[IMGate] Re: Moving away from Imail
We did this years ago. We started with an Imail 8 box and added our first IMGate soon thereafter. The IMGate ran so well, and Imail started charging more and more (and functioning properly less and less), so we decided to go with 100% open source for our entire mail system. That has since changed with the addition of Exchange to our organization, but our gateways and main mail servers are all FreeBSD. =20 Your needs will be different from ours, but I'd like to save you some trouble. Your choices are to configure everything piecemeal or to go with a package such as Zimbra (http://www.zimbra.com/community/downloads.html). We chose to configure everything piecemeal, which gives you the most flexibility. =20 The software we chose was as follows: OS - FreeBSD Stable SMTP - postfix (stay away from sendmail, exim and qmail) IMAP/POP3 - courier (if I had it to do over, I'd choose dovecot) Webmail - Squirrelmail (see below, I don't recommend this) Spam/Virus - Amavisd-new with SpamAssassin and ClamAV Mailing lists - Mailman Management Interface - postfixadmin User data is stored in MySQL databases and each program performs its lookups on those databases. I've heard that LDAP is more robust, but a properly tuned MySQL has held up well for us. If you're going to do it this way, I'd start with postfixadmin. It requires a specific database layout, so you want to get that set up first. The biggest drawback in our config is Squirrelmail. There are other webmail programs out there, but I needed one that would allow spam management via webmail. Squirrelmail has plugins for Amavisd-new to allow users to manage their quarantine and to modify their spam filtering settings. At the time, this was the only way to do this. I don't know if any of the others have added any such capabilities. The problem with Squirrelmail is that by today's standards, the interface is crap. I know it is all eye-candy, but today's users want something pretty and Squirrelmail is not. I haven't kept up with the changes in it because I heavily modified my install and therefore can't easily update, so I don't know if they have updated the interface. Other webmail packages such as Roundcube looked great, but didn't have the plugin capability and weren't really ready for prime-time when we made the switch. I said all the above to say this: If I had it to do over, I'd go with a package like Zimbra. It is full-featured and much easier to install and configure than all the above. It uses many of the same pieces of software (ie: postfix, etc), but it tightly integrates each piece. You don't have as much flexibility, but you have an easier time configuring, managing and maintaining it. Also, don't make custom modifications that break your ability to upgrade. If you make any modifications to the code, you will have to make the same or similar changes each time you upgrade. Dan Horne TAIS Director of Operations www.taisweb.net [EMAIL PROTECTED] 828.252.TAIS (8247) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of NeoBlu Sent: Monday, August 11, 2008 10:22 PM To: IMGate@mgw2.meiway.com Subject: [IMGate] Moving away from Imail =20 Has anyone on this list moved away from Imail to a complete end-to-end *nix solution? If so, what were your choices (SMTP, POP, IMAP, Webmail, etc.) and experiences? =20 We have recently decided to do this. The only choice we are firm on is Postfix w/an IMGate type setup for SMTP. We are considering Dovecot for POP/IMAP. Webmail, dunno. Interested in your experiences. =20 Thx. =20 -NB =20 =20
[IMGate] Re: Exporting users from Imail or SmarterMail and putting them to the Imgate box
I just wanted to make a note here, since it is my script that is doing this. We have never modified the relay_recipients.map file manually on the postfix server, so I had never seen these. I opened the file using FreeBSD's edit command and I did see all these ^M's you refer to. However, postfix has never complained nor errored using this file, so removing them seems to be purely cosmetic.=20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Lucero Sent: Friday, May 05, 2006 7:22 PM To: IMGate@mgw2.MEIway.com Subject: [IMGate] Re: Exporting users from Imail or=20 SmarterMail and putting them to the Imgate box =20 =20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Keen Sent: Thursday, May 04, 2006 5:21 PM To: IMGate@mgw2.MEIway.com Subject: [IMGate] Re: Exporting users from Imail or SmarterMail and=20 putting them to the Imgate box =20 Thanks Len and NB, =20 The tr command did the trick for removing the ^M's from the file. =20 I was able to use the scheduler service and the AT command=20 on NT along=20 with the cron facility on FreeBSD to accomplish all of the=20 scheduling=20 tasks. =20 Seems to be working perfectly. =20 Thanks again. =20 Sincerely, =20 Michael Keen President [EMAIL PROTECTED] http://www.inksite.com 973-633-1786 =20 Since your using FreeBSD you can also install the port unix2dos =20 This gives you two utilities to remove and add the ctrl-M's =20 To remove the ctrl-M's=20 =20 dos2unix foo.txt =20 To add the ctrl-M's =20 unix2dos foo.txt =20 Ed =20 =20 =20 =20 CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of = the intended recipient(s) and may contain confidential and privileged = information. Any unauthorized review, use, disclosure or distribution is = prohibited. If you are not the intended recipient, please contact the = sender by reply email and destroy all copies of the original message. =20 SPAM-FREE 1.0(2476)
[IMGate] Re: SMTP AUTH
http://www.postfix.org/SASL_README.html=20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar K. Sent: Tuesday, March 07, 2006 7:25 AM To: IMGate@mgw2.MEIway.com Subject: [IMGate] SMTP AUTH I want to implement SMTP AUTH on my IMGATE machine, what is the recommend method to implement this ? =20 Thanks, CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of = the intended recipient(s) and may contain confidential and privileged = information. Any unauthorized review, use, disclosure or distribution is = prohibited. If you are not the intended recipient, please contact the = sender by reply email and destroy all copies of the original message. =20 SPAM-FREE 1.0(2476)
[IMGate] Re: SMTP AUTH
Grr... Don't know how that =3D20 got on there: http://www.postfix.org/SASL_README.html =20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dan Horne Sent: Tuesday, March 07, 2006 10:15 AM To: IMGate@mgw2.MEIway.com Subject: [IMGate] Re: SMTP AUTH http://www.postfix.org/SASL_README.html=3D20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar K. Sent: Tuesday, March 07, 2006 7:25 AM To: IMGate@mgw2.MEIway.com Subject: [IMGate] SMTP AUTH I want to implement SMTP AUTH on my IMGATE machine, what is the recommend method to implement this ? =3D20 Thanks, CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of = =3D the intended recipient(s) and may contain confidential and privileged = =3D information. Any unauthorized review, use, disclosure or distribution is =3D prohibited. If you are not the intended recipient, please contact = the =3D sender by reply email and destroy all copies of the original = message. =3D20 SPAM-FREE 1.0(2476)
[IMGate] Re: Suggestions
That's what mine is on. IMGate was my first experience with FreeBSD (or any BSD), but since then it it my primary choice of OS for every *nix-like server I build. Using the ports system, I'll never again have to enter dependency hell. But, again, just my opinion, and opinions are like a-holes... --DH=20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Cobb Sent: Thursday, February 02, 2006 11:12 AM To: IMGate@mgw2.MEIway.com Subject: [IMGate] Re: Suggestions Not trying to start a flame war, but is FreeBSD still the best thing to run Imgate on?=20 Steve Cobb, A+, MCSE Computer Geeks [EMAIL PROTECTED] *** Do you know that if you died right now, you would go to Heaven? Find out how you can know! http://www.kingscrossroads.org/heaven1.htm=20 =20 CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of = the intended recipient(s) and may contain confidential and privileged = information. Any unauthorized review, use, disclosure or distribution is = prohibited. If you are not the intended recipient, please contact the = sender by reply email and destroy all copies of the original message. =20 SPAM-FREE 1.0(2476)
[IMGate] Re: Exporting users from Imail or SmarterMail and putting them to the Imgate box
Sorry about the bad wrapping. Resending to try and fix formatting problems with the code examples: Rem --Start syncIMGate.bat--- m: cd \Imail\ScheduledTasks ImailUsers.exe sed s/$/ OK/ imailusers.txt relay_recipients_unsorted.txt sort relay_recipients_unsorted.txt relay_recipients_sorted.txt uniq -i relay_recipients_sorted.txt relay_recipients.map ftp -s:syncIMGate.txt del relay_recipients_unsorted.txt del relay_recipients_sorted.txt exit Rem --End syncIMGate.bat-- Rem --Start syncIMGate.txt--- open IMGate.example.com IMGateUser IMGatePass cd postfix lcd M:\Imail\ScheduledTasks put relay_recipients.map Quit Rem ---End syncIMGate.txt
[IMGate] Re: IMGate on Gentoo?
David Fletcher wrote on Thursday, October 27, 2005 11:32 AM: =20 I am a current user of Gentoo linux and a past user of Debian linux.=20 I have never used BSD, but would be willing to if that is the best option. =20 =20 Just want to throw in my opinion here. I also had never used FreeBSD until I installed IMGate. I had used Gentoo at home for several months before the IMGate install, and I wanted to install to Gentoo. My superiors made the decision, however, that since Len suggested FreeBSD that we should go that route, at least in initial testing. Since that fateful day, I have fallen in love with FreeBSD and refuse to use any other OS for a server. The ports system is the best package management system I have seen. Say goodbye to dependency hell. Apt is great, and emerge is cool too, but give me the ports system any day. The ports collection is similar to emerge, in that everything is compiled from source instead of binaries (although FreeBSD has a binary system as well, I don't use it). Unlike Gentoo, however, it isn't nearly as complicated or time-consuming. A Gentoo install can take me a couple of days to compile an install sometimes, and after that you still have to set everything up (another week). With FreeBSD and the package system you can be up and running in less than a day with all the software that you need installed and configured. Once you get over the slight differences between BSD and Linux, you will be glad you made the choice. OK, I'm done. Sorry if I got any on you.
[IMGate] Re: Web mail programs
There are several open source webmail clients (I haven't tried any of them, so YMMV and you'll need to check out their capabilities), including jwma, Squirrelmail, Horde, Open Webmail and about a hundred others according to this search on SourceForge: http://sourceforge.net/search/?type_of_search=3Dsoftwords=3Dwebmail =20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Fuhrmeister Sent: Wednesday, September 28, 2005 11:52 PM To: IMGate@mgw2.MEIway.com Subject: [IMGate] Web mail programs I need a web mail program that will run on Free BSD and access my IPSwitch iMail server via IMAP.=20 Something that provides a competitive user interface, html email formatting and some address book functions.=20 Any suggestions?=20 (We're using the iMail Web Messaging program and it's just not competitive with everyone else.) Paul Fuhrmeister [EMAIL PROTECTED]
[IMGate] Re: imailusers.exe problems?
Len Conrad wrote on Thursday, September 29, 2005 4:27 PM: I've never heard of or seen of any problems since Terry did this util, until one of my clients this week switched from RAV to exporting his Imail users. He says imailusers.exe failed to export a couple of users on a couple of domains. =20 =20 Anybody every had any problems with imailusers.exe? =20 Len Been using it for a year for that very task and it has never missed an email address. We are adding and deleting addresses throughout the day and it has been running once an hour without fail and without issue.
[IMGate] Re: IMGate/Postfix under Ubuntu/Debian
Aaron Clausen wrote on Thursday, September 08, 2005 7:11 PM: =20 I tried as you suggested, but there were numerous dependency problems. Synaptic even wanted to uninstall Linux-386! I'm at a bit of a loss on how to proceed. I'm a big linux fan, but dependency hell is exactly why I only run my servers on FreeBSD. We tried SUSE Enterprise Linux for our new mail server, but we ran in to the exact problem you are having. We are now trying to get our money back for SLES as our FreeBSD mail server purrs along without a hitch. The ports collection is the greatest thing since sliced peanut butter. Zero dependency problems, because everything is built from source. I know it doesn't help your case, but for future builds it is something you might want to consider.
[IMGate] OT: OS choice
We have been going round and round about email archiving with Imail and postfix. We started out trying to do archiving with Imail's copyall account and Imail rules, but that wasn't very reliable. So then I started this project to get postfix to AUTH the Imail accounts, which was going swimmingly until we figured out (due to a post on this list) that webmail still wouldn't be archived in this way, nor would anyone not using postfix as their SMTP server (meaning that we would have to have ALL our clients change over instead of just those requesting archiving). Len's DNS layout posted earlier would be great, but unfortunately all our clients are currently set up with the same server for incoming and outgoing. Live and learn. =20 All that led to my supes asking me Is there a solution that will archive ALL mail for a particular domain, incoming and outgoing, and not make any mistakes? To which I replied Yeah, but not with Imail. Very long story short, now I am tasked with a much larger project: replace our Imail server with an open source solution (should have kept my mouth shut). So I'm planning this thing out and I know mostly what software I want to use (postfix, courier, etc), but when it comes to OS, well I'd like some advice. The choice comes down to this: should we pay for a distribution just to get the included support? Or should we stick to FreeBSD, which we are currently using to run our IMGate gateway and has been ROCK SOLID? The yearly cost of, say SUSE Enterprise Server or Red Hat ES isn't a problem, since we will still be saving over Imail and Declude yearly maintenance contracts. It just seems somehow wrong to me to be paying for something we could be getting free. Is the support contract that we would get from either of the two actually worth the cost? If any of you have purchased one of the two and have used the support, how helpful is it? Do any of you have thoughts on this matter that may help us make our decision?
[IMGate] Re: AUTH to Imail user accounts via LDAP
Thanks, I'm working on it.=20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Lucero Sent: Tuesday, July 05, 2005 2:24 PM To: IMGate@mgw2.MEIway.com Subject: [IMGate] Re: AUTH to Imail user accounts via LDAP -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dan Horne Sent: Tuesday, July 05, 2005 10:48 AM To: IMGate@mgw2.MEIway.com Subject: [IMGate] Re: AUTH to Imail user accounts via LDAP =20 I agree, and I was already halfway down this road when I read your=20 message. I already export users for relay_recipient_maps, using=20 imailusers.exe. How would I get the passwords? I would (I believe)=20 first have to loop through the registry and get every=20 username/password pair for each Imail host, then I would have to=20 decrypt the passwords. I don't really have the time (or the skills,=20 really) to write a program to do either. Maybe Martekware's Iplus=20 Info Browser could output such a report. I'll ask them.=3D20 =20 Moving on, reading the postfix SASL_README, it seems that SASL can=20 either use the UNIX pw database or its own sasldb. How would I=20 configure it to look at an external file? Or is there a way to map=20 the contents of the external file into the sasldb? I see the command=20 in the README to add them one by one using saslpasswd2, but would I=20 have to write a script that runs through the contents of my exported=20 file and runs this command for each entry? Or is there an easier way? =3D20 =20 It also says that SASL supports only one realm per postfix instance. How do I configure multiple domains into the same realm? Can the=20 smtpd_sasl_local_domain be a hash: map? =20 =20 =20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Tuesday, July 05, 2005 11:18 AM To: IMGate@mgw2.MEIway.com Subject: [IMGate] Re: AUTH to Imail user accounts via LDAP =20 =20 Is it possible to configure postfix to AUTH users based on the=20 Imail=3D20 database using LDAP? =20 at one time, Imail LDAP didn't allow (secure) access to passwords, but I think that was added quite a while ago. =20 It's probably no more difficult to export the users/passwords to file=20 on postfix. The same file, or a file derived from it, could be used for=3D20 rejecting unknown recipients. one export file giving two usages. =20 I prefer to avoid coupling MXs to the mailservers. =20 Len =20 =20 =20 =20 =20 Yes. You will need to write a script to process the input file. You do not need to worry about realms. The user ID will be the email address. Ed Example: echo 'password' | /usr/local/sbin/saslpasswd2 -p -c [EMAIL PROTECTED] sasldblistusers2 [EMAIL PROTECTED]: userPassword
[IMGate] Re: Signed up for the spf stuff
Also, there's nothing to sign up for. You can use SPF whether you register with spf.pobox.com or not. It is just DNS records.=20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bob McGregor Sent: Wednesday, March 30, 2005 4:30 PM To: IMGate List Subject: [IMGate] Signed up for the spf stuff Just curious on if any of you are signing up for this service? http://spf.pobox.com/
[IMGate] Problem adding domain
I am trying to add a new domain to Imgate, but it isn't working. The domain is tuckrs.com, and I have added the following to transport.map: tuckrs.com smtp:68.118.153.2 This line matches the rest of the entries in transport.map. I have also added the valid email addresses to relay_recipients.map, but I don't think it is even getting that far. When attempting to send to a user on the tuckrs.com domain, postfix returns: 550 5.7.1 Unable to relay for [EMAIL PROTECTED] Which isn't the same thing I get when the name isn't in the relay_recipients.map file. It seems that it isn't seeing it in the transport.map even though I have postmapped and postfix reloaded. Help? Thanks, Dan.
[IMGate] Re: Problem adding domain
My bad. I had fat-fingered the MX record in DNS, so it was sending to MX3 instead of MX2. MX3 is a ms-smtp outbound-only box. All straightened out now. Thanks Len.=20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Friday, February 04, 2005 4:49 PM To: IMGate@mgw2.MEIway.com Subject: [IMGate] Re: Problem adding domain 550 5.7.1 Unable to relay for [EMAIL PROTECTED] That's not a postfix error msg, postfix isn't doing the reject. check your .map files with postmap -q string hash:/etc/postfix/file.map Len
[IMGate] Re: Imail bogus connects in high volume
When I originally set up IMGate, I had to switch from RAV to reject-unlisted-recipient for this very reason. Imail couldn't handle the dictionary attacks, and it couldn't handle the RAV from the dictionary attacks. The whole point of IMGate for us was to take the load and processing power for the dictionary attacks off of Imail. The RAV still connected to Imail to verify the address, rendering IMGate useless as far as Imail was concerned. The only way it would seem to have any effect on the dictionary attacks is with reject-unlisted-recipient. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Wednesday, January 26, 2005 10:45 AM To: IMGate@mgw2.MEIway.com Subject: [IMGate] Re: Imail bogus connects in high volume To look at where the connections are coming from? the connections are from Imail to postfix. I'll report whether upgrading from RAV to reject_unliseted_recipient fixes the pb, or not. Judging from the number of IMail users that have Imail screwing up from large volumes of unknown users, I have to say Imail is becoming less acceptable as an MX machine as the volumes go up. Imail is vulnerable as MX. Len
[IMGate] Re: need sugestions for new Imgate box
I am running it on 5.3 with no problems. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Terry Fritts Sent: Friday, January 14, 2005 12:28 PM To: IMGate@mgw2.MEIway.com Subject: [IMGate] Re: need sugestions for new Imgate box Hi Kenzo, How did this pan out for you? I'm considering putting together 2 IMGATES using a couple of their boxes. Did you get the servers and are you happy with them? Also, what was your final hardware spec that you ended up with? Just curious... Hi Len - is there any issues with going to FreeBSD 5.2 or the newest 5.3?? Thx. -jason Friday, December 3, 2004, 3:00:12 PM, you wrote: K I have decided to go with eracks. (http://eracks.com/) They give the K option to custom build the systems and test the hardware with the OS K of your choice. This is good because then I won't have to worry about K hardwares not working.
[IMGate] Re: Script Problem
I use this batch file on my Imail server to create the file, then ftp it over to my IMGate box, scheduled once per hour. It requires unxutils. Start syncIMGate.bat--- rem Make sure we're in the right directory. m: cd \Imail\ScheduledTasks rem Run ImailUsers.exe to create the list of recips. ImailUsers.exe rem Use sed to put the OK at the end of each line sed s/$/ OK/ imailusers.txt relay_recipients_unsorted.txt rem Sort the list sort relay_recipients_unsorted.txt relay_recipients_sorted.txt rem Make sure there are no duplicates uniq -i relay_recipients_sorted.txt relay_recipients.map rem FTP the file over to IMGate using the separate rem script file syncIMGate.txt for the ftp commands ftp -s:syncIMGate.txt rem Remove the temporary files del relay_recipients_unsorted.txt del relay_recipients_sorted.txt exit End syncIMGate.bat--- The following is the ftp command script to send the file to IMGate. Replace USERNAME with the appropriate username and PASSWORD with the pw. Replace imgate.yourdomain.net with your IMGate host name or IP. Start syncIMGate.txt--- open imgate.yourdomain.net USERNAME PASSWORD cd /etc/postfix lcd M:\Imail\ScheduledTasks put relay_recipients.map quit End syncIMGate.txt--- Then just add a line like: 05 */1 * * * rootpostmap /etc/postfix/*.map to your crontab to run postmap once per hour (I have it scheduled for 5 minutes after the Imail job). HTH
[IMGate] Re: Brand new to IMGate, with a problem
Thanks, I understand now. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Baker | Netsmith Inc Sent: Thursday, December 02, 2004 8:36 AM To: [EMAIL PROTECTED] Subject: [IMGate] Re: Brand new to IMGate, with a problem Note the 450 address verification IN PROGRESS Postfix returns 4xx (try again) WHILE it starts the probe process to build the address verification database. When that MTA tries again it will either get through or get a more permenent error -Original Message- From: [EMAIL PROTECTED] [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] Sent: Thu Dec 02 07:24:52 2004 Subject: [IMGate] Re: Brand new to IMGate, with a problem Yeah, I got that. But is the address verification timing out waiting on my Imail server to respond? How can I tell where the problem is? And was this message delivered? I THINK it wasn't, and that the lines in the maillog were for a different message that happened to come in around the same time (the clocks on the 2 servers aren't sync'ed), but I'm not sure I'm reading the data right. But even so, the message in the maillog says there is a different error on the message it refers to, Helo command rejected: 4tuple_capturing_of_non-reje... Ah. Never mind on that one. So what I'm looking at is an email that was probably rejected due to the sending server getting over-eager, but was told to retry (?), and another with an error that didn't cause it to be rejected? Is that right? Or am I way off? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Wednesday, December 01, 2004 5:36 PM To: [EMAIL PROTECTED] Subject: [IMGate] Re: Brand new to IMGate, with a problem Transcript of session follows. Out: 220 mx2.taisweb.net - ESMTP - Postfix - Attn: UCE not permitted. Violators will be prosecuted. In: EHLO mgw2.meiway.com Out: 250-mx2.taisweb.net Out: 250-PIPELINING Out: 250-SIZE 500 Out: 250-ETRN Out: 250 8BITMIME In: MAIL FROM:[EMAIL PROTECTED] SIZE=2479 BODY=8BITMIME Out: 250 Ok In: RCPT TO:[EMAIL PROTECTED] Out: 450 [EMAIL PROTECTED]: Sender address rejected: unverified address: Address verification in progress this is sender address verification In: DATA Out: 554 Error: no valid recipients the IP proceeded to DATA command before postfix OKed any RCTP TO, duh. Len