Setting up a virtual Mail server with XMail
Posted by Olivier Reisch on Monday April 29th, 2002 10:30:10 AM
Setting up a basic mail server can be a hard task at times. Especially when you want it to handle mail for multiple domains and multiple accounts on a single machine. In most of the cases, if you want it to do mail delivery (incoming and outgoing) as well as handle POP3 mail accounts, this may require the use of multiple software packages. Choosing the packages that can interoperate is not obvious either. However, there are a couple of complete Mail server packages which can come in handy and present many advantages. One of them is XMail.

XMail is an Internet and intranet virtual mail server featuring an SMTP server, POP3 server, finger server, multiple domains, no need for users to have a real system account, SMTP relay checking, RBL/RSS/ORBS/DUL and custom ( IP based and address based ) spam protection, SMTP authentication ( PLAIN LOGIN CRAM-MD5 POP3-before-SMTP and custom ), a POP3 account syncronizer with external POP3 accounts, account aliases, domain aliases, custom mail processing, direct mail files delivery, custom mail filters, mailing lists, remote administration, custom mail exchangers, logging, and multi-platform code.

The advantage of XMail are double folded. On one side, it's a virtual mail server. This means that it can both handle multiple virtual mail domains on a single machine as well as handle users for each domain seperately. Unlike other mail packages, XMail does not rely on shell accounts and thus makes your system less vulnerable to the consequences of stolen mail passwords. On the other side, XMail is a unique package to handle multiple services. With a single package, you can set up SMTP, POP3, Spam protection, Mailing lists, etc. This makes the whole mail server easier to maintain (no need to make multiple packages' config files work properly one with the other) and easier to keep updated (only one package to keep an eye on for security and bug updates). Last but not least, XMail is rather easy to set up.

I. Building XMail

You will have to compile XMail from the sources. They can be obtained at the XMail homepage. The current version (1.7) has not yet been adapted to the PPC platform, therefore, you'll need to also download this patch archive which will fix it up for PPC. The next release of XMail (1.8 and later) will contain the code for PPC and thus does not need updating. Once you have uncompressed the main source package, put the xmailppcpatch.tar.gz file into the newly created directory and untar it (tar -xvzf xmailppcpatch.tar.gz). This will replace some files and add others.

Now, we can start compiling the binaries. Simply type "make -f Makefile.plx" into the terminal and the server will be built quickly.

II. Installing XMail

First, make sure that all other Mail server software is disabled. Check boot services and your inetd or xinetd configuration files for this.

Next, move the "MailRoot" directory over to /var, then copy the binaries over to /var/MailRoot/bin by doing (while in the source directory of XMail) "cp CtrlClnt MkUsers XMCrypt XMail sendmail /var/MailRoot/bin". Change the access permissions to the MailRoot directory by issueing a "chmod 700 /var/MailRoot". Copy the "xmail" startup script over to /etc/init.d (cp xmail /etc/init.d). But don't start XMail yet, we have to configure it first.

III. Configuring XMail

We will use a simple setup. We will have XMail process mail sent to the "karasuma.net" domain. Please note beforehand that for XMail to work properly (or any other mail server software), karasuma.net (or your domain) has to point to the IP of the machine you install XMail on. Also, we'll have XMail act as a restricted SMTP relay for the user "doctomoe" and also set up a POP3 account for this same user.

Note that all configuration files are so called "TAB" files and can be found within the MailRoot directory. A TAB file is a simple text file where configuration directives are given one per line and where each argument is seperated by a tab character and not a space. You have to be very careful about this, else it won't work properly. Also, each argument has to be enclosed by quotes ("). Finally, each line has to be terminated by a newline (return/enter).

Example:

In Aliases.tab:

"karasuma.net"[tab]"*"[tab]"doctomoe"[newline], where [tab] and [newline] are the actual characters.

A) General Setup

First, we will tell the server what domains to handle, in the domains.tab file. Each domain is listed on one line, and enclosed by quotes. Example:

"karasuma.net"[newline]
"penguinppc.com"[newline]

Now, cd to the domains directory within the MailRoot directory. Delete the current content, "rm -rf *". Next, we will create new empty directories for each handled domain, eg. "mkdir karasuma.net" and "mkdir penguinppc.com". This is important, else we will be unable to add users afterwards.

If you own multiple variations of a domain (eg .com, .net, .org) which shall all work identically, ou can set up domain aliases in domainaliases.tab, in form "aliasdomain"[tab]"realdomain"[newline]. Example:

"karasuma.com"[tab]"karasuma.net"[newline].

Next, we will edit server.tab which contains several general settings for the mail server. We will only detail the most relevant options here, you can get details from the XMail manual.

- RootDomain: If you only have one domain name to handle mail for, enter it here. If you have multiple domains, enter the most relevant in here.
- POP3Domain: Sets the default domain for POP3 connections. If you have multiple domains, users will have to provide their full email address as POP3 username to access the right mailbox. This is the domain that will used if they only provide the username part of their email address. It should be set to the most relevant domain name.
- PostMaster: The email address of the administrator of the mail server. Can be an address in a domain the server handles itself.
- RemoveSpoolErrors: Indicated what to do with mail that can not be delivered for some reason. If you care about disk space and don't need a copy of undelivered email, set this to 1.
- AllowNullSender: Defines whether someone can send an email through your server without providing a "From:" origin line. Should be set to 0.

Ok, these were the relevant configurations, there are a few more, some of which will be detailed later on when we configure SMTP and POP3 settings. For now, your server.tab should look a bit like:

"RootDomain"[tab]"karasuma.net"[newline]
"POP3Domain"[tab]"karasuma.net"[newline]
"PostMaster"[tab]"postmaster@karasuma.net"[newline]
"RemoveSpoolErrors"[tab]"1"[newline]
"AllowNullSender"[tab]"0"[newline]

Finally, we have to configure an administrator account. This will make life easier to add new users and domains. Edit the file ctrlaccounts.tab and remove the current entry. Next, enter a username password pair. The password has to be encrypted using the XMCrypt tool in the bin directory of MailRoot, eg. cd bin and ./XMCrypt test will return 11001611. Example:

"doctomoe"[tab]"11001611"[newline]
You should also restrict the IPs that can use this adminstrator account. You'll have to edit the ctrl.ipmap.tab file for this. Example:

"192.168.0.0"[tab]"255.255.255.0"[tab]"ALLOW"[tab]"1"[newline]
"0.0.0.0"[tab]"0.0.0.0"[tab]"DENY"[tab]"2"[newline]

This will allow people from the internal LAN to use the account but noone from the Internet will be able to use it. The numbers at the end of each line are used to influence the precedence of the IP filter rules.

B) User Setup

First, we will have to setup a dummy account. Edit the mailusers.tab file to look like:

"karasuma.net"[tab]"dummy"[tab]"11001611"[tab]1[tab]"dummy"[tab]"U"[newline]

We need that one, so XMail will start up at all. Now, let's set default settings for new users in userdef.tab

"MaxMBSize"[tab]"50000"[newline]
(maximum size of a user's mailbox)
"SmtpPerms"[tab]"MR"[newline]
(default permissions for each user on how he can
use the SMTP server, MR should be fine for most,
leave empty to restrict users from using your SMTP server)
"ReceiveEnable"[tab]"1"[newline]
(user can receive mail)
"PopEnable"[tab]"1"[newline]
(user is allowed to log into his POP3 account)

It's time now to launch XMail for the first time. Go to bin (cd bin) and type ./xmail start This may take a bit the first time. Also note that it will launch multiple instances of XMail, so don't be surprised if you do a ps -aux.

Now, we can add our users using the CtrlCnt administration tool. While in bin, type ./CtrlCnt -s localhost -u doctomoe -p test [cmd]. Of course you'll have to replace the -u and -p arguments with your own username and password for the administration interface. [cmd] is the actual command used through the administration tool and can be, among others:

useradd domain login password type (add user)
userdel domain login (delete user)
userpasswd domain login newpassword (changes password for a given email account)

There are many more commands available which you can check in the XMail manual. Examples:

./CtrlCnt -s localhost -u doctomoe -p test useradd karasuma.net doctomoe test U
(U = user account, M = mailing list,
also note that the password is given in plain text here)
./CtrlCnt -s localhost -u doctomoe -p test userdel karasuma.net doctomoe

The useradd directive will create all the necessary files and entries for the new user to be handled by the Mail server. It will also apply the default user settings for the newly created users. You can change these settings individually for each user using either CtrlCnt or by editing his user.tab file in the domains/domain/user directory within the MailRoot directory.

Now that the users are set up, remove the dummy account again.

./CtrlCnt -s localhost -u doctomoe -p test userdel karasuma.net dummy

C) Using SMTP

The SMTP server is enabled by default, yet, there are multiple ways to restrict the use of the SMTP server. You should have at least one of them enabled to avoid that anyone but your users can use your SMTP as a relay. Valid methods are IP restriction, SMTP AUTH and SMTP after POP3. The latter possibility is enabled by default and can be disabled in the server.tab file. ("EnableAuthSMTP-POP3"[tab]"0"[newline]) If it's enabled, users can use the SMTP server for a set period of time after logging into their POP3 account.

First we should setup the smtprelay.tab file. It contains those IPs that have unrestricted SMTP relay access. You should only allow your LAN to do that, eg.

"192.168.0.0"[tab]"255.255.255.0"[newline]

Your smtp.ipmap.tab should contain:

"0.0.0.0"[tab]"0.0.0.0"[tab]"ALLOW"[tab]1[newline]

If you set this to DENY, you can disable the SMTP server completely, noone will be able to use it, at least for outgoing mail.

All the users in the mailusers.tab file can use the SMTP server to send their mail. They'll have to use their full email address as login and their account password as SMTP password. You can also give SMTP AUTH access to users without giving them an email address by adding their login and password to the smtpauth.tab file in form:

"username"[tab]"password"[tab]"permissions"[newline] (permissions usually should be MR)

There are more SMTP options that can be set in the server.tab files. Also note that you can modify individual SMTP settings for each user in their user.tab file. Check the manual for details.

D) Using POP3

The POP3 server is enabled by default. You can disable POP3 logins, by either denying access to all IPs in the pop3.ipmap.tab file, similiar than for SMTP, or by setting the "PopEnable"[tab]"0"[newline] variable in userdef.tab. In the latter case, you can enable POP3 access for selected users by reversing the setting in their respective user.tab files.

To log into a POP3 account, users have to provide their full email address and their account password.

IV. Cleaning up

Ok, so now we should have a basic Mail server configured. We only outlined the most vital configurations here. You should absolutely check the XMail manual for indepth configuration settings and to use many more of XMails features. One more thing, you may want to link /usr/bin/sendmail to /var/MailRoot/bin/sendmail for sendmail support through XMail.

Stop the server for now by doing a ./xmail stop in the bin directory. Now, go to /etc/init.d and edit the xmail rc script within to have this line:

XMAIL_CMD_LINE="-Pl -Sl -Ql -Ll"

Providing these startup options enables full logging and XMail will log all transfers to the log directory within MailRoot.

Next, you'll have to make sure that XMail gets started upon system boot. The easiest would be to use a SysV Init editor such as ksysv. Alternatively, you could make the links to S??xmail and K??xmail manually in /etc/rc.d Many distributions also include other tools to determine what services should be started on system boot. Check your distributions manual or documentation for details.

You can start XMail again without rebooting by typing /etc/init.d/xmail start as root.

I hope this guide has been useful and comprehensive. If you have any suggestions or additions to make or if you think it lacks vital information, let us know.

<Rsync Howto | Sound Troubleshooting Guide>

The Fine Print: The following comments are owned by whoever posted them.
(Reply)

This is by far the easiest guide to setting up xma
by Olivier Reisch on Tuesday May 06th, 2003 04:53:11 PM
I now have 3 xmail servers configured, up and running in no time at all thanks to this article.


Site powered by Nope 0.9.10
Copyright © 2000 Site and Database design, iBookLinux under GPL.
Linux is a trademark of Linus Torvalds.
iMac, iBook and Macintosh are trademarks of Apple Computer Corp.
The contents of articles and comments are owned
by their respective authors.