1 Topic by kend

  • kend
  • Member
  • Offline
  • Registered: 2016-08-25
  • Posts: 16

Topic: Specific Help to Set Up MX and Related Configurations?

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.105
- Linux/BSD distribution name and version: CentOS 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====

I am VERY inexperienced in administering an email server. I have read a lot about MX records, etc, including the explanation provided by the iRedMail website, but I cannot find a clear and simple explanation of how they actually work.

I am trying to set up an INTRAnet-only email server using iRedMail. I know I need a local MX record so that machines on my network can find the iRedMail server. I do not believe I need A records, or any other records, because this server is going to be invisible to the internet.

I currently have such an email server using the ClearOS system (a version of CentOS designed to function as an LDAP "domain"/SAMBA "domain" controller, as well as an email server). It functions properly without any MX records, simply by directing email requests to the machine name. I will have to stop using ClearOS and I am trying to replace its email functionality.

I tested a different email server with ClearOS and was able to get it to work without disrupting the production email system by adding some lines to the ClearOS dnsmasq.conf file (see below).

I have successfully installed iRedMail. I can confirm that I can use an iRedMail account to send mail to itself using RoundCube. That works.

Now I want to configure Windows mail clients (Thunderbird, Eudora) to use this system. I can't seem to figure out how to do this. I have looked at the iRedMail website for setting up Thunderbird but those instructions don't work, so I think I have my MX/domain/host records wrong.

In the current ClearOS system on my network, the ClearOS server is an LDAP server and local DNS server. This machine uses dnsmasq for local DNS.

I set up the following in dnsmasq.conf:

bogus-priv
dhcp-authoritative
dhcp-lease-max=1000
domain-needed
domain=kirk.internal.lan
expand-hosts
no-negcache
strict-order
user=nobody
mx-host=sticmail.com,scotty.internal.lan,10
mx-target=scotty.internal.lan
localmx

internal.lan is the LDAP "domain".

The last 3 lines are the mx records for the iRedMail server.

NOTE: with this configuration, I can use a POP3 or SMTP client with the ClearOS email system by supplying the machine name to the client as the email server. This is desirable because I do NOT want this email server visible to the internet. I only want it to work on the local network.

On the machine that is hosting iRedMail (machine name "scotty"), I set the hostname as scotty.internal.lan.

In the hosts file I have:

127.0.0.1   scotty.internal.lan scotty localhost localhost.localdomain

When I do hostname -f I get:

scotty.internal.lan

If I use the machine name referenced here (scotty) with Thunderbird to retrieve mail (POP3) from the iRedMail system, the name is resolved and Thunderbird attempts to connect to scotty, but fails.

If I just feed Thunderbird the email domain (sticmail.com), Thunderbird returns "not found".

Using scotty.internal.lan, or scotty.sticmail.com or the IP address of scotty all fail.

Can anyone provide specific information on how to set this up, using the exact names I've provided here (not "example.com", etc)?

Thanks.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by kend (edited by kend 2016-09-01 02:34:19)

  • kend
  • Member
  • Offline
  • Registered: 2016-08-25
  • Posts: 16

Re: Specific Help to Set Up MX and Related Configurations?

kend wrote:

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.105
- Linux/BSD distribution name and version: CentOS 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====

I am VERY inexperienced in administering an email server. I have read a lot about MX records, etc, including the explanation provided by the iRedMail website, but I cannot find a clear and simple explanation of how they actually work.

I am trying to set up an INTRAnet-only email server using iRedMail. I know I need a local MX record so that machines on my network can find the iRedMail server. I do not believe I need A records, or any other records, because this server is going to be invisible to the internet.

I currently have such an email server using the ClearOS system (a version of CentOS designed to function as an LDAP "domain"/SAMBA "domain" controller, as well as an email server). It functions properly without any MX records, simply by directing email requests to the machine name. I will have to stop using ClearOS and I am trying to replace its email functionality.

I tested a different email server with ClearOS and was able to get it to work without disrupting the production email system by adding some lines to the ClearOS dnsmasq.conf file (see below).

I have successfully installed iRedMail. I can confirm that I can use an iRedMail account to send mail to itself using RoundCube. That works.

Now I want to configure Windows mail clients (Thunderbird, Eudora) to use this system. I can't seem to figure out how to do this. I have looked at the iRedMail website for setting up Thunderbird but those instructions don't work, so I think I have my MX/domain/host records wrong.

In the current ClearOS system on my network, the ClearOS server is an LDAP server and local DNS server. This machine uses dnsmasq for local DNS.

I set up the following in dnsmasq.conf:

bogus-priv
dhcp-authoritative
dhcp-lease-max=1000
domain-needed
domain=kirk.internal.lan
expand-hosts
no-negcache
strict-order
user=nobody
mx-host=sticmail.com,scotty.internal.lan,10
mx-target=scotty.internal.lan
localmx

internal.lan is the LDAP "domain".

The last 3 lines are the mx records for the iRedMail server.

NOTE: with this configuration, I can use a POP3 or SMTP client with the ClearOS email system by supplying the machine name to the client as the email server. This is desirable because I do NOT want this email server visible to the internet. I only want it to work on the local network.

On the machine that is hosting iRedMail (machine name "scotty"), I set the hostname as scotty.internal.lan.

In the hosts file I have:

127.0.0.1   scotty.internal.lan scotty localhost localhost.localdomain

When I do hostname -f I get:

scotty.internal.lan

If I use the machine name referenced here (scotty) with Thunderbird to retrieve mail (POP3) from the iRedMail system, the name is resolved and Thunderbird attempts to connect to scotty, but fails.

If I just feed Thunderbird the email domain (sticmail.com), Thunderbird returns "not found".

Using scotty.internal.lan, or scotty.sticmail.com or the IP address of scotty all fail.

Can anyone provide specific information on how to set this up, using the exact names I've provided here (not "example.com", etc)?

Thanks.

Some progress on this:

In /etc/postfix/main.cf, I uncommented the line:

smtpd_sasl_auth_enable = yes

#smtpd_tls_auth_only = yes

is still commented; it was that way by default.

My Thunderbird is set up to use port 25 with no TLS. (Note, this is INTRAnet email server only; the usual security considerations do not apply and plain text authorization is perfectly fine.)

Making the above change, now I can use Thunderbird to send mail to an account @sticmail.com using "scotty" as the mail server name. The mailbox receives the message; I can see it in RoundCube.

So perhaps my MX and host records are correct, and I am only missing something important about POP3 configuration.

I need Thunderbird to be able to use POP3 to retrieve mail from server name "scotty" using port 110 and plain text authorization, no TLS.

I have edited /etc/dovecot/dovecot.conf so it contains:

disable_plaintext_auth=no
ssl=yes

And I restarted the server.

Those settings did not solve my problem.

Thunderbird shows:

Connected to scotty...

Then, after a delay,

"An error occurred with the POP3 mail server. Mail server scotty responded:"

That is, there is no error text from scotty.

Does that narrow it down?

Thanks for any help.

3 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,165

Re: Specific Help to Set Up MX and Related Configurations?

I STRONGLY recommend you NOT to modify iRedMail config files BEFORE you solve the mail client setup issue.

The DNS records are required, so that your mail users (or Gmail users, etc) can know which mail server they should connect to.

*) If you setup a mail server on public internet, you have to add those DNS records in a public DNS server.

*) If you just want to use it in a local network without internet access, you still need a LOCAL DNS server in your network, so that all PC/Mac/Mobile Phones/Outlook/Thunderbird/... know which server they should connect to. of course you can achieve this by adding IP/hostname mapping in /etc/hosts on all machines in your network, but i think a local DNS server saves your life.

You already have ClearOS as a local DNS server, try to add required DNS records in ClearOS. Or, setup a new DNS server and add required DNS records.

4 Reply by kend

  • kend
  • Member
  • Offline
  • Registered: 2016-08-25
  • Posts: 16

Re: Specific Help to Set Up MX and Related Configurations?

ZhangHuangbin wrote:

I STRONGLY recommend you NOT to modify iRedMail config files BEFORE you solve the mail client setup issue.

The DNS records are required, so that your mail users (or Gmail users, etc) can know which mail server they should connect to.

*) If you setup a mail server on public internet, you have to add those DNS records in a public DNS server.

*) If you just want to use it in a local network without internet access, you still need a LOCAL DNS server in your network, so that all PC/Mac/Mobile Phones/Outlook/Thunderbird/... know which server they should connect to. of course you can achieve this by adding IP/hostname mapping in /etc/hosts on all machines in your network, but i think a local DNS server saves your life.

You already have ClearOS as a local DNS server, try to add required DNS records in ClearOS. Or, setup a new DNS server and add required DNS records.

I actually think that the interaction between the LDAP server, dnsmasq, and SAMBA on ClearOS enables things to work that we would not otherwise expect. Kind of ingenious--but I no longer have a consultant available to support it.

However....

This morning both send and receive from Thunderbird are working correctly. As best I can tell, the only things I did that could have an effect were:

1. I disabled the firewall in CentOS 7.

After a fresh install, it has a firewall that is running by default, with almost nothing except SSH enabled. Configuring the firewall is confusing; it has both a "runtime" and "permanent" configuration, and the same things have to be separately enabled in both, or you have to enable them in "permanent" and reboot the machine. So I just disabled it completely. The entire network is behind a natting router; I don't need firewalls on individual machines.

I am not sure why send (SMTP) was working but receive (POP3) was not yesterday, but there are separate settings for these in the firewall. Perhaps in one of my testing iterations/server restarts I enabled one but not the other.

2. I shut down Thunderbird and restarted it. I have seen Thunderbird fail to implement changes to server settings without a restart before.

So now this is all working.

Thank you very much, again.