At 6:33 +0000 7/16/03, Spyros Tsiolis wrote: >.. How would you setup the xmail box in order to administrer your own users >on-site ? And more specifically how would you use the MX record pointing >to the site ?
As someone else has suggested, there are PHP interfaces which work quite well, available as links from Davide's XMail page: http://www.xmailserver.org. There are also Windows-based GUI's that can access remote XMail servers, and these can be very nice to use as well (although I actually prefer the phpXmail interface & capabilities). Finally, you can access administrative actions from the command line using the CtrlClnt utility that comes with XMail...this is well documented in the XMail Read Me: http://www.xmailserver.org/Readme.html >Please keep in mind that the whole thing is behind a linux iptables firewall >and >the xmail box lives in the DMZ part of it. Just to let you know. > >OK ! I can't resist; I'll tell you what I've done. >I have 62.1.2.3 (serial.clientssite.com) for the default g/w. >I have 62.1.2.4 (mail.clientssite.com) for the xmail box on >the DMZ. > >Somehow I've done something wrong. I told the ISP to handle >the xmail box as our own mail entity, so we get mail from the world >directly on our port 25. >I don't want this (I don't feel very comfortable with the idea of >letting port 25 open to the world). >The way I vision this is for the ISP to get our mail and forward it >to us (store and forward ?), then us being able to talk to the world >directly for outgoing mail messages. I don't know exactly how you'd block all traffic to the 25 port while still allowing for sending out mail. This sounds like more of a firewall configuration issue than an XMail configuration issue, and iptables are way beyond me. The two ways I can imaging retrieving email are using either a POP3 sync or ERTN, both of which I'm unfamiliar with. A third option is to leave your port 25 open and receive email there for your accounts, but limit it to prevent open relay (discussed next). >Another question arises from the above : > >.. if I do leave the xmail box open to the world, what are the chances of > it becoming a(n) (unwanted) relay server ? Can I secure it xmail-wise > so that it doesn't serve half the world too ? > >Any ideas ? Yes. You want to clear your smtprelay.tab file and add two lines to it: "62.1.2.0"[TAB]"255.255.255.0"[NEWLINE] "127.0.0.1"[TAB]"255.255.255.0"[NEWLINE] The first line is set for a subnet with all ips (i.e. 62.1.2.0 - 62.1.2.255) If you have a more limited subnet, you should specify that (i.e. 255.255.255.192). I added the second line after I found that some locally running applications that needed a MTA looked for it on the localhost address (e.g. mailman). If you're only ever sending out from that computer (besides POP3 authorized users) you may not need the first line. >If yes, they would be greatly appreciated. > >BTW which is the current version of xmail ? Is it not v.1.6 ? The current version of XMail is 1.16. There are significant differences between this version and previous versions. As of 1.14 there is a new filter architecture (filters.in.tab and filters.out.tab with special filter.tab files in the filters folder). In 1.16 there are entirely new exit codes for filters and external actions. All of this is well documented in the read me file (referenced above). I'm sure someone will correct me if I've gotten anything wrong. Good luck with your setup. Toby -- Toby Reiter mailto:[EMAIL PROTECTED] Breezing Internet Communications http://www.breezing.com 1106 West Main St phone:434.295.2050 Charlottesville, VA 22903 fax:603.843.6931 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
