Server settings

Previous  Top  Next

In the user settings there is "Authentication type". What should I enter?

In this field the weakest authentication type that is allowed to a user is set. In other words the user will be able to access the server using this method or any other method which is more secure then the initially allowed one.

The following authentication types are supported:

· Plain-text
· NTLM (MSN)
· CRAM-MD5

Authentication types are listed in the order of their security strength (the most secure at the bottom of the list). Using SSL (TLS) connection type increases the security and even though CRAM-MD5 is being used it is acceptable to authenticate in plain text via a secure connection. Authenticating in plain-text transmits the password as open text and therefore the secure SSL (TLS) connection is preferable. Other authentication types make use of the cryptographic methods to confirm the user authenticity without disclosing its password. It is recommended to use CRAM-MD5 as it is a more secure method, though not all e-mail clients support it. If MS Outlook or MS Outlook Express are supposed to be used then it is necessary to use NTLM (MSN) as the only secure methods these e-mail clients can offer.

 

On the server there are users with identical logins, but belonging to different domains. As they authenticate they get odd results. What is the correct way to authenticate?

If in the user's e-mail client only the name is entered, then the server tries to find the user with the same name across all domains and uses the first one which is found. Therefore a user from a different domain might fall in. In this case authentication will fail if the passwords do not match, but in the event they do, one user will see the messages of a totally different user.

To avoid that problem the whole e-mail address should be used as the user name. In other words, instead of  "user" put "user@example.com" This will eliminate any equivocal situations.

 

What is the right way to configure "Remote POP"?

"Remote POP" is designed to retrieve mail from external mailboxes via the POP3 protocol and to place them into internal server mailboxes or forward to a predefined address. In order to get it function properly it is necessary to enter the external server's settings and to create a schedule for the periodic execution of that task. This schedule should be added to the list of the active ones under the "Schedules" tab.

There are two operating modes:

· "Remote Account" - in that mode messages from external mailboxes are moved into the respective local e-mail accounts or are forwarded to a certain e-mail address.
· Domain POP" - in that mode the message headers are analyzed in order to determine the recipient.

Since any changes in the settings require the server to be restarted in order to take effect, it is quite handy to make use of the "Run Now!" button to execute  the tasks with new settings right away. You can check the results in the RPop.LOG file - this is the only way to find out the reasons for the error messages or  to make sure the tasks have been carried out as expected. After you have checked the settings you have to make sure the schedule is also set up accordingly and then restart the server.

 

What is the purpose of the "Forward To" option under the "Remote POP" settings and should it be filled in?

Depending on the mode in use,  the "Forward To" option executes different actions. In the "Remote Account" mode into this field you should enter the e-mail address, to which all the messages will be forwarded. In case the recipient of the message could not be identified, it will be forwarded to the e-mail address entered into that field in the "Domain POP" mode.

It is recommended to fill in that field in both modes, otherwise some messages can be left on the server. In future, these e-mails will be downloaded during each session until they are manually deleted. If there are too many such messages on the server it may lead to the slowdown of the "Remote POP" mode and result in the high traffic load.

 

On our local server we would like to handle only a part of the domain users, the rest are processed by another server. How do we set it up?

To accomplish that it is necessary to create a domain and to register only those users, who will be stored locally. While in the domain settings on the "Advanced" tab one should also enable "Treat unknown users as remote".

 

How to deprive certain users of the right to send messages to external e-mail addresses?

In the user settings on the "Basic" tab there is the "SMTP mail sending rights" checkbox. If you enable it, then you can determine privileges of every single user regarding the the right to send messages to local and external addresses. Green boxes mean it is enabled, the red ones - disabled. The more boxes are ticked, the stronger the prohibition or permissions are. This might be important since at the same time other rules might be in power (for more details refer to the "Administrator's Manual"). To make sure the highest level of prohibition is reached it is necessary to enable four red boxes.

 

We have registered a new mail domain name, but still there are messages coming from the old one. What do we have to do to have two different domains on the server, but the users of the domains should be the same?

How do we create several domains with the same content (a main domain and its aliases)?

While creating the domain on the "Advanced" tab in the "Contents Type" field you can enable the "Referral contents" option and in the "Referral" field indicate the domain, which will be used as the source of users for the newly created domain. At the same time the data is not duplicated, because the users of the indicated domain will be used when the users of the new domain are contacted.

 

In the domain settings on the "Protocols" tab there is an "IP address" option. What do I have to put in there?

In most of the cases this field should be left blank. Only if the server possesses several network interfaces (network cards) located in different subnets and it is required that the connections only from a certain subnet are allowed, is it necessary to input the IP-address of that very subnet. If that field is left blank, then all the connections from the existing subnets will be accepted.

 

Which settings' changes require the server to be restarted?

Restarting the server require the changes in the settings of domains, schedules, anti-virus and anti-spam, as well as the changes in the settings of the "Options" section.