Chapter 6. Mailserver

6.1. Fetchmail Mail Retrieval

Fetchmail is used for retrieving emails from external email accounts. You can make a new entry for fetchmail at the tab "Add Query".

"Server Name" is the designation for the settings that will be saved. If this is also the real name of the mailserver, please activate the choice box in line "Mail Server to Contact". If not, please enter the real name in this line.

Via "Polling Enabled" you can activate or deactivate retrieving mails from this mailserver. At "Protocol" you can choose the type of protocol. If the mailservice is not on the default port for the protocol, you can enter another port number at "Server Port".

At "Mailserver User Details" you can enter settings for the user, whose mails shall be retrieved. "Remote User" and "Remote Password" are the data that are sent to the mail server. You can specify at "Destination" to whom the fetched mails shall be forwarded. Choose between a local user mailbox, a mail alias or "Multidrop". In "Multidrop" mode the local part (left of the @-sign) will be evaluated and the mail will be delivered to a local user or an alias with the same name.

All other fields are optional and can be customized.

Note regarding SSL/TLS: If you want to use SSL variants (e.g. POP3S, IMAPS, …), just specify the protocol (POP3 or IMAP) and enable the Connect in SSL mode option. Do not change the default port unless needed, it will be adapted automatically. If you want to use TLS, then do not check the Connect in SSL mode option at all, fetchmail will automatically use TLS if the server advertises support for it.

6.2. Mailserver Configuration

6.2.1. Base Configuration

At the tab "Base Configuration" you can customize the configuration of your mailserver. "Mail Server Name " is the name that is sent on outgoing emails to the remote SMTP server. This setting is optional.

With the maximum mail size, the size in MB of incoming and outgoing mails can be limited. Without this option mails of unlimited size can be sent.

[Note]

The maximum size is calculated after applying the Base64 conversion of attachments. This means that about one third of the size has to be added to that value. e.g. To send a 10 MB attachment you need to enter 14 MB.

6.2.2. Local Domains

At "Local Domains" you can set domains for which the mailserver will be responsible for. Emails to these domains will be accepted and delivered locally to the users store.

[Note]

To be able to create resources for Zarafa at least one local domain other than "localhost" has to be defined.

6.2.3. Smarthost

Enter the IP address of the mailserver of your company or the provider at the tab "Smarthost". This server will be responsible for the delivery of external emails. If this mailserver requires authentication, enter the required data in "Username" and "Password". The username must contain at least two characters!

6.2.4. Open Relay Subnets

For all addresses listed at the tab "Open Relay Subnets" external mail sending without authentication is possible. All networks (IP subnets) and computers (single IP addresses) should be entered for which external mail delivery without authentication shall be allowed.

However, sending mails to domains for which the mailserver is responsible is always possible. Example entry for activating a subnet: "192.168.0.0/24" - "/24" indicates the number of bits set in the netmask. The netmask would be "255.255.255.0" in this case.

[Note]

Be very careful with this option. A wrong setting could allow everyone to use you mailserver to send messages. Every spammer would be happy about a wrong setting here.

6.3. Mail Queue

The mail queue contains all emails, that could not be sent.

By right-clicking on an email, you can delete, attempt to deliver or display the selected email.

6.4. Mail Alias Configuration

At "Mail Alias" all set mail aliases - both the aliases of the system, as well as your own aliases - are displayed.

[Note]

When adding a mail alias please consider that the alias test is executed before the mailbox allocation. It may happen that emails will be assigned to another user although that user has a mailbox on the server. In such cases please check all set mail aliases.

New aliases can be defined using the tab "Add Alias". An alias can be assigned to multiple users if you select them by using <CTRL>. A user of the yaffas installation or an email address can be specified as a target.

If you want to delete an alias, please right-click on the entry in the overview at "Mail Alias" and choose "Remove".

6.5. Security

This module allows you to configure security settings for this mailserver. Currently virus and spam checking are supported. There is also support for the policy sever that allows you to reject emails based on certain criteria before even accepting it for delivery.

[Note]

When using fetchmail, Amavis and SpamAssassin will not properly scan incoming mail for viruses or spam. This happens as all mail appears to be coming from localhost (127.0.0.1), which is white-listed. Sadly, this cannot be solved in a generic way without introducing any side effects. However, this is usually not a big problem, as the external mail hoster usually provides virus scanning and spam checking already.

6.5.1. Policy Server

The policy server can decide during smtp time if a message should be accepted based on reputation of the sender.

6.5.2. SpamAssassin

SpamAssassin can classify your emails based on internal rules if a message is spam or not. Every message gets assigned points for specific attributes. If the sum of these points exceeds a certain level, the message will get marked as spam.

6.5.3. ClamAV

ClamAV scans emails for viruses. If a message contains a virus it will not be delivered to the user.

[Important]

The services SpamAssassin and ClamAV have to be started separately from the service module before they can be used by the security module. Activating the security services at the security module is not sufficient. If you started these services after activating them at the security module, the service "amavis" has to be restarted.

[Note]

If the ClamAV service will not start, it may have no virus signatures. The freshclam service draws them automatically, but requires an internet connection. A proxy server can be configured at Network Configuration if necessary. This will cause an update of the signatures via freshclam.

[Note]

Do not change /etc/amavis/conf.d/60-yaffas as it will be overwritten. If you need custom changes, put them in a new file such as 61-local. You can also override variables there if necessary.

6.6. Bulk Mailing

With this module you can send an email to all users of the system. You must insert your sender mail address, the subject of the mail and the message. After clicking on the button "Send" the email will be sent to all users that have an account.

[Note]

Please notice that it could take a few minutes until all messages have been sent to the various mailboxes.