Email Server

From Sector Alpha Wiki
Revision as of 19:44, 7 August 2013 by Staircase (talk | contribs) (Server Setup for Admins)
Jump to: navigation, search

User Settings for Sector Alpha's email servers

Inbound Server Settings

We have a few options for settings that can be used so I have formatted them as a table

Protocol IMAP POP3
Server Address sector-alpha.net (or alessa.sector-alpha.net)
Port 143 993 110 995
Encryption StartTLS SSL/TLS StartTLS SSL/TLS
Username Your full email address e.g. username@sector-alpha.net
Password Your email password (see #Webmail to change)
Authentication Method Normal password (PLAIN)

NOTE: The email certificate is currently self signed

A unencrypted connection can be made for ports 143 and 110 but authentication isn't available until a secure connection is established and therefore neither is access to emails.

Outbound Email Settings

SMTP settings are

Server Address sector-alpha.net (or alessa.sector-alpha.net)
Port 25 6669
Encryption StartTLS
Username Your full email address e.g. username@sector-alpha.net
Password Your email password (see #Webmail to change)
Authentication Method Normal password (PLAIN)
Standard SMTP port Extra port to allow access if port 25 is blocked

NOTE: The email certificate is currently self signed

I may be persuadable to enable submission (port 587) or the historic SMPTS (SMTP over SSL/TLS, port 465) but will need a good reason. Please talk to a server admin.

Both ports are unencrypted connections to start with that don't allow authentication.

  • The server will accept email for local targets without authentication or encryption
  • If StartTLS is used the connection is encrypted and then authentication becomes available and the server can be used to relay emails.
    • Authenticated users can send emails with any from address and to any address but an invisible header is added to mark which user was authenticated to the server

Webmail

We run a webmail client at https://alessa.sector-alpha.net/webmail/. To login use your full email address and email password.

There is also the facility to change your password on the webmail client.

NOTE: The server certificate is currently self signed

Anti-Span/Virus settings

We have anti-spam and anti-virus on inbound emails using SpamAssassin and ClamAV. ClamAV is regularly updated. We also run a shared Bayes filter for SpamAssassin. To teach spam and ham (not spam) messages to the filter create folders called Learn/Spam and Learn/Ham (case sensitive) in your imap Inbox and place emails in them. Spam emails will be automatically deleted after learning. Ham will be left for you to remove at a later point. The filter learns at 3:23 Europe/London. If you have any problems please talk to a server admin.

Advanced Features

If you don't want a seperate email account we can instead setup the server to forward emails to another (external or internal) address. Our email server also has options to forward "tagged" emails to specific folders in your inbox. For either of these options please talk to a server admin.

Server Setup for Admins

For terms see https://en.wikipedia.org/wiki/Message_transfer_agent

Our setup is based off of Postfix as the MTA/MSA and Courier as the MUA, with virtual user accounts stored in a special designated user account. The user accounts are stored in a MySQL database.

Advanced Features

We have a feature called "sub accounts" that allows address of the form username-tag@domain to go to a configured subfolder in the username@domain accounts Inbox. This currently has to be configured directly in the DB but will be included in any administration tool developed

The columns want:

  1. the email address of the account - e.g. username@domain
  2. the tag portion (without - ) - e.g. tag
  3. the folder within the accounts inbox to place the email in - e.g. folder.subfolder (no initial . is required as it is added automatically)

To Migrate the Server

  1. Shutdown Postfix and Courier
  2. Shutdown AmavisNew, ClamAV and SpamAssassin
  3. Shutdown MySQL
  4. Copy MySQL data and settings to new server
  5. Reactivate MySQL
  6. Copy AmavisNew, ClamAC and SpamAssasin settings
    • Make sure to remember the bayes DB and learning script
  7. Copy Mail folders over
  8. Copy Postfix and Courier settings
    • Make sure to update if DB or vmail user details have changed
    • Make sure to copy the PAM settings for Postfix and Courier over
  9. Reactivate Postfix and check emails are being delivered
  10. Reactivate Courier and check can be accessed
  11. Only now update DNS if required