Line 1: |
Line 1: |
− | ===Email===
| + | ==Email== |
− | ====Spam====
| + | ===Spam=== |
− | =====Spamassassin=====
| + | ====Spamassassin==== |
| Set spamassassin for automatically delete junkmail. | | Set spamassassin for automatically delete junkmail. |
| You can change the "days" that spamassassin sets to automatically delete junkmail, to delete after two months | | You can change the "days" that spamassassin sets to automatically delete junkmail, to delete after two months |
Line 18: |
Line 18: |
| This happens because by default, no mail (except for viruses) gets rejected without the admin doing something first. | | This happens because by default, no mail (except for viruses) gets rejected without the admin doing something first. |
| | | |
− | ======'''X-Spam-Level Header in Email Messages'''======
| + | ====='''X-Spam-Level Header in Email Messages'''===== |
| SME does not create an X-Spam-Level header in processed email messages by default. | | SME does not create an X-Spam-Level header in processed email messages by default. |
| | | |
Line 29: |
Line 29: |
| (Based on [[Bugzilla:3505]]) | | (Based on [[Bugzilla:3505]]) |
| | | |
− | ======Custom Rule Scores======
| + | =====Custom Rule Scores===== |
| You can customize the score assigned by a specific Spamassassin rule (SARE_ADULT2 in this case) as follows: | | You can customize the score assigned by a specific Spamassassin rule (SARE_ADULT2 in this case) as follows: |
| mkdir -p /etc/e-smith/templates-custom/etc/mail/spamassassin/local.cf | | mkdir -p /etc/e-smith/templates-custom/etc/mail/spamassassin/local.cf |
Line 50: |
Line 50: |
| * http://www.rulesemporium.com/ | | * http://www.rulesemporium.com/ |
| | | |
− | =====Real-time Blackhole List (RBL)=====
| + | ====Real-time Blackhole List (RBL)==== |
| Enabling RBL's <br> | | Enabling RBL's <br> |
| RBL's are disabled by default to allow maximum accommodation (your ISP may be on a RBL & you may not know it). You can enable RBL's by: | | RBL's are disabled by default to allow maximum accommodation (your ISP may be on a RBL & you may not know it). You can enable RBL's by: |
Line 71: |
Line 71: |
| [http://wiki.contribs.org/Updating_to_SME_7.2#DNSBL_Servers] | | [http://wiki.contribs.org/Updating_to_SME_7.2#DNSBL_Servers] |
| | | |
− | =====Server Only=====
| + | ====Server Only==== |
| Some of the spam filter rules cannot work unless the SMESERVER knows the external IP of the box. If you put a SMESERVER in server-only mode behind other firewalls, it will lose some of the anti-spam rules. For example, the rule that blocks attempts where spammers try "HELO a.b.c.d" where a.b.c.d is your external IP address. | | Some of the spam filter rules cannot work unless the SMESERVER knows the external IP of the box. If you put a SMESERVER in server-only mode behind other firewalls, it will lose some of the anti-spam rules. For example, the rule that blocks attempts where spammers try "HELO a.b.c.d" where a.b.c.d is your external IP address. |
| | | |
Line 77: |
Line 77: |
| | | |
| | | |
− | =====I want to enable GreyListing=====
| + | ====I want to enable GreyListing==== |
| GreyListing support is under the covers and can easily be enabled for those who know what they are doing. However, many experienced users found that they spent more time looking after the greylisting configuration than they received in benefit. | | GreyListing support is under the covers and can easily be enabled for those who know what they are doing. However, many experienced users found that they spent more time looking after the greylisting configuration than they received in benefit. |
| | | |
− | ====Email Clients====
| + | ===Email Clients=== |
− | ====="concurrency limit reached" when using IMAP=====
| + | ===="concurrency limit reached" when using IMAP==== |
| Sometime shows as Thunderbird giving this error message, | | Sometime shows as Thunderbird giving this error message, |
| ''This Mail-server is not a imap4 mail-server'' | | ''This Mail-server is not a imap4 mail-server'' |
Line 100: |
Line 100: |
| More detail can be found [http://forums.contribs.org/index.php?topic=33124.0 here]. | | More detail can be found [http://forums.contribs.org/index.php?topic=33124.0 here]. |
| | | |
− | =====Mail server is not an IMAP4 mail server=====
| + | ====Mail server is not an IMAP4 mail server==== |
| This is a bug in Thunderbird, the previous tips may help | | This is a bug in Thunderbird, the previous tips may help |
| | | |
− | =====The Bat=====
| + | ====The Bat==== |
| The gives this error message, but they are wrong.<br> | | The gives this error message, but they are wrong.<br> |
| "This server uses TLS v3.0 which is considered to be obsolete and insecure. | | "This server uses TLS v3.0 which is considered to be obsolete and insecure. |
Line 109: |
Line 109: |
| | | |
| | | |
− | =====Outlook/Outlook Express give error 10060/0x800CCC90=====
| + | ====Outlook/Outlook Express give error 10060/0x800CCC90==== |
| Most likely OUTLOOK (EXPRESS) isn't configured correctly. | | Most likely OUTLOOK (EXPRESS) isn't configured correctly. |
| | | |
Line 129: |
Line 129: |
| -you're finished, your email should work now | | -you're finished, your email should work now |
| | | |
− | =====Outlook test message doesn't come through=====
| + | ====Outlook test message doesn't come through==== |
| You clicked the TEST ACCOUNT SETTINGS in OUTLOOK didn't you? This is a bug in OUTLOOK. The test message sends a test email with 'no Date header'. As the name suggests, this means a message without any date. Since the server doesn't accept mail with 'no Date header' (because it's required) the message is rejected. To test, send an actual message from OUTLOOK. | | You clicked the TEST ACCOUNT SETTINGS in OUTLOOK didn't you? This is a bug in OUTLOOK. The test message sends a test email with 'no Date header'. As the name suggests, this means a message without any date. Since the server doesn't accept mail with 'no Date header' (because it's required) the message is rejected. To test, send an actual message from OUTLOOK. |
| | | |
| If you want, you can try THUNDERBIRD. It's like OUTLOOK but made by a different company. It's completely free and works very well at home and at the office. | | If you want, you can try THUNDERBIRD. It's like OUTLOOK but made by a different company. It's completely free and works very well at home and at the office. |
| | | |
− | =====I can't receive/send email from my application (ACT!, vTiger, MS Outlook, etc)=====
| + | ====I can't receive/send email from my application (ACT!, vTiger, MS Outlook, etc)==== |
| Most likely, this is a bug the application you're using and not a problem with the SMESERVER. The application sends an email with 'no Date header'. As the name suggests, this means a message without any date. Since the server doesn't accept mail with 'no Date header' (because it's required) the message is rejected. | | Most likely, this is a bug the application you're using and not a problem with the SMESERVER. The application sends an email with 'no Date header'. As the name suggests, this means a message without any date. Since the server doesn't accept mail with 'no Date header' (because it's required) the message is rejected. |
| | | |
Line 152: |
Line 152: |
| signal-event email-update | | signal-event email-update |
| | | |
− | =====After I upgrade my SMESERVER, my email folders have disappeared when using IMAP=====
| + | ====After I upgrade my SMESERVER, my email folders have disappeared when using IMAP==== |
| After upgrade, if there are missing IMAP folders, the client may need to re-subscribe to folders. This may affect either webmail users or users who use an IMAP email client. | | After upgrade, if there are missing IMAP folders, the client may need to re-subscribe to folders. This may affect either webmail users or users who use an IMAP email client. |
| | | |
− | =====Entourage: Using SME's Self-Signed Certificate for SSL Connections from Entourage on OS X 10.4=====
| + | ====Entourage: Using SME's Self-Signed Certificate for SSL Connections from Entourage on OS X 10.4==== |
| The main problem here is that Microsoft has decided that Entourage will only support trusted, PEM Base-64 Encoded certificates. To use IMAPS or SMTPS from Entourage with your SME server, you will need to: | | The main problem here is that Microsoft has decided that Entourage will only support trusted, PEM Base-64 Encoded certificates. To use IMAPS or SMTPS from Entourage with your SME server, you will need to: |
| 1. Login to your Mac as a user with administrative privileges | | 1. Login to your Mac as a user with administrative privileges |
Line 189: |
Line 189: |
| * Click on "Show Keychains" in Apple's "Keychain Access" if you need to delete a certificate and try again. | | * Click on "Show Keychains" in Apple's "Keychain Access" if you need to delete a certificate and try again. |
| | | |
− | ====Server Settings====
| + | ===Server Settings=== |
− | =====Double bounce messages=====
| + | ====Double bounce messages==== |
| To stop admin receiving double bounce messages | | To stop admin receiving double bounce messages |
| | | |
Line 204: |
Line 204: |
| see a longer explaination [[Email_delete_double-bounce_messages | here]] | | see a longer explaination [[Email_delete_double-bounce_messages | here]] |
| | | |
− | =====Keep a copy of all emails=====
| + | ====Keep a copy of all emails==== |
| You may need to keep a copy of all emails sent to or from your email server. | | You may need to keep a copy of all emails sent to or from your email server. |
| This may be for legal, or other reasons. | | This may be for legal, or other reasons. |
Line 223: |
Line 223: |
| If you want to view the emails, point your email client at the SME and log on as maillog. | | If you want to view the emails, point your email client at the SME and log on as maillog. |
| | | |
− | =====Set max email size=====
| + | ====Set max email size==== |
| Restrict the size of email messages that can pass through your mail server | | Restrict the size of email messages that can pass through your mail server |
| config setprop qmail MaxMessageSize x | | config setprop qmail MaxMessageSize x |
Line 230: |
Line 230: |
| where x is in bytes, eg 6000000 = 6 MB | | where x is in bytes, eg 6000000 = 6 MB |
| | | |
− | =====add the admin user as an administrator for Horde=====
| + | ====add the admin user as an administrator for Horde==== |
| | | |
| config setprop horde Administration enabled | | config setprop horde Administration enabled |
| signal-event email-update | | signal-event email-update |
| | | |
− | =====Disable mail to a user from an external network=====
| + | ====Disable mail to a user from an external network==== |
| Can be either a user, pseudonym or group | | Can be either a user, pseudonym or group |
| db accounts setprop groupname/username Visible internal | | db accounts setprop groupname/username Visible internal |
| signal-event email-update | | signal-event email-update |
| | | |
− | =====I can't receive mail at: user@mail.domain.tld=====
| + | ====I can't receive mail at: user@mail.domain.tld==== |
| Add mail.domain.tld as a virtualdomain. | | Add mail.domain.tld as a virtualdomain. |
| -login to SERVER-MANAGER | | -login to SERVER-MANAGER |
Line 247: |
Line 247: |
| -type: mail.domain.tld | | -type: mail.domain.tld |
| | | |
− | =====How do I find out who is logged into webmail and what IP number.=====
| + | ====How do I find out who is logged into webmail and what IP number.==== |
| This is logged is in /var/log/messages. | | This is logged is in /var/log/messages. |
| | | |
− | =====How do I enable smtp authentication for users on the internal network.=====
| + | ====How do I enable smtp authentication for users on the internal network.==== |
| mkdir -p /etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local | | mkdir -p /etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local |
| cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local | | cd /etc/e-smith/templates-custom/var/service/qpsmtpd/config/peers/local |
Line 258: |
Line 258: |
| Authentication for the local network will now follow the setting of config::qpsmtpd::Authentication | | Authentication for the local network will now follow the setting of config::qpsmtpd::Authentication |
| | | |
− | =====How do I disable SMTP relay for unauthenticated LAN clients=====
| + | ====How do I disable SMTP relay for unauthenticated LAN clients==== |
| http://forums.contribs.org/index.php?topic=38797.msg176490#msg176490 | | http://forums.contribs.org/index.php?topic=38797.msg176490#msg176490 |
| * Enable smtp authentication as shown above | | * Enable smtp authentication as shown above |
Line 271: |
Line 271: |
| - enable Authentication against the outgoing mail server | | - enable Authentication against the outgoing mail server |
| | | |
− | ====External Access====
| + | ===External Access=== |
− | =====Allow external IMAP mail access=====
| + | ====Allow external IMAP mail access==== |
| There was a deliberate decision to remove non-SSL protected username/password | | There was a deliberate decision to remove non-SSL protected username/password |
| services from the external interface. | | services from the external interface. |
Line 284: |
Line 284: |
| fixme: explain how | | fixme: explain how |
| | | |
− | =====POP3 & webmail HTTP=====
| + | ====POP3 & webmail HTTP==== |
| I want to set my SMESERVER to allow POP3 (or webmail HTTP) but it's not an option, I only see POP3S (or webmail HTTPS). | | I want to set my SMESERVER to allow POP3 (or webmail HTTP) but it's not an option, I only see POP3S (or webmail HTTPS). |
| | | |
Line 293: |
Line 293: |
| signal-event email-update | | signal-event email-update |
| | | |
− | =====Allow external pop3 access=====
| + | ====Allow external pop3 access==== |
| | | |
| Email settings > POP3 server access in SME 7.1 server-manager allows only pop3s protocol for clients outside the LAN. Some email clients (eg The Bat! v3.98.4) won't allow pop3s connections to SME 7.1 because of ssl version conflict. Until this is sorted out, a workaround is to hack SME to allow regular pop3 on the external interface using the following commands. | | Email settings > POP3 server access in SME 7.1 server-manager allows only pop3s protocol for clients outside the LAN. Some email clients (eg The Bat! v3.98.4) won't allow pop3s connections to SME 7.1 because of ssl version conflict. Until this is sorted out, a workaround is to hack SME to allow regular pop3 on the external interface using the following commands. |
Line 303: |
Line 303: |
| more information [[bugzilla:2620]] | | more information [[bugzilla:2620]] |
| | | |
− | ====Imap====
| + | ===Imap=== |
− | =====Folders with a dot in name=====
| + | ====Folders with a dot in name==== |
| Email folder names that have a period ('.') in the folder name, will be split into sub-folders. | | Email folder names that have a period ('.') in the folder name, will be split into sub-folders. |
| e.g. folder name 'www.contribs.org' is created as | | e.g. folder name 'www.contribs.org' is created as |
Line 311: |
Line 311: |
| org | | org |
| | | |
− | ====qpsmtpd====
| + | ===qpsmtpd=== |
| SME uses the [http://smtpd.develooper.com qpsmtpd] smtp daemon. | | SME uses the [http://smtpd.develooper.com qpsmtpd] smtp daemon. |
| | | |
− | =====Official Description=====
| + | ====Official Description==== |
| qpsmtpd is a flexible smtpd daemon written in Perl. Apart from the core SMTP features, all functionality is implemented in small "extension plugins" using the easy to use object oriented plugin API. | | qpsmtpd is a flexible smtpd daemon written in Perl. Apart from the core SMTP features, all functionality is implemented in small "extension plugins" using the easy to use object oriented plugin API. |
| | | |
Line 322: |
Line 322: |
| | | |
| | | |
− | =====Default Plugin Configuration=====
| + | ====Default Plugin Configuration==== |
| SME uses the following [http://wiki.qpsmtpd.org/plugins qpsmtpd plugins] to evaluate each incoming email. | | SME uses the following [http://wiki.qpsmtpd.org/plugins qpsmtpd plugins] to evaluate each incoming email. |
| | | |
Line 439: |
Line 439: |
| |} | | |} |
| | | |
− | ====Internal Mail Servers====
| + | ===Internal Mail Servers=== |
| SME can be configured as a spam and antivirus filter for one or more "Internal" mail servers on a domain-by-domain basis. The mail server specified does not have to be on the same local network as your SME server. | | SME can be configured as a spam and antivirus filter for one or more "Internal" mail servers on a domain-by-domain basis. The mail server specified does not have to be on the same local network as your SME server. |
| | | |
− | =====Deliver ALL email to a single internal mail server=====
| + | ====Deliver ALL email to a single internal mail server==== |
| You can deliver all email for all domains on your SME server to a single internal mail server by setting the mail server address in server-manager::Configuration::E-mail::Change e-mail delivery settings::Address of internal mail server. | | You can deliver all email for all domains on your SME server to a single internal mail server by setting the mail server address in server-manager::Configuration::E-mail::Change e-mail delivery settings::Address of internal mail server. |
| | | |
− | =====Deliver email for one domain to an internal mail server=====
| + | ====Deliver email for one domain to an internal mail server==== |
| You can also configure only a single domain to use an internal mail server, or you can configure different domains to use different internal mail servers. | | You can also configure only a single domain to use an internal mail server, or you can configure different domains to use different internal mail servers. |
| | | |
Line 454: |
Line 454: |
| signal-event email-update | | signal-event email-update |
| | | |
− | =====Setup Blacklists & Bayesian Autolearning=====
| + | ====Setup Blacklists & Bayesian Autolearning==== |
| | | |
| (Much of what follows has been shamelessly copied from the Sonoracomm howto which has been offline for a while) | | (Much of what follows has been shamelessly copied from the Sonoracomm howto which has been offline for a while) |
Line 486: |
Line 486: |
| * enable DNSBL using the default RBLList | | * enable DNSBL using the default RBLList |
| | | |
− | =====The entire Sonoracomm howto from Google's text cache=====
| + | ====The entire Sonoracomm howto from Google's text cache==== |
| | | |
| The Sonoracomm Howto has been a very well regarded set of instructions for quite a while now, but has recently been offline. | | The Sonoracomm Howto has been a very well regarded set of instructions for quite a while now, but has recently been offline. |