Applicable Plans - eApps Cloud Hosting Plans (eApps templates only)

User Guide - Managing E-mail

Overview

Using the Control Panel, you can configure and manage e-mail accounts on your Virtual Machine. You can add e-mail addresses, set up mail forwarding, and also make changes to existing mail users. You can also set up your Virtual Machine to listen for incoming mail on alternate ports, and to use SMTP AUTH for mail delivery if needed.

The Virtual Machine uses the Sendmail mail server to send and receive e-mail. Most estimates show that almost 30% of the mail servers on the Internet run Sendmail. The Virtual Machine also includes the Dovecot POP and IMAP server, a popular and secure open source e-mail server for UNIX and Linux systems.

Creating and Managing Mailboxes (e-mail addresses)
Create User Mailboxes
Editing User Mailboxes

Configuring Mail Forwarding
Mail Forwarding for an existing user
Mail Forwarding for a specific e-mail address

Mail Server Configuration
Domain Configuration
Alternate Port Configuration

Mail Server Security
POP before SMTP Authentication
SMTP Authentication (SMTP AUTH)

Links to other information

Creating and Managing Mailboxes (e-mail addresses)

Create User Mailboxes

To create a user mailbox, go to the Control Panel > System > Mail Management, and click on Create User Mailboxes.

This takes you to the Add a mailbox screen.

Add Mailbox

• E-mail - in the text box, enter the user name of the e-mail address, also called the local-part of the address, meaning the part before the @ sign. A maximum of 64 characters are allowed in the local-part.
  
  In theory, the local-part of the e-mail address can contain:

  • Uppercase and lowercase English letters (a–z, A–Z)
  • Digits 0 to 9
  • Special characters ! # $ % & ’ * + - / = ? ^ _ ` { | } ~
  • The character . (dot, period) as long as it is not the first or last character, and provided also that it does not appear two or more times consecutively (e.g. john..doe@eapps-example.com)

  In reality, not all mail servers will accept the full range of allowed characters. For best results across all mail servers, stay with lower case letters and the numbers 0 - 9 as the local-part of the e-mail address.

   
  From the drop down list, select either “Multiple Domains” or one of the domain names associated with the Virtual Machine. These are the domains that were added when you created web sites for the domains. If you have domains associated with the VM that do not have corresponding web sites, you will need to add those domains manually to Local Domains (CW) in the main Sendmail Mail Server configuration screen. See the Domain Configuration section for more information.

   
  There are some differences between a user@Multiple Domains e-mail address and a user@example.com e-mail address:

  user@Multiple Domains

  • Can receive e-mail for any domain on the VM as user@example.com, user@example.net, etc
  • Can use SMTP Authentication instead of POP before SMTP Authentication (SMTP Authentication is necessary to use Domain keys)
  • There can only be one e-mail address with the local-part user name on the Virtual Machine

  The inbox for a user@Multiple Domains e-mail user is located at /var/spool/mail/username

  user@example.com

  • Can only receive e-mail for their specific domain
  • Can only use POP before SMTP authentication
  • There can be multiple e-mail addresses with the same local-part user name, as long as they all have different domain parts

   

  The inbox for a user@example.com e-mail user is located at /var/spool/vmail/example.com/mail/username

• Password - enter a password for the mailbox. The Virtual Machine uses a program called cracklib that will require all passwords to be a minimum of six (6) characters, with at least one special character, such as !@#$%. This feature is mandatory, and will not be disabled.

• Re-Type Password - retype the password to confirm

Editing User Mailboxes

To view and edit the mail boxes created on the Virtual Machine, click on User Mailboxes in the main Sendmail Mail Server screen.

This takes you to the List mailboxes screen.

This shows all the current mailboxes on the Virtual Machine, their size, and their status. From this screen you can Edit the mailboxes, Remove them, or change the Password.

In Edit, you can disable the mail box, and also set up a Copy/Forward To rule to another e-mail address, a list of addresses in a file, and more. You can also Delete the e-mail address.

Clicking on Remove will allow you remove the mailbox - including all the e-mail in that mailbox. You will be asked to confirm that you wish to remove the mailbox.

You can change the password for the mailbox in the Password screen. Remember that the password has to be a minimum of six (6) characters and pass the cracklib verification.

Configuring Mail Forwarding

There are two kinds of Mail Forwarding that can be set up: for an existing e-mail address that is forwarded to another address, or for an e-mail address that isn’t associated with any user to an actual e-mail address (or addresses).

An example of the first type of mail forwarding would be where you have a user that was on leave or going to be unavailable for some reason, so you forward all their e-mails to another user or users. This is covered in the section Mail forwarding for an existing user.

An example of the second type of mail forwarding would be if several people needed to get e-mails sent to a specific address. For example, if all e-mails to sales@eapps-example.com needed to be seen by multiple people, you would use this kind of forwarding instead of creating an actual sales user and mailbox. This is covered in the section Mail forwarding for a specific e-mail address.

Mail Forwarding for an existing user

To set up mail forwarding for an existing user, click on User Mailboxes in the main Sendmail Mail Server configuration screen. This takes you to the List mailboxes screen.

Select the mailbox that you wish to forward, and select Edit. This takes you to the Edit Mailbox screen.

In the Copy/Forward To section, select the appropriate action from the drop down list. The first option of Email Address is the most common approach. Several options are only applicable if you are doing something programmatically with the e-mail being forwarded.

• Email Address - the e-mail will be forwarded to the e-mail address you enter in the text field.

• Addresses in file - the e-mail will be forwarded to all the e-mail addresses in the file whose absolute path is entered in the text field. The file must be plain text, and each e-mail address in the file must be on a separate line.

• Write to file - the full text of the e-mail, including all header information, will be written to file whose absolute path is entered in the text field.

• Feed to program - the full text of the e-mail, including all header information, will be piped to the program whose absolute path is entered in text field, along will any program parameters. This program is usually a custom application that processes or filters the e-mail information.

• Autoreply from file - e-mail sent to the source address will be replied to with the contents of the file whose absolute path is specified in the text field.

• Apply filter file - e-mail sent to the source address will be processed using the rules in the filter file whose absolute path is specified in the text field.

Click Save to add the Mail Forwarding rule. The forwarding rule is now active. To disable the forwarding rule, come back to this screen and set the value in the Copy/Forward To menu to None.

Mail Forwarding for a specific e-mail address

To set up mail forwarding for a specific address, click on Create Mail Forwarding Rule in the main Sendmail Mail Server configuration screen. This takes you to the Add a forwarding rule screen.

Add Mail Forwarding Rule

• E-Mail - add the user (local-part) of the source e-mail address in the text box, and select either “Multiple Domains” or a specific domain from the drop down list. This is the address that the e-mail will be sent to. To use the previous example, this would be sales@eapps-example.com.

Once you have entered the e-mail address, click on Create.

This takes you to the Edit Forwarding Rule screen.

Edit Forwarding Rule

• Forwarding Rule Name - this is the source e-mail address that the e-mail will be sent to.

• Enabled? - set to Yes (the default) to enable the forwarding rule, or No to disable the rule.

• Forward To - select the appropriate action from the drop down list. The first two options: Email Address or Addresses in file are the most common options.

  • Email Address - the e-mail will be forwarded to the e-mail address you enter in the text field.

  • Addresses in file - the e-mail will be forwarded to all the e-mail addresses in the file whose absolute path is entered in the text field. The file must be plain text, and each e-mail address in the file must be on a separate line.

  • Write to file - the full text of the e-mail, including all header information, will be written to file whose absolute path is entered in the text field.

  • Feed to program - the full text of the e-mail, including all header information, will be piped to the program whose absolute path is entered in text field, along will any program parameters. This program is usually a custom application that processes or filters the e-mail information.

  • Autoreply from file - e-mail sent to the source address will be replied to with the contents of the file whose absolute path is specified in the text field.

  • Apply filter file - e-mail sent to the source address will be processed using the rules in the filter file whose absolute path is specified in the text field.

Click Save to add the Mail Forwarding rule. The forwarding rule is now active.

Mail Server Configuration

For advanced users, the Control Panel also provides GUI access to the Sendmail server, but please be very sure that you know exactly what you are doing and why before making any changes to the core Sendmail configuration. Sendmail is a very complex and arcane application. The definitive reference work, O’Reilly’s sendmail, Fourth Edition, is 1312 pages long. The master Sendmail configuration file, sendmail.cf, is 1852 lines long, and requires a special macro language in order to make changes to it. In other words, do not make changes to the core functionality of Sendmail unless you know exactly what you are doing.

However, there are several supported configuration changes you can make to the mail server that will allow you to accept e-mail for domains that do not have web sites, and also allow the mail server to listen on alternate ports.

Domain Configuration

When you set up an e-mail address or create a forwarding rule, you can choose a domain name for the e-mail address from a drop down list. The domains in this list are populated from the Local Domains (CW) section of the Sendmail Mail Server main screen.

When you create a web site for a domain, you are given the option to add Enable Mail Service for the domain. This will add the domain to the Local Domains (CW) section.

However, if you have a domain that you do not have a site for, but still want to receive e-mail for on the Virtual Machine, you will need to add the domain to Local Domains (CW).

To add a domain to to the Virtual Machine so that it can receive e-mail, click on Local Domains (CW) from the main Sendmail Mail Server screen.

This takes you to the Local Domains screen.

In the text box, add the names of the domains that will receive e-mail on this Virtual Machine, one domain per line. Add them above the lines for localhost and localhost.localdomain, and DO NOT REMOVE the two localhost lines.

Once you have entered in the domains, click on Save.

Any domain you add here must have the DNS for that domain pointing to the Virtual Machine. If the VM is going to be the mail server for the domain, you will need to make sure the MX records for that domain are set up correctly. See the User Guide: DNS Manager for more information.

Alternate Port Configuration

By default, the mail server listens on port 25 for incoming SMTP connections. This means that any mail sent to the mail server on the Virtual Machine arrives on port 25. However, some ISPs and public services, such as hotels and Wi-Fi hot spots, are blocking the ability to connect from their networks to port 25 in an effort to reduce spam coming from their networks. If you are having trouble sending e-mail, but not receiving e-mail, this is often the culprit.

To work around this, you can configure your mail server to also listen on the alternate submission port of 587. This can be done from the Control Panel or the command line of the Virtual Machine. Once you do this, you can change your mail client to use port 587 as the outbound SMTP port.

To test if the configuration change was successful, you will have to test from the command line of the Virtual Machine. You can do this from the Virtual Machine Console in the Portal, or from the command line of the VM via SSH. The User Guide: Connecting to your Virtual Machine (SSH and Console) explains how to do this.

Control Panel

To configure the mail server to accept connections on port 587 (the Submission port), click on Network Ports in the main Sendmail Mail Server screen.

This opens the Network Ports screen.

This screen is divided into two parts. The top section is the existing configuration for port 25, and should be left as is. To configure the mail server to accept connections on port 587, add the following to the lower section:

• Port Name - use the actual port name, which is Submission. Notice the upper-case letter S. If you use an invalid port name, you will receive an error when you try to Save.

• Listen on address - leave at the default of All

• Listen on port - click the button for the text box, and enter submission. Notice the lower-case letter s.

Leave the other values as is, but check the button for Disallow ETRN. ETRN stands for Extended Turn, and is an extension of the SMTP protocol. ETRN is used if the mail server does not have a dedicated Internet connection, and has to connect at intervals to an ISP or other mail server and de-spool the messages on the remote server, and then spool them for delivery locally. Since the VM will have an “always on” Internet connection, this is not needed.

Here is the screen with the correct values:

Once you have entered the values, click on Save. This will open port 587 for incoming mail connections.

Command line

To configure the mail server to accept connections on port 587 from the command line, you will need to be able to connect to the Virtual Machine using SSH, and be able to work as the root user. You will also need to be able to navigate the Linux file system, edit files using a text editor, and also be familiar with basic Linux commands.

First, change directories to /etc/mail, and make copies of the existing sendmail.mc and sendmail.cf files. sendmail.mc is the file you use to modify the main Sendmail configuration file sendmail.cf. Do not under any circumstances modify sendmail.cf directly.

Next, edit the sendmail.mc file to open port 587, the submission port. This example uses the vim editor, the vi and nano editors are also available.

Find this line, which is generally line 129. There are a total of five lines that say DAEMON_OPTIONS, so make sure you have the correct line.

Change the line so that it looks like this:

Note that the dnl at the front of the line is gone, and the lower-case a in M=Ea is also gone. Make sure that the D in DAEMON is against the left margin of the file.

Save and exit the file, and then rebuild sendmail with the new options. This is done using the m4 macro language processor with the m4 sendmail.mc > sendmail.cf command.

Finally, restart sendmail.

Testing port 587

Using the netstat -ln | grep 587 command, you can verify that port 587 is open. This must be done from the command line of the Virtual Machine as the root user, either from the Virtual Machine Console, or the command line via SSH.

If you see the line starting with tcp and showing the correct port, then the port is open. If you get no output, or an error, go back and check your work. If you need assistance, please contact eApps Support.

Mail Server Security

The mail server, as installed, is very secure. The default sendmail configuration only allows for connections from the local machine (localhost) or trusted local domains (the domains in the Local Domains (Cw) file), and will only accept e-mail for those same local domains. Attempts to use the mail server as a relay, where a non-trusted domain tries to use the mail server to send e-mail to another non-trusted domain, will be rejected.

If you wish to enable TLS/SSL Authentication (POPS, IMAPS, SMTPS) please see the User Guide - Securing E-mail with SSL/TLS http://support.eapps.com/apps/tls

POP before SMTP Authentication

The mail server uses what is called POP before SMTP authentication as the default authentication method. No changes to the mail server have to be made to use POP before SMTP authentication.

POP before SMTP authentication means that you have to first check your e-mail (POP or IMAP) before you can send your e-mail (SMTP). The SMTP server will not send any outgoing e-mail unless the user trying to send e-mail has established an valid POP connection, which requires a user name and password.

SMTP Authentication (SMTP AUTH)

The mail server authentication can be changed to also use SMTP Authentication, also called SMTP AUTH, instead of POP before SMTP authentication if your needs require this.

Only a user@Multiple Domains e-mail user can use SMTP Authentication. A user@example.com e-mail user cannot use SMTP Authentication, those users will still use POP before SMTP authentication.

To set up SMTP Authentication, you will need to login to the command line of the VM using either the Console or SSH. See the User Guide: Connecting to your Virtual Machine (SSH and Console) http://support.eapps.com/portal/ssh for more information if necessary.

Once logged in, follow these steps to set up SMTP Authentication. What has to be done is to copy the smtp.sendmail file in /etc/pam.d to a file called smtp. There will be a symbolic link for an smtp file already in place, pointing to /etc/alternatives/mta-pam. This link will be removed so that the SMTP Authentication will work.

Remove the existing smtp file, which will break the symbolic link.

Copy the smtp.sendmail file to smtp, so that both files are the same.

After you have set up the smtp file, you will need to start the saslauthd service, and then use chkconfig so that it starts automatically if the Virtual Machine is restarted.