Messages. Select the check box to write debug messages to the log file.
Verbose Logging. Select the check box to record more information than in standard logging. This can create very large log files; however, this can be helpful in troubleshooting problems.
SSL Settings
Important! Enabling SSL or TLS will only accept SSL and TLS connections. This will not initiate SSL and TLS connections.
Note: IMail Server uses OpenSSL Command Line Tool (v0.9.8e) which supports up to 4096-bit
RSA and 2048-bit DSA. OpenSSL is a cryptography toolkit implementing the Secure Sockets
Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them.
Enable SSL. Select the check box to enable a dedicated port that accepts only SSL- encrypted connections from the SMTP service. You can change the default port used by the SSL Listener in the SSL port box.
SSL Port. Enter the port used by the dedicated SSL Listener to accept connections.
The default SMTP SSL port is 465; the valid range is from 1 - 32,000.
415
IMail v12 Administrator Help
Enable TLS. Select the check box to enable the SMTP service to accept SSL/TLS connections over the SMTP port through use of the STARTTLS command.
Dictionary Attack Options
Max Invalid Recipients Per Session. Enter the maximum number of invalid recipients the server will accept before the session is dropped. An invalid recipient is an addressee that is not valid for that server when the client issues a RCPT to command.
Soft Error Limits. Enter the number of errors that may occur on a session before error responses are delayed.
Hard Error Limits. Enter the amount of errors that may occur on a session before the session is dropped and the IP address is added to the Control Access table.
Minutes to Deny Access. Enter the number of minutes to deny a sender access after a session is dropped.
Error Delay Seconds. Enter the amount of time in seconds to delay error responses in the Soft Error Limits scenario.
Example of an error response:
'[email protected]' on 7/6/2005 11:59 AM
550 Connection denied after dictionary attack
Security Options
Copy to Mail Address. Enter the full e-mail address to which you want to send a copy of each message. This option will not function unless the Enable Copy All Mail check box is selected.
Enable Copy All Mail. Select this check box to enable copying of all mail.
Allow Remote Mail to Local Groups. Select this check box to allow the SMTP server to accept mail addressed to a group that has been defined using IMail Administrator.
The SMTP server re-sends the message to users in the group. Use this option to set access to local mail groups (Local groups are aliases of type Group) on the mail server.
Note: This option does not affect list-server mailing lists, standard aliases, or program aliases.
Check Valid Sender. Select this check box to require that the user's mail address
(user@host) is specified in the MAIL FROM or REPLY-TO line of an incoming mail message.
Auto Deny Possible Hack Attempts. (Set by default) When checked it will assume that sending more than 512 characters in a command other than the SMTP DATA command is an attempt to "hack" into your server. The remote IP address will be temporarily placed into the "deny access" (Control Access) file, until the services are restarted.
416
IMail v12 Administrator Help
Auto Deny with the use of extended SMTP will allow 1600 characters in a command other than the SMTP DATA command.
Warning: Sending between 512 and 1600 characters in a command will drop the connection. Over 1600 characters will be denied. file.
Disable SMTP "VRFY" Command. Select this check box to deny a remote host to test for valid user IDs. The SMTP VRFY command is used to verify a user ID on a host, and as such it can be used from a remote host to test for valid user IDs. Disabling the command helps prevent "spoofing" by not allowing someone outside your network to check if a user ID is valid.
If you select this option when IMail Server receives an SMTP VRFY request, it returns the message:
502 Command not implemented.
If you disable the SMTP VRFY command, when IMail Server receives an SMTP VRFY request, it will return the message: 502 Command not implemented needs to use this command to verify a user that is on the other peer. See Setting Up Peering
(on page 271) for more information.
Require CRAM-MD5 Authentication. This setting when set will force encryption authentication when logging in to SMTP services.
Note: CRAM-MD5 Authentication only functions when using an IMail User Database.
CRAM-MD5 Authentication is currently not supported for user databases with Active
Directory or ODBC.
Advanced Options
need to change these settings, be aware that they can change the operation of the server.
Max Recipients Per Message. Enter the maximum number of addresses that can receive a single message. The default is 0.
Note: Max Recipients Per Message option does not apply to authenticated users.
Delay Between Recipients. Sets a delay (Milliseconds), between message recipients, for relayed external mail. This prevents spammers from consuming all of the CPU time. However, the setting slows mail server performance. The default is 0.
417
IMail v12 Administrator Help
Host Delimiters. To change the default characters, enter the character(s) to use to delimit the host name. Each character is seen by IMail Server as equivalent to the @ in e-mail addresses. Any of the defaults can be used between the user ID and the virtual host name in the POP3 or IMAP4 login user ID. By default, the characters used are: @
% * : $ and &.
Important: Be sure to restart IIS (host delimiters are cached for web services), SMTP, and
Queue Manager Services.
Mailbox Delimiter. Enter the character that will be used to delimit the mailbox name in a user ID. If nothing is entered, the default delimiter is - (dash).
Max Connections. Enter the maximum number of connections handled by the SMTP
Service. Use the default of 0 (zero) for an unlimited number of connections.
Port. Enter the port that the SMTP service listens on. The default SMTP port is 25. The valid range is from 0-32000.
Hello Message. To change the SMTP service welcome message, enter the new message in this text box. The text is limited to 400 characters or less. If over 400 characters are entered, the default message is used. To revert to the default message, delete the custom message text from the Hello Message box.
Delivery application. To replace the mail delivery application with an external program, enter the full pathname of the file in this text box.
Enable Extra Port. Select to enable an extra port.
Extra Port. If you've chosen to enable an extra port, enter its number here.
Force AUTH on Extra Port. Select this check box to force SMTP authorization on an extra configured port.
Disable SMTP AUTH. Select this check box to disable SMTP authentication. SMTP
Auth provides a means of authenticating the user ID and password of a user sending mail. This is handled transparently by the mail server and client. When the mail client connects to the mail server, the server tells the client the authorization methods it can use. The client then sends the user ID and password to the server and the server verifies them. If a user issues the AUTH command when Disable SMTP AUTH is selected, SMTPD responds with the "502 command not implemented" message.
Enable SMTP to Listen on All IP. Select this check box if you want to have IMail
Server listen on all available IP addresses and configured ports on the server.
Save. Click to save your settings.
Related Topics
418
IMail v12 Administrator Help
SMTP Delivery Application Utility (on page 463)
Supported SMTP RFCs (on page 427)
Relaying Mail for Addresses
How to get here
You can specify the IP address or range of hosts and subnets that you want to relay mail for.
IMail Server considers these addresses to be local. If mail is received from any of the specified addresses, IMail Server will accept the mail that is destined for other hosts. Likewise, IMail
Server will accept mail from other hosts that is destined for the specified addresses.
Important: DomainKeys / DKIM Signature Verification will not be processed when an
address exists in the "Relay Mail for Addresses (on page 413)".
Allow these addresses to skip AntiSpam filters. Select this option to exempt these addresses from undergoing any spam tests.
IP Addresses. This column displays the IP addresses for which you want to relay mail.
Click the IP address link to edit the relay address. The Edit Relay Address (on page 420)
page appears.
Subnet Mask. This column displays the range of hosts and subnets for which you want to relay mail.
Add. Click to Add Relay IP Addresses. The Add Relay Address (on page 419) page
appears.
Delete. Click this button after selecting the check box to the left of the IP address you wish to delete.
Save. Click to save your settings. An "Update Successful" message and the time of the update appears.
Related Topics
Adding Relay Addresses
How to get here
Use this page to add a single computer or group of computers to treat as local to the IMail
Server.
419
IMail v12 Administrator Help
Add a single computer. Click to add a single computer to treat as local to the IMail
Server.
Add a group of computers. Click to add a group of computers to treat as local. The subnet mask appears automatically in the Subnet Mask field, below.
Example:
If you have a class C address space of 156.21.50.0, enter the (group) IP address of
156.21.50.0 in the IP Address text box, and if it is not automatically entered, 255.255.255.0 in the Subnet Mask text box. This will allow all 254 systems to be considered the same as the local system and they can use the mail server to send mail, without having to enter each IP address individually.
IP Address. Enter the IP address to add a single computer to treat as local to the IMail
Server.
Subnet Mask. Enter the subnet mask for the group to be considered local.
Save. Click to save your settings. An "Update Successful" message and the time of the update appears.
Cancel. Click Cancel to not save any changes. The settings will remain the same.
Related Topics
Relay Mail for Addresses. (on page 419)
Editing Relay Address
How to get here
Use this page to edit a single computer or group of computers considered as local to the IMail
Server.
Single Computer. Click to edit a single computer to treat as local to the IMail Server.
Your cursor appears in the IP Address text box.
Group of Computers. Click to edit a group of computers to treat as local. Your cursor appears in the Subnet Mask text box.
IP Address. Edit the IP address for a single computer considered as local to the IMail
Server.
Subnet Mask. Edit the subnet mask for the group considered as local to the IMail
Server.
Save. Click to save your settings. An "Update Successful" message and the time of the update appears.
Cancel. Click Cancel to not save any changes. The settings will remain the same.
420
IMail v12 Administrator Help
Related Topics
Relay Mail for Addresses. (on page 419)
DomainKey Relay For Addresses Note
Important: DomainKeys / DKIM Signature Verification will not be processed when an
address exists in the "Relay Mail for Addresses (on page 413)".
SMTP Control Access Settings
How to get here effect. To do this, click the Services > SMTP Tab to navigate to the SMTP Settings page.
Click the Restart button.
There are two ways to control who connects to this service. You can either grant access to everyone, except specific computers or subnets that you specify, or you can deny access to everyone, except specific computers or subnets that you specify.
DENY all computers from communicating with this server except. Select this option from the list drop-down box to allow access to specific computers or subnets.
Click Add, will bring up a pop-up window with options for entering a single computer's IP address to allow access or a group of computer IP address' and Subnet
Mask.
ALLOW all computers to communicate with this server except. Select this option from the list drop-down box to deny access to specific computers or subnets. Clicking
Add, will bring up a pop-up window with options for entering a single computer's IP address to deny access or a group of computer's IP address and Subnet Mask.
IP Address List
IP Addresses. IP address(es) of a single or group of computers that are being allowed or denied SMTP access.
Net Mask. Subnet mask of the computer group being allowed or denied SMTP access.
Expires. Date the IP Address will expire and no longer be on the control access list.
Comments. Space for IMail Administrator to enter comments pertaining to IP
Address entered.
Add (on page 422). Click this button to add computers or computer groups you want to
grant or deny access to the SMTP service.
421
IMail v12 Administrator Help
Edit. Click this button after selecting an IP address to modify in the Control Access list.
Delete. Click this button after selecting an IP address to delete from the Control Access list.
Related Topic
Add / Edit the SMTP Control Access (on page 422)
Add/Edit SMTP Access Control
How to get here
Use the Access Control Add page to add a single computer or group of computers to the
Access Control List.
Add a Single Computer. Select this option if you want to allow or deny access to a single computer. If you select this option, you may enter text into the IP address text box.
Add a Group of Computers. Select this option if you want to allow or deny access to a group of computers. If you select this option, you may enter text into the Subnet
Mask text box.
IP Address/Range. Enter the IP address of a single computer that you want to allow or deny SMTP access.
Net Mask. Enter the subnet mask of the computer group that you want to allow or deny SMTP access.
Expires. (Optional) Click the Calendar button to set an expiration date. Default is set to Never Expires.
--OR--
Never Expires. (Checked by Default) IP Address will never expire.
SMTP Kill File
How to get here
The SMTP server uses the Kill File to deny access to the IMail Server. It allows you to specify mail addresses or hosts from which you do not want to accept mail.
IMail Server checks the incoming message's "Mail From" user@host> line in the SMTP envelope. When it receives mail from an address listed in the kill file, IMail Server returns the message: 501 unacceptable mail address
Existing Entries in the Kill File. To add, delete, or edit an entry, place your cursor in the text box, and modify as necessary, all addresses from which you do not want to accept mail.
Save. Click this button to save your entries or changes.
422
IMail v12 Administrator Help
Related Topic
SMTP Kill File Examples (on page 423)
SMTP Kill file Examples
The kill.lst file is used by the SMTP server to deny access to the mail server. It allows you to specify mail addresses or mail hosts that you do not want to accept mail from. The kill.lst file is located in the IMail top directory and applies to the primary host and all virtual hosts. To create or edit the kill file, click the Edit kill file button. The kill.lst file appears in Windows
Notepad, or if no kill.lst file exists, one will be created.
Adding Entries
In the KILL.LST file, enter one entry per line in either of the following formats: userid@host
Examples:
To deny access from a user mail account
To deny access to all users from the mail host widget.com
@widget.com
@*partialhost
The following will reject all mail mail from widget.com, bluewidget.com, and nifty.widget.com.
@*widget.com
SMTP Accept List
How to get here
The Accept List lets you name remote hosts and users that you want the IMail Server to accept as local hosts and users.
Note: SMTP Accept List will only function correctly with settings for Relay for Local Users, and
Relay for Local Hosts.
423
IMail v12 Administrator Help
Existing Entries in the Accept File. To add, delete, or edit an entry, place your cursor in the text box and modify as necessary all addresses from which you want to accept mail. ignoring any E-mail addresses. Using Relay For Local Users Only will relay only User names in the Accept List, ignoring any Host name entries.
Save. Click this button to save your entries or changes.
Related Topics
SMTP Accept List Examples (on page 424)
SMTP Accept List Examples
The accept.txt file lets you name remote hosts and users that you want the IMail Server to accept as "local" hosts and users. IMail Server does this by checking the "from" address in the
SMTP conversation and comparing it against the entries in the accept.txt file.
Adding Entries
Enter one IP address, host name, or user per line. Do not use spaces or punctuation.
Examples:
To enter hosts:
mail1.acme.com
mail5.foo.com
To enter users:
The Accept List must have an exact match for the respective host or e-mail address. It does not accept wild cards or partial matches.
SMTP White List
How to get here.
Use the SMTP White List page to create a list of IP addresses and ranges that are trusted.
424
IMail v12 Administrator Help
IP Addresses. This column lists the trusted IP addresses.
Net Mask. This column lists trusted ranges of IP addresses.
Add. Click the button to add an IP address or range of IP addresses to the SMTP White List.
Edit. Select an IP address to modify and click Edit.
Delete. Click this button after selecting an IP address to delete from the SMTP White List. the Services > SMTP Tab to navigate to the SMTP Settings page. Click the Restart button.
SMTP Domain Forwarding
How to get here
Domain Forwarding will redirect all outgoing e-mail sent to a specific domain name to another IP Address. The Domain Forwarding page maintains all domain names that are to be forwarded in a binary file called "domfwd.dfw" which is located under the
"..\IMail" folder.
Note: Domain Forwarding ignores e-mail sent for local delivery.
Domain Name. This column lists domains to be forwarded
IP Address. This column lists the IP address to forward to.
Add. Click the button to add a Domain Name to be forwarded.
Delete. Click this button to delete Domain Name
Example 1:
"domain.com"
is setup to be forwarded to "
192.168.1.1". A ll e-mail going to
"domain.com"
will be redirected to its corresponding user with the same domain name but on "192.168.1.1". So, an e-mail addressed to: [email protected] would be re-routed to [email protected] at 192.168.1.1.
Domain Name IP Address
domain.com 192.168.1.1
Example 2:
425
IMail v12 Administrator Help
Administrator would like to forward e-mail to a faxing service. Domain Forwarding can be set where the domain name is in the format of
"phonenumber.domain.com"
and the IP Address is the Faxing Service. E-mail received by the faxing service, extracts the phone number and uses it for the fax machine. Using a wild card to capture the phone number, Domain
Forwarding would be as follows:
Domain Name IP Address
*.domain.name 192.168.2.2
Important: Wild card will only work at the beginning of the domain name.
Wild Card Examples:
*.domain.com
*wolf.domain.com wolf.*.com wolf*.com were*wolf.com
Related Topics
Adding to Domain Forwarding (on page 426)
Editing Domain Forwarding (on page 427)
Valid usages of wildcard
Invalid usages of wildcard
Adding to Domain Forwarding
How to get here
Use the Domain Forwarding page to redirect all outgoing e-mail sent to a specific domain name to another IP Address.
Domain Forwarding generates a binary file ("..\IMail\domfwd.dfw") containing domain names that are to be forwarded.
Domain Name. Enter add a domain name to be redirected.
IP Address. Enter the IP address that the stated domain will be redirected.
426
IMail v12 Administrator Help
Save. Click Save to save above settings to Domain Forwarding list.
Cancel. Click Cancel to return to Domain Forwarding page without saving.
Important: Wild card capability will only work at the beginning of the domain name.
Examples:
*.domain.com
*wolf.domain.com wolf.*.com wolf*.com were*wolf.com
Valid usages of wild card
Invalid usages of wild card
Editing Domain Forwarding
How to get here
Clicking on a Domain Name or IP Address link will allow modification to Edit the following:
Domain Name. Use this text box to change the domain name to be forwarded.
IP Address. Use this text box to change the forwarding IP address for stated domain. the Services > SMTP Tab to navigate to the SMTP Settings page. Click the Restart button.
Save. Click Save after you have made your changes. Then restart the SMTP service as mentioned above.
Cancel. Click Cancel to not save any changes and return to Domain Forwarding page.
Supported SMTP RFCs
The SMTP Server supports the following Request for Comments (RFCs):
RFC 2821 and 2822 SMTP
RFC 1869 SMTP Service Extensions
RFC 1870 SMTP Service Extensions for Message Size Declaration
RFC 1891,1892,1893,1894 SMTP Service Extension for Delivery Status Notifications
427
IMail v12 Administrator Help
RFC 1985 SMTP Service Extension for Remote Message Queue Starting. Currently,
IMail provides support for "ETRN host.name" and "ETRN @domain .name."
RFC 2222 SMTP Service Extension for Authentication. IMail supports PLAIN, LOGIN, and CRAM-MD5.
RFC 2487 supports TLS negotiation via the STARTTLS command.
428
Download
Public link updated
The public link to your chat has been updated. You may view and manage your chat links after registration here.
Document public link
Advertisement
Key features
Anti-spam and anti-virus protection
Secure email delivery
Easy-to-use administration tools
Scalable and reliable
Comprehensive email management
LDAP integration
Collaboration features
Real-time blacklists and whitelists
Support for multiple email protocols
Frequently asked questions
The installation process is described in Chapter 2 of this manual. It involves downloading the software, running the installer, and configuring the server settings.
The system requirements for IMail Server v12 are listed in Chapter 1 of this manual. They include the operating system, hardware specifications, and other software dependencies.
You can create user mail accounts using the IMail Administrator interface. The process is described in Chapter 4 of this manual.
The anti-spam and anti-virus settings are configurable through the IMail Administrator interface. You can find detailed instructions in Chapters 7 and 8 of this manual.
You can manage your email domains using the IMail Administrator interface. You can add, delete, modify and configure domains as per your needs. Chapter 3 of this manual provides details on domain configuration.
IMail Server v12 provides a detailed logging system that can be used to track system activity and troubleshoot issues. Chapter 11 of this user manual provides comprehensive information on logging options and capabilities.
