What is a mail server. Choosing a mail server for a medium business - own or cloud

A mail server is a special agent - a program that processes mail requests, transfers messages from one machine to another.

Server Email acts as a real, familiar to us post office, processing bytes, like paper messages in envelopes.

To send a letter to a friend, you must write its content, specify the recipient's email address and transfer all data to your server address electronic messages. The sending process is automated on a computer or . The sending server makes the necessary calculations and redirects the correspondence to the recipient's server, where the letter gets to a happy friend.

What is the mail server protocol

It turns out that for uninterrupted and synchronous functioning, all mail servers in the world obey three main work protocols,

Sending SMTP Simple Mail Transfer Protocol mail

A protocol called SMTP is always responsible for sending mail, the first version of which was described in the 1982 standards. In 2008 it was upgraded to the ESMTP version with extended functionality. Classic protocol access port: 25 TCP, in case of using an SSL shell, the port changes to 465 TCP.

A typical example of how the SMTP protocol works is the following sequence of actions:

• Your mail client on the computer establishes a connection with the SMTP server to which the binding is configured
• The server is only interested in one parameter received from you - the recipient. It makes a query to the DNS service to get the delivery IP address
• After the SMTP server has found out the location of the recipient in the address space, an attempt is made to connect directly to the recipient's server on port 25
  The recipient's SMTP server checks the presence of the client in the database, in case of a match, transfers the data to its internal POP3 server for placement in the user's mailbox.
• If there are problems connecting to the recipient's SMTP host, the attempt to send will be repeated a few more times at regular intervals. If you refuse, you will receive an error message back.

Receiving and storing POP3 Post Office Protocol 3 mail

The very first, classic and simple protocol remote access to the mailbox. It's no secret that email is stored on servers, and what you see on the screen is only its local copy. In 1988, the third, final version of the protocol was created, according to which clients can collect correspondence from servers. By default, after messages are copied to the local storage using the POP3 protocol, they are permanently deleted from the server. Standard access port: 110 TCP

Consider a template session with a POP3 server:

• Authorization. The connected client goes through the authentication procedure by name and password. Checks if this email address belongs to him
• transaction. There is an exchange of data on the current state of the mailbox, acceptance of letters and work with correspondence
• Update. The server removes the read messages from its storage and closes the session.

Advanced mail handling IMAP Internet Message Access Protocol

A more complex, complex and modern protocol for working with a remote mail server. Appeared in 1986, and significantly increased in the volume of the last edition in 2003. The main difference from POP3 communication is that the work is carried out without sending all the content, you are right on the server and edit the information directly there. The downside of the protocol is the inability to work with mail when the Internet connection is lost. Some experts believe that IMAP would have become a monopolist of mail protocols, if not for its mediocre implementation of the function of sending emails. Main connection port: 143 TCP or 993 TCP when connecting via an encrypted SSL channel.

An IMAP server can be in four states

• Without authentication. The server is waiting for the transfer of login and password from the user
• Authenticated. There is a choice of a mailbox for further work
• Selection state. After selecting a mailbox, work with letters in it begins.
• Exit. Closing the connection by error or client request

Own mail server

An ordinary user has enough mail Google services, Yandex, etc. But it is much more difficult for administrators of portals and companies for which it is necessary to raise software mail transfers. No company will want to receive orders from customers under someone else's domain name, which means that the time has come to create their own mail node. There are several options here

Ready solutions

Yandex and MAIL.ru provide free mail provider services for your domain. This means that you receive mail at [email protected], it was exactly the same if you manually created your own mail server. But the company takes care of processing correspondence by providing a convenient web interface and separate addresses for employees.

Another plus is that the server addresses of corporate mail servers are always in the trust of clients, which means there is much less chance of getting into spam.

Self-configuration manually

This is a difficult path. It takes a long time to set up such a server. And contacting a special company will be easier, and even cheaper.

For Windows Server Microsoft Exchange Server is considered classic. Fully integrated into Windows environment, compatible with all protocols, fast and easy to set up

There are several full-fledged solutions for Linux, but experts have recently noted the Postfix server as the safest and most convenient way to work. Pluggable spam filters, skipped mail control, and database support are integral parts of Postfix.

If you have a desire to learn how to search for and exploit vulnerabilities in information networks, I recommend that you get acquainted with online course "Workshop on Kali Linux» in OTUS. The course is designed for those who do not have experience in information security, for admission you need to pass.

Let's start with what I mean by medium business. I do not know the exact classification and have not looked anywhere, have not checked. It intuitively seems to me that this is from 10-15 users to 200-300. I will consider the segment up to 100 users, since almost all the time I work exclusively in this niche. The problems and needs of larger companies are not known to me for certain. Although I'm not sure that something will be fundamentally different from 100 people, I think the approaches will be the same, only the hardware is more powerful. The problems of load distribution and clustering will most likely not arise here yet.

We have a small company with several dozen people. We need a mail server. Despite the fact that technology has stepped forward a long time ago, providing a lot of various means of communication, e-mail still stands firmly in its positions and is not going to give them up yet. At the same time, in such a small team, there are no big requirements for the mail server. Most often, it is enough that the mail just works, without any special functional frills. Either an email client and the imap protocol, or a web interface will suffice. Well, if it is possible to set up an auto-reply, do shared folders, a single address book, but you can live without it.

Among all the possible options for the mail service, I single out 3 fundamentally different approaches to the implementation of the necessary functionality:

1. Services based on free mail services of Google, Yandex or mail.
2. Your mail server based on free software.
3. Exchange server from Microsoft.

Let's analyze each of them in more detail.

Free mail from google, yandex and mail.ru

I'll make a couple of comments right now. I'm not sure that Google can now register free corporate mail. All who have registered before use for free, and for new users only paid subscriptions. But this is not fundamental and does not directly relate to the topic of the article. If Google has become completely paid for business, then we will simply exclude it from our list. Yandex and Mail.ru are still definitely free. I myself administered mail domains in google apps and in Yandex. I did not work with biz.mail.ru, I only know that something similar is implemented there. I somehow do not like the company itself since the old days. Although now they seem to have turned to face the users, but Amigo is still alive and well, so they have not turned around yet.

Consider the advantages of these mail services.

1. The most important advantage is that full-fledged mail is ready immediately after registration. There are no costs for the purchase of hardware and configuration. Is it enough for a more or less advanced user who, following the instructions on the site, will be able to connect a domain and create mailboxes. And you can already use the mail.
2. Easy to administer and manage users, the web service provides all the necessary tools for this. They are convenient and intuitive (although not always) understandable.
3. Comfortable and habitual web interface. Everything works quickly, from anywhere where there is an internet connection and a browser. There is a good mobile application.
4. Wide functionality, ready immediately after creating the box. Various filters, mail collectors, good anti-spam (from Google) and much more.

Everything seems to be missing nothing. It would seem that the advantages are obvious and significant. But before jumping to conclusions, let's look at the cons.

1. You do not control this mail. She doesn't belong to you, is not on your servers. You don't know what's happening to her. If you have very sensitive and private correspondence, then suspicions and doubts arise about the use of popular email services. This may sound paranoid, but this is a real concern for users and business owners, and should not be discounted.
2. You are not immune from failures in the system and cannot prevent them in any way. And failures, although not often, but they do happen. Since the services are free no one will guarantee you anything. And if some kind of force majeure happens and the data is lost, you will simply be told sorry. If you yourself do not have a very reliable IT structure, the likelihood technical problems on your personal server it will probably be higher. But you can control this and theoretically be able to build a system with a level of reliability that satisfies you.
3. Unobvious backup methods and recovery of mailboxes in such services. There are situations when all letters are deleted from the mailbox. Let's say you can save them different ways, just downloading, and then how to return it back to the box, keeping all the original dates?
4. There is no way to analyze incomprehensible situations. For example, you send a letter, but it does not reach the addressee. What to do? In the case of cloud mail, you will not do anything, since you do not have any tools to analyze the situation. Try to just send a letter from another box. Sometimes you don't receive a letter, and you can't figure out why it's not there. And the case can be trite in an incorrectly configured filter. This is a common situation when there are a lot of filters, plus if some other forwarding is configured. Without access to server logs, it can be difficult to understand the situation. And if there is a mail server log, then it immediately becomes clear why the letter is not sent, or what happened to it after it was received. You can definitely find out whether the remote server received your letter or not.
5. No simple ways restrict access to mailboxes, for example, only from local network office. Mailboxes of public services are always available via the Internet. It is possible to solve this problem in google apps through authorization in third-party services. In Yandex and mail, I have not seen the opportunity to implement such functionality.
6. It is also necessary to understand that free cheese know where it happens. It is not completely clear how mail services use the information received from users. Well, if only to show them relevant ads. I don't think it's just for that.

When I first started working about 10 years ago, there was no question what kind of mail to use in the organization. Everyone set up their mail servers and administrated them. Free mail services did not provide any tools for business at that time to manage mail. When such tools began to appear, I thought that soon no one would need their mail servers, since they would no longer make sense. And all my torment (I do not like to work with them) with mail servers will become meaningless.

I was given the opportunity to administer domains based on public mail services. After that, the list of cons written above appeared. And for me personally, these cons outweighed the pros, and now I still set up mail servers myself. Ultimately, it is more convenient and reliable when you consider the pros and cons of use and administration together.

The biggest disadvantage I see is the lack of full-fledged mail logs and a good backup scheme. It is inconvenient to analyze problems without logs. It will not be possible to quickly and easily restore a deleted letter to its original location, although this is a simple matter for open source mail servers.

Mail server based on free software

Consider the advantages and disadvantages of your own mail server based on free software. In principle, some paid ones can also be included here, for example, Kerio Mail Server, which is also often used. I think it can also be attributed here, since it provides a similar functionality. I consider all mail servers in aggregate, without singling out individual representatives. Although in Linux, apart from postfix and exim, I personally have not seen anything in production. I always use postfix myself, because I'm used to it and know it well. Consider carefully the advantages of such servers.

1. You are in complete control of all information, which comes by mail and is stored on your server. You can restrict access to mail at your own discretion. technical means. You can centrally configure the rules for deleting, for example, private information in letters, according to various criteria that you can set yourself.
2. The level of availability of the mail service depends only on you. With the right approach, you can provide the reliability that suits you system operation.
3. Flexible backup system. There are a lot of funds for its organization, including free ones. It all depends on your needs, skill and capabilities. You can store different slices by date, mailbox, domain, organize any suitable scheme.
4. Virtually unlimited functionality. Within reasonable limits, of course :) You can create mailboxes with the possibility of only local correspondence, you can centrally manage the receipt and sending of mail, maintain your own white and black lists. You can set up various restrictions on mailboxes and domains. You can easily centrally manage the duplication of mail of the necessary mailboxes, do all kinds of forwarding and much more.
5. All means of monitoring server operation are in your hands. You will be able to deal with any incomprehensible situation, having mail server logs on hand. This service is well logged. I almost never had problems when it was not clear where the letter had gone. Most often there are traces and you can definitely say what happened to the letter.

1. Necessary buy or rent equipment to organize your mail server. In the case of a Linux server, the performance requirements will not be large. I usually have enough virtual machines for 4 cores and 4 GB random access memory. The disk subsystem is much more important. Here the faster the disks, the better. Do not forget about the backup. It also needs iron resources.
2. Setting up a full-fledged, multifunctional mail server requires at least average knowledge in linux system administration. That is, just the admin-enikey will not work here. Need an expert with experience. He should have a decent salary. If there is no such admin in the state, I recommend hiring someone for a one-time setup job. Most often, after setting up, special work on maintaining the server is not required if you do not change the functionality. Just enough to follow free space on disks and manage boxes through the web panel.
3. Ease of use via web interface will be lower than in free postal services. Like it or not, but the same gmail is implemented very conveniently. Quick search, filters, sorting, labels, etc. It's really convenient. I'm very used to it and can't use anything else.

I see such disadvantages of my mail service. The most important for me is the last one. I myself am used to working with mail via the web. I do not like to use mail clients, although I have to. Web interfaces to free mail servers in terms of convenience and speed do not fall far short of gmail or Yandex, it makes no sense to compare. And yet, I think that for an average organization this is the most best option. An example of setting up such a free mail server is .

Pros and cons of Microsoft Exchange Server

I don't have a lot of exchange administration experience. I tested it a long time ago when I decided which mail servers I would work with. Installed, studied the functionality. Then I set up a mail server for the organization once. They wanted exactly exchange. There were no problems, I quickly set it up according to numerous guides on the Internet. Entry threshold for mail customizers exchange servers very low. Even enikey can handle the basic functionality.

For medium-sized organizations, I consider shared calendars to be a really useful and hard-to-replace functionality. And of course, the convenience of integration with AD, if any. And most often there is AD, since I can’t imagine network administration for more than 20-30 people without Active Directory. I think that it is pointless to save here and you need to buy Microsoft Server.

Consider now the pros and cons of Microsoft Exchange Server. I warn you again just in case. I tell only my vision, I have little experience with the server, so I would like to receive comments on it myself in the comments in order to have a more adequate assessment of this system. Exchange pros:

1. Great functionality with relative ease of setup. Deploy a server with basic functionality for any admin. Moreover, this basic functionality can be more than any assembly under Linux.
2. Integration with Active Directory. you are creating a new account user and Mailbox ready for him right away. No special settings are needed if the user has Microsoft Outlook. Connection to the server is configured in a few mouse clicks.
3. Comfortable administration tools as ready-made Windows Server snap-ins. Everything is traditional for solutions from Microsoft.

The minuses of Exchange Server are as characteristic as the pluses for most Microsoft products:

1. Price, price and more price. Microsoft Exchange Server is expensive. It is necessary to consider and estimate whether it will be justified to acquire it. To use all the built-in functionality, it will be necessary for each workplace buy edition Microsoft Office with Outlook included. These are additional costs.
2. Good performance requires much more powerful iron, in comparison with servers on Linux. And to support large mailboxes, for example, 50 gigabytes, you will need very powerful hardware. Although such boxes for the same dovecot do not present any particular problems. In exchange, you will most likely use quotas to limit the maximum mailbox size.
3. For backup, you will most likely also have to purchase decent hardware and paid software. Here I'm just guessing, I really don't know what is needed for a convenient exchange backup. I know paid software from popular vendors. Maybe there is something free.

My conclusion about Exchange Server is that it is good in almost everything, except for the price. If it was free, I would most likely use it. For quite objective reasons, this is impossible. Good and convenient software does not appear by itself. You need to create it, and spend money on it that you want to return with a profit.

Today, given the cost of Microsoft Exchange Server and Microsoft Office, I do not use these Microsoft products. Few people agree to lay out the necessary amount for the mail server. I would like to take a closer look at Exchange in real conditions, at least 60-80 people, in order to evaluate this server more objectively. But so far this opportunity has not presented itself.

Conclusion

Let me summarize my reasoning about the mail server for a small average organization. Although the conclusion, I think, is already clear. I myself prefer the second option I described - a mail server based on free software on linux. But I wouldn't discount the other two options. Free mail from public services will definitely be convenient for a very small team - for 10-15 people. It makes no sense to fence your server for such a number.

I would recommend using Exchange Server if you have it and you don't mind spending money on purchasing it. The product is uniquely convenient, functional and easy to configure and administer. Speaking simple, you need to understand that this is conditional. Configurations can be very complex, but in this case I'm looking at the entry level.

Workshop on Kali Linux

A course for those who are interested in conducting penetration tests and want to practically try themselves in situations close to real ones. The course is designed for those who do not yet have experience in information security. Training lasts 3 months for 4 hours a week. What this course will give you:

• Look for and exploit vulnerabilities or configuration flaws in corporate networks, web sites, servers. Emphasis on pentesting Windows OS and on the security of the corporate segment.
• Learning tools like metasploit, sqlmap, wireshark, burp suite and many more.
• Mastering the Kali Linux toolkit in practice - any information security specialist should be familiar with it.

Test yourself on the entrance test and see the program for more details.

Many system administrators experience certain difficulties when working with e-mail systems. This is not surprising, a mail server has a much more complex structure than a file server, router or terminal server. In this article, we will consider the structure and principle of operation of mail servers, without understanding which, setting up an email system is quite capable of turning into shamanic dances with a tambourine.

This material contains quite a lot of simplifications and generalizations in order to give system administrators the required minimum knowledge. In our opinion, for the sake of administering one or two entry-level mail servers, it is not at all necessary to become a specialist in the field of e-mail.

For most users and novice administrators, the mail server is a kind of "black box", which, having received a letter, delivers it to the addressee by "unknown" ways and vice versa. All interaction with such a server consists in addressing the mail client to certain ports, or even through the web interface. However, there is a whole mechanism hidden inside, understanding the operation of which is key to successfully setting up and maintaining an e-mail system. This is especially important for administering servers on the Linux platform. Unlike Windows, where the mail server is a complete software solution and the developers have already taken care of internal interaction, in Linux, the mail server components are separate programs and you need to configure their interaction yourself.

Let's take a look at the structure of the mail server and what happens when a user tries to send mail.

The most important part of the mail server is MTA (Mail Transfer Agent-- mail forwarding agent) whose tasks include receiving and transmitting mail. Very often (in Linux/UNIX) the MTA is also referred to as a mail server. MTA works on the SMTP protocol, and one of them, in principle, is already enough to create an e-mail system. Once upon a time, this was exactly the case, and in order to access your mailbox, you needed to have certain technical knowledge.

However, progress does not stand still, MTA, receiving a letter, places it in the user's mailbox on the server to which the latter must access, preferably in the most simple and understandable way. Here comes the stage MDA (Mail Delivery Agent-- mail delivery agent), its task, at the request of the mail client, is to transfer mail to it from the mailbox on the server. MDA can work using the POP3 or IMAP protocols, in some cases, to "communicate" the mail client and the delivery agent, their own protocols with extended functionality, such as MAPI (Exchange Server), can be used.

Contrary to popular misconception, MDA has nothing to do with the mail transfer process. This is the prerogative of the MTA. To draw an analogy, you can imagine the MTA as a post office that receives and sends mail, and the MDA with the postman who brings the incoming correspondence to your home. If the postman is sick, then this will not affect the work of the post office, you just will not receive letters at home. Also MDA, its failure does not lead to the inoperability of the mail server, only the receipt of mail by the mail client becomes unavailable, at the same time it can be easily accessed in other ways, for example, through the web interface.

Let's see what happens when sending mail. In our example, the user Ivanov, located in the example.org domain ( [email protected]), writes a letter to Kozlov in the domain example.com ( [email protected]). For Ivanov, the process of sending mail consists of creating a message and pressing the "Send" button in the mail client. The mail client connects to the MTA using the SMTP protocol and first communicates its credentials. After authorizing the user, the MTA accepts the message and tries to deliver it further.

Actually, authorization is not a mandatory procedure for the MTA, but without authorization, we will get an open relay, i.e. anyone can use our server to send mail, and spammers will be delighted! Currently, open relays occur mainly due to server configuration errors. However, it is quite possible for an MTA to receive mail from trusted users, for example, from the company's local network, without authorization.

The MTA can use its own user list, system list, LDAP or AD user lists for authorization. There is also a way: POP authorization before SMTP, when the user logs in to the MDA before sending mail, which in turn confirms the user's authentication to the MTA.

The next step of the MTA analyzes the service information of the letter, determining the recipient's domain, if it belongs to the domains served by the MTA data, the recipient is searched for and the letter is placed in his mailbox. This happened if Ivanov wrote a letter to Petrov or Sidorov.

If the recipient's domain is not served by the MTA, a DNS query is generated requesting the MX records for that domain. An MX record is a special kind of DNS record that contains the names of the mail servers that handle incoming mail for a given domain. There can be more than one MX record, in which case the MTA tries to establish a connection sequentially, starting from the server with the highest priority. In the absence of an MX record, an A record is requested (an address record that maps Domain name with an IP address) and an attempt is made to deliver mail to the host specified there. If the message cannot be sent, it is returned to the sender (placed in the user's mailbox) with an error message.

We will not consider the work of the receiving server, we will assume that everything went well, Kozlov received a letter from Ivanov and wrote him a response. The server serving the example.com domain does exactly the same thing and tries to send mail to our server. Having received an incoming message, the MTA, as in the case of a local sender, checks the recipient's domain, if it is among the MTAs served, message processing continues, otherwise the server refuses to accept mail. After checking the domain, the recipient is checked, if he is present in the list of users, the message is delivered to his mailbox, otherwise there are two options: refusal to receive the message or receiving the message in the general mailbox (administrator's mailbox). On the one hand, this setting increases the number of received spam, on the other hand, it allows you not to lose letters with misspelled addresses.

Another anti-spam measure is to request a PTR record. A PTR record (pointer record) associates an IP address with a domain name. When requesting a PTR, the MTA only accepts mail if the sender's domain matches the domain of the sending server.

Let's consider an example in more detail. Some spam.com server is trying to send emails with a fake sender, supposedly from the example.com server known to us. In the case of filtering by white / black lists, such a letter will be delivered, since the sender is a user from a trusted domain (which is what spammers were counting on). In order to combat spam, the MTA generates a request PTR records for the IP address of the sending server, which he reports during the SMTP session. For the address y.y.y.y, the PTR request will return a spam.com domain name that does not match the sender's domain, which will cause the message to be rejected. At the same time, messages from server x.x.x.x will be received because the domain from the PTR record for x.x.x.x (example.com) matches the sender's domain.

So, the message has been received and is in the user's mailbox. How to read it? The mail storage, where user boxes are located, can be organized in a variety of ways: from banal folders and files to a database. Without technical knowledge, it is unlikely that you will be able to read your own mail. But should the user Ivanov be concerned about this? For him, the process of receiving mail is reduced to pressing the "Receive" button in the mail client.

To receive mail, the client establishes a connection with the MDA via the POP3 or IMAP protocol, necessarily passing data for authorization. MDA checks if the user is in the lists and, if successful, sends the client all new messages in his mailbox. The user Ivanov receives his correspondence and can work with it in a way that is convenient for him.

This is where our article ends, we strongly recommend a thoughtful reading and assimilation of the material presented in it. Subsequently, when considering practical implementations mail servers, we will submit material on the basis that the reader has knowledge in the amount of at least this article.

Mail server (e-mail server, mail server)- in the e-mail forwarding system, this is usually the name of the message transfer agent (English mail transfer agent, MTA). This computer program, which transmits messages from one computer to another. Usually the mail server works "behind the scenes", and users are dealing with another program - an email client (English mail user agent, MUA).

Organizing your own mail server allows you to more flexibly shape the policy for sending and receiving mail messages. Often, the capabilities of a mail domain host for setting up and processing messages are limited, while ICS filters allow you to simulate many different situations, as well as keep records and statistics of transmitted messages, and much more.

When entering the module, the status of all mail and jabber server services is displayed, as well as the "Disable" button (or "Enable" if the service is disabled). There is also a widget with a selection of main actions, a graph of mail statistics and mailer feeds, as well as the latest log events.

Settings

The Settings tab allows you to define following parameters mail server:

SMTP/POP3/IMAP port- allows you to change the standard ports for receiving and sending mail messages.

Interfaces for SMTP/POP3/IMAP- allows you to select the server interfaces through which mail messages are received and sent. By default, all interfaces are enabled.

The following fields allow you to set maximum size letters (in megabytes), maximum amount messages from the same IP address per minute, the interval between attempts to send, as well as the minimum and maximum waiting time in the mail queue.

Relay by default. Relay - a node that receives / forwards messages (e-mail), in this case, ICS acts as its default role. In some cases, you may need to register another server through which the ICS will send mail (for example, in the case of a multidrop mailbox configured on the provider's mail server).

Addresses from which forwarding is allowed- this is a list of addresses and domain names from which the ICS will always accept mail without greylisting and checking the correspondence of forward and reverse records.

Addresses from which forwarding is prohibited- this is a list of addresses and domain names, mail messages from which ICS will always reject.

RBL blacklists. RBL, Real-time Blackhole List (or DNSBL - DNS blacklist or DNS blocklist) - lists of hosts stored using the DNS architecture system. Usually used to fight spam. The mail server accesses the DNSBL and checks for the presence of the IP address of the client from which it receives the message. If the response is positive, it is considered that an attempt is being made to receive a spam message. The sender's server is reported a 5xx error (fatal error) and the message is not accepted. In most cases, you do not need to change this list.

Authorization default domain defines the mail domain that will be automatically substituted during user authorization. If you specify the default domain, users of this domain will be able to log in using their mailbox name without specifying the domain.

Automatically create folders when creating a mailbox- contains a list of standard folders created in the mailbox. If necessary, you can change their composition.

Check mail with antivirus Clamav /Dr.Wed /Kaspersky- setting these flags gives a signal to the mail server to check incoming and outgoing messages for viruses. If the result is positive, instead of the letter itself, the recipient will receive a message about the results of the check, and the letter itself will be attached to the message.

Use greylisting. Greylisting is a method of automatically blocking spam, based on the fact that the "behavior" of software designed to send spam is different from the behavior of regular email servers. If the recipient's mail server refuses to accept the letter and reports a "temporary error", the sender's server must try again later. Spamming software usually does not try to do this in such cases. You can enable this mode for enhanced mail spam checking. After enabling this option, the greylist parameters will become available for editing - time to ignore resend (in seconds), time to wait for resend (in hours), time to keep the sender in the whitelist (in days).

Server name for SMTP defines the SMTP Banner Postfix option.

Certificate for SMTP/POP3/IMAP- like other ICS services, the mail server can work both according to the standard protocol, in which the data is not encrypted when transferring files (which is unsafe), and according to the secure one. For these purposes, SSL certificates are used. By clicking on the […] button, you can assign a certificate previously created in the corresponding module for each protocol.

Use DLP- launches a service for checking mail messages by fingerprints of confidential information.

Hard drive for mail storage allows you to move the mail store to a separate HDD. By default, mail is stored on the system partition.

Signature for the web interface is enabled in the mail server settings, for this you need to check the "use signature" box and enter the signature in the window that opens by clicking the "edit html" button, and then save the settings.

The signature can be entered both in wysiwyg mode and in html mode.

Variables in the form [variable name] can be used in the signature, their possible values ​​are listed below:

Cn - Username ou - Group in which he is mail - Mailing address description - The "description" field of the user notes - The "comment" field of the user telephonenumber - The "phone" field of the user title - The "position" field of the url user - The "Website" field of the postaladdress user - The "Address" field of the pager user - The "ICQ" field user ounotes - Field "description" of the group in which he is

To insert images, image encoding in data: url is used. This is done as follows: using the service http://dataurl.net/#dataurlmaker (or similar) the image is converted to the format , then the resulting text is inserted into the signature html code.

IMPORTANT: the peculiarity of this mechanism in Roundcube is that the signature will be automatically generated only for a new account created after setting up the signature. After generation, it will also not be possible to change the signature automatically, so carefully plan the automatic signature when creating

Upload logo for Roundcube- this button allows you to select an image that will be located in the upper left corner of the mail web interface. For example, the logo of your organization.

The last three checkboxes allow you to enable a DKIM signature, check the DKIM of incoming messages, and automatically encode email headers into UTF-8.

The address book

Domains and mailboxes

Before you can add custom mailboxes, you must create a mail domain. Go to the "Domains and mailboxes" tab and click the "Add" → "mail domain" button. You can name the domain with any non-existent name if the exchange of letters will take place within the corporate network, or you can set up message forwarding on a real-life domain registered for your organization. If the "Create DKIM signature" checkbox is checked in the settings, then it will be added automatically.

When you double-click on the created account again, it will open with the already created DKIM key, which can be copied if necessary.

After that, by highlighting the created domain, you can add custom mailboxes to it. The server will ask you to enter the mailbox name, password and select the user to which this mailbox will be assigned. If necessary, you can specify a quota - the maximum reserved space on the ICS hard drive for storing letters this user. After exceeding this quota, letters for the user will not be accepted. By default, there is no quota.

It is not necessary to create a separate mailbox for each email name you need. Instead, you can create a link to the specified mailbox. Then all the letters coming to the box [email protected], will be redirected to a real mailbox [email protected]

Important: when creating mail domains and mailboxes, the corresponding domains and accounts appear in the jabber server section. The reverse is also true.

In order for the mail domain to be accessible from the external network and to be able to exchange data with other external servers, it is necessary to configure DNS records.

After mailboxes for users are created, they can connect to the ICS using email clients (for example, Mozilla Thunderbird or Microsoft Outlook) or use web interface for mail.

The "Filters" tab is used to process sent and received messages. They process mail according to the following conditions: size, sender, recipient, subject. The condition can be strict or non-strict. The number of conditions can be any, while the filter can process mail both when all conditions completely match, and when the first match occurs. After the condition matches, the filter can delete the message, move it to another mailbox, or make a copy.

In the above example, all letters sent to the same address, the size of which is greater than 5000 kB, and the subject of the letter contains the expression "not spam" will be copied to another ICS mailbox.

In order to create a new filter, you first need to select the conditions for triggering - if all conditions match, any of the conditions, or apply to all messages regardless of the conditions.

You can filter incoming and outgoing emails by email subject, sender, recipient, and size (in kilobytes). Checking for condition matching can be strict (“matches with”) or not strict (“contains”, “starts with”, “ends with”), as well as the reverse (“does not contain”). You can assign any number of conditions to one filter.

The last step is to select an action to take place after the filter is triggered. You can move the letter, copy it to another address, or delete it. The first two conditions allow you to enter the name of the mailbox or select it from the list created on the ICS.

For an example of how filters can be configured, see .

Mailing lists are the same filters, but with a simplified interface, in which it is enough to specify the mailboxes to which the mailing list will be distributed. The box to which the original letter arrives in the system should not be opened, since it is a link.

Antispam

For driving mail accounts located on other servers, you can use the "mail collector" function of the ICS. With its help, the ICS connects to the specified mail server under the selected login and password and moves or copies the contained mail to the mailboxes of the ICS users.

You can specify what to do with messages on the server - collect all, collect only new ones, leave messages on the server or delete them. The interval of the collector and the number of downloaded letters per session are also configured.

It works in two modes - automatic recipient detection and specifying a mailbox for assembly. Automatic detection works if the organization has one external mailbox located on the provider's server, and the rest of the mailboxes serve as its aliases. In other cases, a direct indication of the assembly box is used. That is, in most cases, when creating a collector, you must set the switch to the “Forward to” position.

The mail collector can also be used in cases where the organization uses the so-called "multidrop" mail method. It consists in the fact that all mail comes to the provider's or hoster's server and is stored there without being divided into user mailboxes. In this case, when setting up the mail collector, the "recipient" field does not need to be changed (the default value in it is the recipient's address). Thus, the collected letters will be automatically distributed depending on the addressee in the mailboxes of ICS users, and in the absence of such addressees, they will be added to the mailbox selected by default.

mail queue

This tab shows messages that are waiting to be sent, or that for some reason were not sent (for example, rejected by the gray list of the upstream mail server). When you select any object from the list, you can see the error code for which it was not delivered. You can manage the mail queue using the "Clear Queue" and "Send All" buttons. Also, each letter can be sent individually or removed from the queue.

Statistics

To control incoming and outgoing mail traffic, as well as spam and unwanted emails, you can use the "Statistics" section.

Just like in user statistics, you can apply various filters in the control panel to general information about the mail traffic of the ICS and display them in the form of a table. Table columns vary depending on the applied filter.

The report generator looks a lot like user statistics. The main filters can display information about user traffic, grouping according to the following criteria:

by sender domains,

by recipient domains,

by mailboxes,

by hours/days/months,

details of letters;

Magazine

The Log tab contains a summary of all system messages from the mail server. The magazine is divided into pages, using the "forward" and "back" buttons you can go from page to page, or enter the page number in the field and switch immediately to it.

Log entries are highlighted in color depending on the type of message. Normal system messages are marked in white, errors in red.

There is a search bar in the top right corner of the module. With it, you can search the log for the entries you need.

The log always displays events for the current date. To view events for another day, select desired date using the calendar in the top left corner of the module.

Mail server, mail server, e-mail server - this is usually the name of the message forwarding agent in the e-mail forwarding system. This is software that transmits messages from one computer to another. The mail server is usually not visible to the user. The user himself is dealing with another software - an e-mail client.

For example, in the most common configuration, the mail client is Outlook Express. Although the Mozilla Thunderbird client is often used lately. When a user types a message and forwards it to the recipient, the mail client interacts with the mail server via the SMTP protocol. The sender's mail server interacts with the recipient's server. On the recipient's server, the message sent to him goes to the mailbox, from which, using the MDA message delivery agent (mail delivery agent), it is delivered to the recipient's client. There are also POP3 and IMAP protocols which are supported by many mail servers.