Installation

Document Sample
Installation Powered By Docstoc
					         VisNetic MailServer Administrator’s Guide
                         Version 6




         Additional VisNetic MailServer Documentation is available at:
            http://deerfield.com/support/visnetic_mailserver/support



                              VisNetic MailServer is published by
                                         Deerfield.com
                                   4241 Old U.S. 27 South
                                         P.O. Box 851
                                      Gaylord, MI 49735
                                         989.732.8856
                                       989.731.2642 fax
                                  http://www.deerfield.com

                                        Version 6.0.8




VisNetic MailServer Administrator Guide                                  1
Chapter 1 ............................................................................................................................. 7
  Introduction ..................................................................................................................... 7
     1.1 VisNetic MailServer Evaluation ........................................................................... 7
     1.2 How to Purchase VisNetic MailServer ................................................................. 7
     1.3 Expired Trial Mode Limitations ........................................................................... 8
     1.4 Version 5 to Version 6 Upgrades .......................................................................... 8
Chapter 2 ............................................................................................................................. 9
  Getting Started ................................................................................................................ 9
     2.1 System Requirements............................................................................................ 9
     2.2 Installation............................................................................................................. 9
     2.3 Update Installation .............................................................................................. 17
     2.4 Moving from the Test Installation to a Production Server ................................. 17
     2.5 Configuration and License Backup ..................................................................... 18
     2.6 Installation Checking .......................................................................................... 18
     2.7 Check Mail Server Services ................................................................................ 19
     2.8 Check DNS Server .............................................................................................. 19
     2.9 Check Relaying ................................................................................................... 19
     2.10 VisNetic WebMail Access ................................................................................ 20
Chapter 3 ........................................................................................................................... 23
  Server Administration Methods .................................................................................... 23
     3.1 Server Administration Methods .......................................................................... 23
     3.2 Local Windows GUI Administration .................................................................. 24
     3.3 Remote Windows Administration....................................................................... 24
     3.4 Web Based Administration ................................................................................. 25
Chapter 4 ........................................................................................................................... 28
  Server Windows Administration................................................................................... 28
     4.1      Main Window ............................................................................................... 28
     4.2 How to Create your own Digital Certificates ..................................................... 31
     4.3 Configuration Backup and Restore ..................................................................... 32
     4.4 Find Dialog ......................................................................................................... 34
Chapter 5 ........................................................................................................................... 36
  Server Windows Administration................................................................................... 36
     5.1      Accounts ....................................................................................................... 36
     5.2      Domain .......................................................................................................... 37
     5.2.1        Domain Administrator .............................................................................. 38
     5.2.2        Domain Unknown Users ........................................................................... 38
     5.2.3        Domain Options ........................................................................................ 39
     5.2.4        Domain Miscellaneous.............................................................................. 42
     5.2.5        Domain Info .............................................................................................. 42
     5.3      User Basic Setup ........................................................................................... 43
     5.3.1        User – Import Windows NT Users ........................................................... 47
     5.3.2        User – Shared IMAP Folders .................................................................... 47
     5.3.3        User – Options .......................................................................................... 49
     5.3.4        User – Responder ...................................................................................... 50
     5.3.5        User – Special ........................................................................................... 52



VisNetic MailServer Administrator Guide                                                                                                2
    5.4       Mailing List ................................................................................................... 53
    5.4.1         Mailing List – General .............................................................................. 53
    5.4.2         Mailing List – Message ............................................................................. 56
    5.4.3         Mailing List – Security ............................................................................. 57
    5.4.4         Mailing List – Other.................................................................................. 58
    5.5       List Server ..................................................................................................... 60
    5.5.1         List Server – Creating a List Server .......................................................... 61
    5.5.2         List Server – Commands ........................................................................... 62
    5.5.3         List Server – Options ................................................................................ 63
    5.6       Executables ................................................................................................... 63
    5.7       Remote Accounts .......................................................................................... 65
    5.7.1         Remote Accounts – Domain POP ............................................................. 66
    5.7.2         Remote Accounts – Special ...................................................................... 67
    5.8       Static Routes ................................................................................................. 68
    5.9       Notification ................................................................................................... 70
    5.9.1         Notification - Other ................................................................................... 71
    5.10 Catalog .............................................................................................................. 72
    5.10.1 Catalog – Retrieve File Example .................................................................. 76
    5.10.2 Catalog – Retrieve File from Folder Example .............................................. 77
    5.10.3 Catalog – Retrieve all Files from Folder Example ....................................... 78
    5.10.4 Catalog – Send File from Server to the Any Recipient Example ................. 79
Chapter 6 ........................................................................................................................... 80
  Server Windows Administration................................................................................... 80
    6.1 Server Monitor .................................................................................................... 80
Chapter 7 ........................................................................................................................... 83
  Server System Tab ........................................................................................................ 83
    7.1       System Tab.................................................................................................... 83
    7.2       Remote Server Control ................................................................................. 84
    7.3       Remote Server Control ................................................................................. 84
    7.4       Service State.................................................................................................. 86
    7.5       Service Settings ............................................................................................. 87
    7.5.1         Service Settings – Performance Settings .................................................. 88
    7.5.2         Service Settings – Service IP Binding ...................................................... 89
    7.5.3         Service Settings – Max Parameter Settings .............................................. 89
    7.5.4         Service Settings – Undeliverable Messages ............................................. 90
    7.5.5         Service Settings – Other............................................................................ 90
    7.5.6         Service Settings – Misc Outlook 2002/XP Bug Work Around ................ 91
Chapter 8 ........................................................................................................................... 92
  Server Professional Tab ................................................................................................ 92
    8.0 Server Professional Tab ...................................................................................... 92
    8.1 Professional Tab – Data Base Settings ............................................................... 92
    8.2 Professional Tab – ODBC Logging .................................................................... 94
    8.3 Professional Tab – LDAP ................................................................................... 95
    8.3.1 Professional Tab – LDAP Architecture ........................................................... 95
    8.3.2 Professional Tab – LDAP Server ..................................................................... 95
    8.3.3 Professional Tab – LDAP Configuration ......................................................... 96



VisNetic MailServer Administrator Guide                                                                                               3
    8.3.4 Professional Tab – LDAP Shared Address Book ............................................ 99
    8.3.5 Professional Tab – Using LDAP.................................................................... 100
    8.3.6 Professional Tab – LDAP Tools .................................................................... 102
    8.4 Professional Tab – Remote Server Watchdog .................................................. 103
    8.5 Professional Tab – Multiple CPU Support ....................................................... 104
    8.6 Professional Tab – Task Schedule .................................................................... 105
    8.7 Professional Tab – TCP/IP Tunnel ................................................................... 105
Chapter 9 ......................................................................................................................... 107
  Server Options Tab ..................................................................................................... 107
    9.1 Options .............................................................................................................. 107
    9.2 Options - Logging ............................................................................................ 107
    9.3 Options – Other Options ................................................................................... 109
    9.3 Options – User Statistics ................................................................................... 111
    9.4 Options – Data Storage Directories .................................................................. 112
    9.5 Options – Proxy Server ..................................................................................... 113
    9.5.1 Options – Proxy Server / General Settings .................................................... 114
    9.5.2 Options – Proxy Server / AntiVirus Settings ................................................. 115
    9.6 Options – Header / Footer ................................................................................. 115
    9.7 Options – Disk Space Monitor.......................................................................... 116
    9.8 Options – Auto Archive .................................................................................... 117
    9.9 Options – Auto Backup ..................................................................................... 118
Chapter 10 ....................................................................................................................... 120
  Server Security Tab..................................................................................................... 120
    10.1 Security – Content Filter ................................................................................. 120
    10.1.1 Security – Content Filter / Editing .............................................................. 122
    10.1.2 Security – Content Filter / String Condition ............................................... 126
    10.1.3 Security – Content Filter / Basic RegEx Tutorial ....................................... 128
    10.2 Security – Instant Anti Spam .......................................................................... 130
    10.3 Security – Anti Spam Filter ............................................................................ 138
    10.3.1 Security – Anti Spam Filter / Bypass File .................................................. 141
    10.4 Security - AntiVirus ........................................................................................ 141
    10.4.1 Security – AntiVirus / Settings ................................................................... 142
    10.4.2 Security – AntiVirus / Integrated AV Mode ............................................... 143
    10.4.3 Security – AntiVirus / Plug-in Settings ...................................................... 144
    10.4.3 Security – AntiVirus / Miscellaneous ......................................................... 145
    10.4.4 Security – AntiVirus / External AV Filters................................................. 146
    10.5 Security – Security .......................................................................................... 147
    10.6 Security – Service Watchdog .......................................................................... 148
    10.7 Security – Tarpitting ....................................................................................... 148
    10.8 Security – Static Filters ................................................................................... 149
    10.9 Security – Firewall .......................................................................................... 150
Chapter 11 ....................................................................................................................... 151
  Server Delivery Tab .................................................................................................... 151
    11.1 Delivery – Anti Relaying & Anti Spam .......................................................... 151
    11.2 Delivery – Delivery......................................................................................... 154
    11.3 Delivery – ETRN and ATRN Settings............................................................ 156



VisNetic MailServer Administrator Guide                                                                                              4
    11.4 Delivery – Connection .................................................................................... 157
Chapter 12 ....................................................................................................................... 159
  Server Instant Messaging Tab ..................................................................................... 159
    12.1 Instant Messaging ........................................................................................... 159
    12.2 Instant Messenger Gateways........................................................................... 163
  Server License Information Tab ................................................................................. 165
Chapter 13 ....................................................................................................................... 167
  Instant Messenger ....................................................................................................... 167
    13.1 Instant Messenger ........................................................................................... 167
    13.2 Basic IM Setup ................................................................................................ 168
    13.3 Single Domain IM Communication ................................................................ 169
    13.4 Multiple Domain IM Communication ............................................................ 173
    13.5 Multi Server IM Communications .................................................................. 173
    13.6 Anonymous Group Chat ................................................................................. 175
Chapter 14 ....................................................................................................................... 178
  Web Access ................................................................................................................. 178
    14.1 Web Access ..................................................................................................... 178
    14.2 Administrator Settings .................................................................................... 179
    14.3 Administrator Global Address Book .............................................................. 183
    14.4 WebMail access without port 32000 in the URL............................................ 184
    14.5 WebMail access without \mail in the URL ..................................................... 185
    14.6 WebMail Multi-Domain Configuration (Virtual Hosts) ................................ 186
    14.6.1 Virtual Host Redirection .............................................................................. 187
    14.6.2 Multi-domain Virtual Hosts Configuration ................................................. 187
    14.7 Secure WebMail Access ................................................................................. 189
    14.8 Advanced WebMail Settings .......................................................................... 191
Chapter 15 ....................................................................................................................... 196
  WAP Access ............................................................................................................... 196
    15.1 WAP Access ................................................................................................... 196
    15.2 Connecting to the Service ............................................................................... 196
Chapter 16 ....................................................................................................................... 197
  Advanced Server Protection ....................................................................................... 197
    16.1 Relaying and the “we do not relay” message.................................................. 197
    16.2 Relaying and Spam ......................................................................................... 198
    16.2 Spammers and Tarpitting ................................................................................ 201
    16.3 Disable Receipt of Improperly Formatted Emails .......................................... 202
Chapter 17 ....................................................................................................................... 204
  Developer and System Integrators .............................................................................. 204
    17.1 API .................................................................................................................. 204
    17.2 API Variables and Values ............................................................................... 204
    17.3 Users and Domains Command Line Tools ..................................................... 204
Chapter 18 ....................................................................................................................... 211
  How VisNetic MailServer Works ............................................................................... 211
    18.1 How VisNetic MailServer Works ................................................................... 211
    18.2 SSL Certificate Conversions ........................................................................... 212
    18.2.1 Certificate Conversion from IIS 4.0............................................................. 215



VisNetic MailServer Administrator Guide                                                                                             5
    18.2.2 Certificate Conversion from IIS 5.0............................................................. 218
    18.2.3 Creating your own Certificate Conversion for IIS 5.0 ................................. 221
    18.3 If you cannot Send or Receive Email ............................................................. 221
    18.4 Variables ......................................................................................................... 227
Appendix A ..................................................................................................................... 229
  Technical Support ....................................................................................................... 229




VisNetic MailServer Administrator Guide                                                                                           6
Chapter 1


Introduction


1.1 VisNetic MailServer Evaluation
To download a free fully functional trial version of VisNetic MailServer, open your web
browser and go to: http://www.deerfield.com/download/visnetic_mailserver

The Evaluation period is 30 days from the installation date.

1.2 How to Purchase VisNetic MailServer

The Server Reference Key is required for purchasing VisNetic MailServer. The Server
Reference Key is available by selecting the License Information icon:




The License Keys window is displayed, providing the Server Reference Key.




                                                                  l

To purchase VisNetic MailServer please visit:

https://shop.deerfield.com/cart

Or contact our sales department at:

Sales – sales@deerfield.com
Support – http://www.deerfield.com/support/visnetic_mailserver
Purchase – https://shop.deerfield.com/cart
Website – http://www.deerfield.com/products/visnetic_mailserver
Deerfield.com – http://www.deerfield.com




VisNetic MailServer Administrator Guide                                                   7
1.3 Expired Trial Mode Limitations

The limitations of the expired 30-day TRIAL mode are:

      You cannot change any mail server settings
      VisNetic WebMail Client will not allow users to log-in
      Instant Messenger will not allow users to log-in
      After 60 days the Mail Services will shut-down

VisNetic MailServer services will continue to function, providing the ability to send and
receive email.

1.4 Version 5 to Version 6 Upgrades

VisNetic MailServer version 6 introduces a new licensing system, which requires a
version 6 style license key. Version 5 license keys cannot be entered in Version 6. The
version 6 license key is dependent on a unique server reference key that is generated by
the MailServer and displayed on the License Information tab of the Version 6
configuration utility.

The server reference key must be presented along with your Version 5 registration code
in order to generate a version 6 registration key.

A simple online registration wizard will step you through the process. Upon completion
of the wizard, your version 6 license key will be displayed in the browser window and
will also be sent to you via email. Upon receipt, it can be installed on the "License
Information" tab of the configuration utility.

You can access the Online Registration Wizard by clicking the Help, Secure
Registration link in the configuration utility or by accessing
https://shop.deerfield.com/vms6/index.aspx with your Internet browser.

If you are upgrading and within your upgrade protection window, you will be prompted
by the installer to access the online registration wizard, just answer Yes, when prompted,
and follow the links.

For additional information, check out the VisNetic MailServer Website:
http://www.deerfield.com/products/visnetic_mailserver/




VisNetic MailServer Administrator Guide                                                     8
Chapter 2


Getting Started


2.1 System Requirements
Minimum Requirements; 1-50 users (a larger user base will require more system
resources)

      CPU 233Mhz
      Win 95/98, Win ME, Win NT4 Server and Workstation, Win XP, Win2000,
       Windows 2003
      64 MB RAM
      More RAM is required when there are more users. Over 50 users, 128 MB. Over
       2000 users, 256 MB. Over 5000 users, 512 MB.
      Typical hard-disk space required: 30 MB, additional space for any mail to be
       stored
      Only TCP/IP is required to use VisNetic MailServer on a LAN for local email
       solution. To use VisNetic MailServer on a LAN and the Internet, access to the
       Internet and a properly configured MX record for the domain at the DNS server
       are required.



2.2 Installation

The first time you install VisNetic MailServer on any PC it is always in TRIAL mode.

To start the installation, double click on the downloaded vmssetup_en.exe file.

1. When you execute the VisNetic MailServer setup file, you will be presented with a
   Welcome Screen. It is recommended that you exit all other Windows programs
   before continuing with the installation. If you have other programs running, click the
   Cancel button to exit the installation, exit all other programs, and then restart the
   VisNetic MailServer setup file. If you have no other Windows programs running,
   click the Next button to continue the installation.




VisNetic MailServer Administrator Guide                                                 9
2. Next is a Readme for VisNetic MailServer v5 to v6 Upgraders which provides
information on the v6 Licensing System. Please review this screen before proceeding.




3. You will then be presented with the Software License Agreement. Please read the
entire License Agreement. If you agree to the terms, select Yes to continue. If you do
not agree with the terms select No, and the installation will be cancelled.




VisNetic MailServer Administrator Guide                                                  10
4. Enter the Name and Company of the VisNetic MailServer user and click Next to
continue.




5. Select Components to Install. A combination of components may be installed to best
suit your requirements.
    MailServer – Installs Remote Administration Utility, SMTP, POP3, IMAP and
    LDAP Service components.
    WebMail – Installs Web-based email client component.
    Web Administration Server - Remotely administer VisNetic MailServer via the
    Web.



VisNetic MailServer Administrator Guide                                            11
   Remote Administration Utility – Remotely administer VisNetic MailServer without
   the requirement of installing the complete MailServer component.




6. The default installation folder for VisNetic MailServer is
   C:\Program Files\Deerfield.com\VisNetic MailServer.
   To install VisNetic MailServer in a different folder, click the Browse button
   and select an alternative installation folder.




VisNetic MailServer Administrator Guide                                            12
7. Enter your registration key or select the Enable 30 Day Evaluation button. Click
Enter. Click Next to continue.




8. Enter the MailServer Hostname. For example: mail.domain.com.
    Then, click Next.




9. Enter the DNS Server(s) that you wish to use. Use the default DNS Servers if you do
not have the name or IP address of your DNS Servers.
    Click Next to continue with the configuration.



VisNetic MailServer Administrator Guide                                               13
10. Enter the Primary Domain and Domain Description for this MailServer.
   Click Next to continue.




11. Enter a Real Name and User Name to set up the Administrative / Postmaster
Account for this domain. Click Next.




VisNetic MailServer Administrator Guide                                         14
12. Enter a Password and Verify your Password for the account you have just created.
Click Next.




13. The installation will detect if VisNetic AntiVirus Plug-in is installed. It is highly
recommended that you use the VisNetic AntiVirus Plug-in to protect your mail from
viruses. To learn more about the VisNetic AntiVirus Plug-In place a check mark in the
box, and click Next.




VisNetic MailServer Administrator Guide                                                 15
14. You have now completed the Installation. To configure your VisNetic MailServer
immediately, put a check mark in the appropriate box and click Finish.




If you are running the IIS SMTP Service, it will be stopped during the VisNetic
MailServer Installation. If you need to use IIS SMTP Service and VisNetic MailServer on
the same computer, you have to:

      Disable SMTP Pooling (W2K, WXP) - for more details search the Microsoft Web
       Site
      Bind VMS and the IIS SMTP Service to two separate IP address


VisNetic MailServer Administrator Guide                                              16
OR

        Use for the IIS SMTP Service on a port other than the port that is being used by
         VMS



2.3 Update Installation

A fully licensed VisNetic MailServer includes 365 days of FREE UPDATES from the
date that you entered the purchased License.

Within this period you can download the latest version of VisNetic MailServer and
seamlessly install it OVER your existing version.

All configuration settings, domains, users and all other data will be preserved and your
mail server operation will be uninterrupted in the most cases.

If the VisNetic MailServer installation has already exceeded the 365 day free update
period, you will be prompted to upgrade your license during the installation process.

To verify the number of days remaining for free updates, select the License Information
icon. Number of days for Free Upgrade and Expiration are displayed.



2.4 Moving from the Test Installation to a Production Server

To obtain a fully licensed VisNetic MailServer you must always start by downloading
and installing VisNetic MailServer in TRIAL mode. To obtain the License that you
require you will first need the "Reference Key". This is a unique number generated upon
installation and is used to generate your unique license key for that particular installation.
HOWEVER, it does not tie your fully licensed VMS to that installation in any way and
you are free to migrate VisNetic MailServer to another machine.

If you have installed VMS on a test computer in TRIAL mode:

        Download and install the latest version on the production PC
        Purchase the License (You will need the Reference Key )
        Enter the License
        Backup your configuration and store it on secure place.

The "backup" will contain all of your settings INCLUDING your License. This allows
you to quickly restore the configuration and license in the event of hardware failure.

If you are using VMS on test computer in the LICENSED mode:


VisNetic MailServer Administrator Guide                                                     17
      Use Backup features of the VMS and save the .MCB file
      Download and install the recent version on the production PC
      Restore the configuration from the .MCB file. The configuration and License will
       be restored.

2.5 Configuration and License Backup

VisNetic MailServer provides a Backup and Restore Configuration utility. Backup saves
all configuration, account, domain and user account information plus the license key and
all other files from /VisNetic MailServer/Config/ directory.




It is recommended to backup after final configuration and entering the purchased license
information. In case of the hardware failure you will be able to restore not only
configuration, but your license as well.

Save the configuration information to some safe location. It is recommended that this file
is kept somewhere safe such as written to a removable media and taken off the site
regularly.



2.6 Installation Checking

To check your installation, open up the VisNetic MailServer Administration applet from
the Start /Programs /Deerfield.com /VisNetic MailServer /VMS Configuration
Administration Panel.

VisNetic MailServer is installed correctly, if:

      All Mail Server services are running POP, SMTP & Control
      Your DNS Server is running and working properly
      Your Server IP address is in the "Relaying from field" located under the
       "Delivery" tab. (Note: Do not remove the local loopback from this field 127.0.0.1
       as it is required for proper mail server operation.) Example:
       127.0.0.1;209.122.22.23




VisNetic MailServer Administrator Guide                                                 18
2.7 Check Mail Server Services

Check that all 3 services (SMTP, POP3 and Control) are running (green lights).




2.8 Check DNS Server

Use the DNS Query Test button to ensure proper DNS resolution.




It brings up following dialog window if test is successful.




2.9 Check Relaying

VisNetic MailServer is "closed relay" by default. This means that the only users capable
of sending email via VisNetic MailServer are:

   1. Mail Server users with proper SMTP Authentication set in the Client program
   2. Mail Server users who authenticate vie their POP account before sending emails
      (POP before SMTP Authentication)



VisNetic MailServer Administrator Guide                                                19
     3. Users connecting from computers (client programs, like Outlook Express) via an
        IP address that is listed in the field "Relaying From" field in the "Delivery" tab.

If you are not sure about IP address of your Client program, leave relaying settings with
the default values below.

Default list of the IP addresses in the Relaying From field is usually corresponding to the
IP address range of the local LAN and/or web server(s) that use VisNetic MailServer to
relay information from web-based forms.

If you are connecting from the LAN and you are not using authentication methods
described in bullet #1 or #2 above, you will need to add your machine's IP address to the
Relaying From field.

Note: Do not remove the IP address 127.0.0.1, since this is used for VisNetic WebMail
access.

2.10 VisNetic WebMail Access

The VisNetic WebMail client allows access to your email from any TCP/IP connected
computer via a browser. You can read and reply to email from anywhere from any
computer on the Internet as long as it has a web browser installed. To run the WebMail
Client type the following into your browser




Or



On the PC where VMS is installed you can use as hostname "localhost". URL will look
like:



Enter the username and password on the Log-In screen.




VisNetic MailServer Administrator Guide                                                   20
Press the "New Message" button and send the message to admin@yourdomain.com




Now Log-out and log-in back with the username and password for the admin account
created during installation. You will see that the message has been delivered.


VisNetic MailServer Administrator Guide                                            21
If the message is delivered properly from a local sender to a local recipient, then VisNetic
MailServer is working correctly. If it is not working for Internet sending or receiving, then you
should look for errors with the DNS server that VMS is using and also the DNS servers that are
authoritative for the domain you are trying to receive email for. Additionally, you should check
your firewall settings.




VisNetic MailServer Administrator Guide                                                 22
Chapter 3


Server Administration Methods


3.1 Server Administration Methods

VisNetic MailServer utilizes several ways configuration access:

              Local Windows GUI Administration
              Remote VMS Configuration Program Administration
              Remote Web Admin Administration.

Local Administration is provided by the Windows Configuration Program.

Remote administration of VisNetic MailServer is one of the most useful features for the
LAN and Server administrators.

Each VisNetic MailServer can serve as a Host or as Remote Client. Special plug-in are
not required. Host operation of VMS is provided by the Control Service.

To Administer VMS remotely you must login as an Administer.

New user accounts default to Standard Users. Standard users do not have remote
administration rights. You may set user level by selecting the Accounts icon and
selecting the User tab to one of the following:

              Administrator
              Domain Administrator
              Self Configurable User




The full rights are given only to the Administrator.




VisNetic MailServer Administrator Guide                                                 23
3.2 Local Windows GUI Administration
Local Windows GUI Administration is available via the VisNetic MailServer
Configuration Applet. Accessed by: Start / Programs / Deerfield.com / VisNetic
MailServer / VMS Configuration

3.3 Remote Windows Administration
Each installed VisNetic MailServer is acting as a REMOTE HOST. Host operations are
controlled by the Control Service. If you want to use this feature, ensure you have
allowed the Control Service ports in your network (Firewall) and that your Control
Service is running.
Default ports are:
              32000 for regular connection
              32001 for secure connection




To connect to the any VisNetic MailServer you need to know:
              hostname or IP address of the PC where VMS is installed
              Admin level username
              Password
To connect to a remote VMS use any VisNetic MailServer Installation.
Just install the VisNetic MailServer at your local machine and run the Windows GUI
Configuration Program.
Note: The version of the remote VMS and local installation must be the same however
you can use VMS in the Trial mode for this purpose.
Then select the Connect icon from the Windows GUI.


Provide the details of the VMS installation you wish to connect to.




Confirm Connection:




VisNetic MailServer Administrator Guide                                               24
Now you have access to your Host VisNetic MailServer (installed at remote location)
Configuration console.
Remote configuration is very fast, since the all data are automatically
compressed/decompressed during transmissions.

3.4 Web Based Administration
All you need for the Web Based Administration is the PC connected to the LAN
(Internet) and ability to browse web pages.
To connect to the any VisNetic MailServer you need to know:
              Hostname or IP address of the PC where VMS is installed (Remote VMS)
              Admin level username
              Admin level password
The Control Service at the Remote VMS (host) has to be up and the Ports user by the
Control Service has to be "open" at your firewall.
You can use http or secured https protocol. The connection URL is like:




or



It will get you to the Login page:




VisNetic MailServer Administrator Guide                                               25
Enter the valid Admin Level username and password and you will get to the
administration page.




However there is one option, which is only in the Web Based Administration. You can
watch the Outgoing/Incoming Queue.




If you want to "Send Now" some message waiting in the Outgoing Queue, select it and
press the Reset Message button.
The messages to send for the first time are physically located at:
/Mail/Forward/


VisNetic MailServer Administrator Guide                                               26
If the first try to send a message failed, then are stored at:
/Mail/Forward/Retry/




VisNetic MailServer Administrator Guide                          27
Chapter 4


Server Windows Administration


4.1 Main Window
The Main menu consists of five sections.




Field       Description

Open File   You can open any text file with VMS text editor.

Save Config Save your current configuration

Reload      Refresh entire configuration.
Config

Connect     Lets you connect and remotely administrate any existing VMS installation.

Disconnect Disconnect from remote server.

Exit        Exit VMS configuration applet




VisNetic MailServer Administrator Guide                                             28
Field          Description

Create Digital Allows you to generate your own digital certificate for secured SSL
Certificates   connections.

IP Address     Allows you specify concrete IP address for certificates.
SSL
Certificates

Backup        Backup your current configuration to the .mcb file (VMS Backup file). File
Configuration contains whole users/domains configuration and license information.

Restore       Restore your saved configuration from the backup file.
Configuration

Export License Lets you export license information to the XML formatted file. If you have any
Information    license problem, just send this file with short description to our technical
               support.

Use Safe     If checked, all important dialogs would be confirmed.
Confirmation

Show Splash    Allows you enable or disable welcome screen
Screen At
Startup

Require        Lets you set forced authentication of VMS configuration applet. Only
Authentication Administrator or user with administration permissions can run and modify
To Access      configuration.
Settings




VisNetic MailServer Administrator Guide                                              29
Do Not         If you don't want to backup your license data in .mcb file, you can use this
Include        option.
License
Numbers in
Backups




Field          Description

All Sections   Lets you access all sections in VMS configuration applet. You can use shortcuts too.

Expand all     Expand all configuration panels in VMS configuration.
Panels




Field          Description

New Domain     Creates new domain in VMS. You can use shortcut "CTRL+D"




VisNetic MailServer Administrator Guide                                                     30
Make Primary Make any domain primary.

Add             Allows you add account to VisNetic MailServer. Is possible to use shortcuts.

Groups          Lets you specify group of users in VMS.

Import          You might already have the user accounts set up in the Windows NT user database. To
Window NT       save retyping, these can be imported into VisNetic MailServer.
users           Select the users you want to import and press the Import button. More users can be loaded
                from different domains/servers using the Load button. If there are any aliases or
                mailboxes with same value these users will be ignored and not imported. Passwords can
                never be retrieved from any Windows system thus will be empty and you need to edit
                them.




Account         Allows you specify default accounts data. Specified parameters would be used for every
Defaults        new mailbox in VMS. You can edit settings manually in "default.ini" file (VMS
                directory).

Statistics      Display all VMS statistics




4.2 How to Create your own Digital Certificates

Our certificate generator lets you create your own certificate for secured SSL
connections.




VisNetic MailServer Administrator Guide                                               31
1. Click on the "Tools" in Main Menu toolbar. You can find certificate generate tool
there. Just run "Create Digital Certificates".




2. Fill all important information in the form like below and save output file (cert.pem) to
the VisNetic MailServer directory.




You can also specify several certificates for several IP addresses in "IP Address SSL
Certificates" dialog.

4.3 Configuration Backup and Restore

The VisNetic MailServer Configuration data is stored in the folder:

/VisNetic MailServer/Config/

They are stored information about your:

              General server settings
              All account settings (domains, usernames, passwords, etc.)
              Licenses

You can easy backup your /VisNetic MailServer/Config/ folder by using Backup
Configuration function located on the menu bar / Tools.




VisNetic MailServer Administrator Guide                                                   32
It is recommended to provide a backup after the final configuration and entering your
purchased license information.

In case of the hardware failure you will be able to restore not only configuration, but also
your license. It is recommended this file be kept somewhere safe such as written to a
removable media and taken off the site regularly.

Sequential and Scheduled Backup

Use Backup and Sequential features, if you want to save backup under different name
and in set time. At first set time in default "Schedule Task" window.




To get Sequential functionality add a string of variables anywhere to the backup file
name. Strings with variables have to be delimited by the double quotes.

The file name as:



VisNetic MailServer Administrator Guide                                                   33
will create the backup file:

20040219vms_backup.mcb at the 19th. Of February 2004, however the next day will be
created the new file 20040220vms_backup.mcb

Variable                   Description
YYYY                       Year of the actual date
MM                         Month of the actual date (01 - 12)
DD                         Day of the actual date (01 - 31)
HH                         Hour of the actual time in 24 format
NN                         Minutes of the actual time
SS                         Second of the actual time (00 - 59)

Configuration Restore

Choosing the Restore option will prompt you for a file containing backed-up data. Once a
file is chosen and opened, the configuration will be restored. So use this option carefully
in order to prevent overwriting your config with an old version.

Should a server have to be rebuilt and all software freshly installed, this provides an
excellent way of retrieving all the users' account information without retyping.

Also, the license key is backed-up with the configuration. Therefore it is a good idea to
make a backup as soon as the product has been registered!

4.4 Find Dialog

We can easily find any user in any domain by "Find" dialog.

I want to find any users name or aliases that contains word "user" in domain
"vmsdemo.com"




VisNetic MailServer Administrator Guide                                                     34
You can specify what Alias/Name or Domain you are finding. Of course is possible to
limit number of results displayed.




All results are displayed in default users list. However as you can see, we are in [Search]
mode (if you want to leave this mode, just press F5 to refresh). This mode displays
searched user only.




VisNetic MailServer Administrator Guide                                                  35
Chapter 5


Server Windows Administration


5.1 Accounts

Accounts allow you to create your domain, users, mailing lists, list servers, and more.


Account Manipulation.
Cut, Copy and Paste can be used to manipulate accounts.
Add will allow the creation of new Accounts to the system
To add a new account you can also use the corresponding icons from the VMS top bar:


The next possibility is the top pull down menu:




Or the same with the Right-Button-Mouse Click.
Account Deletion.
Delete will remove an account. It will only remove:
configuration data
or
configuration data and directory folder with delivered messages
The Account and the directory folder deletion have to be confirmed:



VisNetic MailServer Administrator Guide                                                   36
Notice that the default button selection is YES. So you can remove account by pressing
key Enter only. The use Safe Confirmation default may be changed to No.




However if you will set option Use Safe Confirmation, the default will be No.

5.2 Domain

New Domain will bring up the new domain section and allow more domains to be
entered.

Make Primary will convert the selected domain into the primary domain. At least one
domain must be defined as Primary. The server messages (e.g. disk quota, EICAR Test
Virus) are always delivered to the postmaster of the Primary Domain.

The Primary Domain is marked with the small letter P.

We can say, that Primary Domain Postmaster is "master or masters" - the most informed
user.

There is no particular difference between a primary and secondary domain. You should
realize that domain names and host names are not the same. That means if you have a
secondary domain then if you want your users to connect to mail.secondary.com or
similar, both MX and A DNS records must exist.

VisNetic MailServer displays the domains and accounts in a hierarchical format.
Expanding a domain will show the types of account which belong to it, expanding the
types will show the individual accounts setup.

The default order of the domains is alphabetic by domain name.




VisNetic MailServer Administrator Guide                                                  37
If you need different order, or domains grouping for the maintenance purposes, use
Domain Description field.

By the setting option Show Domain Description, the domains are listed in Domain
Description order.




5.2.1 Domain Administrator




Field          Description
Default Alias Specifies the postmaster aliases. Aliases can be separated by the semi-colon
              delimiter without spaces. This means you do not need to create those users in the
              domain as accounts.
E-Mail        Specifies the actual account for all the postmaster aliases. Multiple accounts can
              be specified (semicolon delimiter), even remote accounts for different domains.
Domain Administrator E-Mail Option can not be empty.



5.2.2 Domain Unknown Users




VisNetic MailServer Administrator Guide                                               38
Field             Description
Info To Admin     If an email is sent to an unknown user, the admin (postmaster) for this
                  domain will be notified regardless of whether the mail is rejected or
                  forwarded.
Reject Mail       If an email is sent to an unknown user, this option specifies that it should be
                  rejected and returned to the sender. No message will be ever transferred.
Forward To        If an email is sent to an unknown user, the email will be forwarded to the
                  specified account. It is quite common to setup a catch all account (for server
                  Domain POP) that will receive all unknown mails.

                  This is how ISPs offer unlimited email aliases since you can send mail to
                  anything@domain.com. When using a catch all account it is suggested to
                  switch on the Add X-Envelope-To option for that account.



5.2.3 Domain Options




Local Domain Options

Local Domain Options are valid for the domain and all users of this domain.

The default value of the options (zero - 0) means: "without limits"

Field             Description
Domain Admin      Domain Administrator can create up to specified # Accounts.
Account Limit
Domain Disk       The total disk space used by the all users from domain can not exceed the
Quota             specified quota.
User Mailbox      Any user of the domain can receive mails, only until total size of the all


VisNetic MailServer Administrator Guide                                                  39
Size              received mails (and not downloaded via PO3 or deleted via IMAP) will not
                  exceed the value specified there.
User Megabyte     User of domain can send mails with total size
Send Limit per
day               up to the specified limit per day
User Number       User of domain can send total number of mails up to the specified limit per
Send Limit per    day
day
User Max.         This parameter limits the maximum size of the ANY message send by the
Message size      domain user.

Global Domain Options

Global Domain Options are valid for WHOLE SERVER - All Domains, which are
specified in the parametric file.

Field                Description
Use Domain Disk      This option indicates that specified domains should be checked for disk
Quota                quota when receiving new mail. If the quota exceeds the limit the mail
                     will be rejected. Any domains requiring a quota need to be specified in a
                     file diskquot.dat (in the Config subdirectory).The file can be opened
                     with the edit button
                     The format of the file is as follows:

                     Domain=limit

                     Example:

                     usa.net=5192

                     *=10000

                     This would specify that all domains have a 10MB limit apart from usa.net
                     which has 5MB.
Use Domain User      This option is enabling/disabling the usage of the User limits specified
Limits               above:

                            User Mailbox Size
                            User Megabyte Send Limit per day
                            User Number Send Limit per day
                            User Max. Message size

                     Works for WHOLE SERVER, ALL DOMAINS.



VisNetic MailServer Administrator Guide                                               40
                      If you want to control only some of the users, you have to enable this
                      option and for each individual domain enter the User limit values you
                      want.
Use Welcome           This option specifies that when a new user is created, a welcome email
Messages              will be saved into his mailbox. You can specify different messages for
                      particular domains and not all domains have to have the welcome
                      message set.

                      The welcome mails must be created in separate text files. These text files
                      are referred to in the file messages.dat (in the Config subdirectory) which
                      can be opened for editing using the edit button

                      The structure of the file is as follows:

                      domain=filename

                      Example:

                      Deerfield.com=c:\deerfield.com\visnetic mailserver\welcome.tmp

                      If a line specifies an asterisk as the domain, the specified welcome file
                      will be used for the rest of the domains. Remember that if you want to use
                      this option, the asterisk must be on the last line of the file because the
                      following lines will not be checked.

                      It would be wise to send such message to any mailbox on the server and
                      then use the mail\domain\mailbox\xxxxx.tmp.

                      Example:

                      From: Support <support@deerfield.com>

                      To: All new users

                      Subject: Welcome our new user

                      Dear New User,

                      We would like to welcome ...
Warn User When        A warning email is sent to any user of the domain, when their mailbox
Mailbox Size          exceeds specified % of the total reserved space for him.
Exceeds (%)
                      The 0% means no warning.
The welcome file must be a normal mail i.e. specify fields such as From: Subject: etc and end
the file with a carriage return, period ('.') carriage return at the end.


VisNetic MailServer Administrator Guide                                                 41
5.2.4 Domain Miscellaneous




Field                   Description
Domain Virtual IP        A domain can be logically bound onto IP's. (If the primary domain is
Binding                  bound to an IP it is required that the other domains are also bound.)
                         You can specify multiple IP addresses using semi-colon.

                        When a user connects to authenticate VMS will use the specified IP to
                        find the domain. It is not recommended to use this option unless you
                        know what you are doing.
Domain Anti Spam Filter In filters you can specify email addresses, domains and IP addresses
                        that are or are not allowed to send messages to your server.

                         This is a text file which defines rules for accepting or rejecting email
                         for this domain. The Global Anti Spam option must be switched on to
                         have this working.

                         Click on the edit button to bring up the text file for editing.



5.2.5 Domain Info




The Info Tab shows information about selected domain.



VisNetic MailServer Administrator Guide                                                    42
Use the "Statistics" button to view all domain statistics information (number of users,
used space, total number of messages, etc).



5.3 User Basic Setup




Field           Description
Alias           This is the users name at the domain. Example: to setup the email address
                support@deerfield.com enter an alias of support.

                Multiple aliases can be used by separating them with a semi-colon:

                support;help;bugs;info
Mailbox         This is the name of the mailbox and mail account. Usually automatically created
                by VMS. This is what is used for authentication and mail collection. It defaults
                to the same as the alias but does not have to be.

                The mailbox name is also used as the login for web admin or remote
                configuration.
Password        The password for the mailbox. Repeat in the confirmation field.
Name            The real name, or an identifier. This is used in autoresponders and for displaying
                the accounts. You can also specify a comment in this field. You should use the
                semi-colon and then enter the comment. The comment is not used for
                autoresponders and account displaying. It's only used in searches and for your
                needs.

                Eg. "John Doe; my comment over here"



VisNetic MailServer Administrator Guide                                                   43
Comment         You can write some commentary for this account.

Important Information regarding duplicate mailboxes!

It is likely there will be duplicate mailboxes across different domains e.g.
sales@domaina.com, sales@domainb.com.

Delivery of email is easy since the domain is specified. However, upon mail collection by
users, in order for VMS to know which mailbox is being requested it compares mailbox
and password combinations. It is possible to have duplicate mailboxes across different
domains, but the passwords must be different.

One way round this is to bind all domains to different IP addresses. Then VMS can
differentiate between domains using IP. Or, make the mailbox unique by specifying the
full email address.

Account Storage Location




Field        Description
Mailbox Path This specifies that any email received to this account is stored in the defined
             mailbox. The directory name of the mailbox defaults to the name of the alias
             but can be different. This field can even contain a full qualified path.
Remote       This specifies that mail is not to be stored by this mail account and forwarded
Address      onto a remote address instead. This address should be of the format
             name@domain.com
Forward To   All incoming mail will be forwarded onto any addresses specified here. This is
             a separate option not related to "mailbox path" or "remote address". This
             provides a mechanism for copying email to remote or local accounts.
Account Type Specifies the account type which can be:

                 POP3

                 Ordinary POP3 account accessible via POP3.

                 IMAP




VisNetic MailServer Administrator Guide                                                 44
                IMAP account accessible only via IMAP.

                IMAP & POP3

                A combination of both IMAP and POP3. You can access the mailbox using
                either of the protocols.

Account User Permissions




Pull-Down Item Description
Standard       WebMail Access, Mail Client Access, Limited administration via
               WebMail.

                  The account is setup by an administrator for a user and cannot be
                  changed by anyone other than an administrator.
Self Configurable Like Standard + Web Admin administration of the own account.
User
                  Passwords, mailbox/forwarding, auto responder and deleting mail
                  after x days are the types of settings which can be changed. They
                  can also view their mailbox.
Domain            Like Self Configurable, but for all specified domains. Can
Administrator     create/modify users at these domains.

                  Domain administrators cannot change global settings but are
                  allowed to administer accounts in their domains. At the right there
                  is a button for controlling domains the administrator can maintain.
                  Enter the domains on separate lines.

                  E.g.

                  deerfield.com

                  microsoft.com

                  You can also specify the domain administrator rights on the first
                  line like this:

                  RIGHTS=U,M,D



VisNetic MailServer Administrator Guide                                                 45
                  The characters here stand for separate functions:

                  U - User accounts

                  M - Mailing list accounts

                  E - Executable accounts

                  N - Notification accounts

                  R - Remote accounts

                  D - Domain settings
Administrator     Full Server Administration without limitations
Spam              This checkbox depends on your Instant Anti Spam settings. User
Administrator     can be "Spam Administrator". Such user can administrate Instant
checkbox          Anti Spam messages databases and approve messages indexing.

Accounts User State




State             Description
Enabled          Fully working account.
Disabled (Login) Partially disabled account. Mail is received, but user can not log-
                 in. This is ideal for temporarily disabling accounts.
Disabled (Login, Disabled Account.
Receive)
Disabled         If and email is delivered to this account, sender is considered as
(Tarpitting)     "tarpitter" (See SECURITY, Tarpitting) and the IP address is
                 blocked as set in the Tarpitting Options.

Spam Administrator




VisNetic MailServer Administrator Guide                                                46
State             Description
Spam              Enables the Spam Admin access to the system using the Instant
Administrator     Messaging Anti Spam plug-in.
Mailboxes         Allows you to specify a few mailboxes the spam admin should be
                  able to maintain or moderate Instant Anti Spam access - Enables
                  the Instant Messaging Anti Spam plug-in.



5.3.1 User – Import Windows NT Users

Windows NT user database accounts may be imported into VisNetic MailServer.

Select the users you want to import and press the Import button. Additional users can be
loaded from different domains/servers using the Load button. If there are any aliases or
mailboxes with same value these users will be ignored and not imported. Passwords can
never be retrieved from any Windows system thus will be empty and you need to edit
them. Therefore, it is advisable to import the users as a first step of configuration.

5.3.2 User – Shared IMAP Folders

Shared IMAP Folders is a unique VisNetic MailServer feature which enables users to
share specified IMAP folders to the server users - over the Internet.

You can set IMAP folders sharing to any IMAP account.




VisNetic MailServer Administrator Guide                                                47
The Shared Folders button lets you open the Folder dialog where you can edit/delete and
add new shared folders.

Field                 Description
Name                  The folder name that will be displayed in the IMAP session
Domains               Can be empty by default. Empty stands for all domains. You can specify
                      other domains there too.
IMAP Account          Each shared folder is linked with an IMAP account. This field contains
                      the email address of the IMAP account.
IMAP Folder           If empty the INBOX of the IMAP account will be used as the shared
                      IMAP. You can also specify a different folder here.

Shared Folder Access Control List

Field                 Description
Lookup (l)            User can see this folder in their personal list of IMAP folders
Read (r)              User can open this folder and view its contents.
Write (w)             User can change flags on messages in this folder.
Insert (i)            User can append and copy messages into this folder.
Create (c)            User can create subfolders within this folder.
Delete (d)            User can delete messages from this folder.
Set Seen Flag (s)     User can change the read/unread status of messages in this folder.
Administer (a)        User can administer the ACL for this folder.
Post (p)              User can send mail directly to this folder (if folder allows).

In this dialog you set the rights to each email account that will login to IMAP. You can
also use the anyone account which stands for all non defined accounts.




VisNetic MailServer Administrator Guide                                                    48
5.3.3 User – Options




Field             Description
Limit mailbox      A quote can be assigned to a mailbox. If the user fills their mailbox any new
size               mail will be returned to the sender.
Megabyte send      A non-zero value here specifies the amount of data a user can send out in a
limit per day      day. Also, if a mail is sent to 2 recipients the usage is doubled. If the user
                   exceeds the limit he has to wait till the next day until being able to send some
                   more.
Number send        A non-zero value here specifies the number of mails a user can send out in a
limit per day      day. The logic is the same as the Megabyte send limit.
Max message        A non-zero value here specifies the maximum message size a user can send
size               or receive into his mailbox.
User can send      This specifies that the user can only send mail to a domain which is
mail only to local configured on this mail server. It will not let the user send mail external to
domains            this mail server.
Delete mail older VMS will remove any messages after the specified period. This happens at
than               midnight.
Forward mail       VMS will forward any messages after the specified period to the account
older than to:     listed. Multiple accounts may be specified using the semicolon delimiter
User State         Using this option you can disable the account to login or to login and receive
                   messages. Login means the user cannot login and check his email or change
                   any settings. Receive means no messages can be delivered to the users.

                   Tarpitting is good for old unused accounts. Some old mailing lists send
                   messages to old non-existing accounts. These messages will be considered as
                   spam.
NT Password        If set, the password for the mailbox will be inherited from a user account with


VisNetic MailServer Administrator Guide                                                   49
                 the same name as the mailbox. The mail server must have the
                 SE_TCB_NAME privilege. Enter a NT domain to validate against, or leave
                 empty to validate against the default NT domain. Handy if you use a
                 Windows NT network with domains.
Any Password     This specifies that no matter what password is given, it will always be
                 accepted.




Field           Description
Incoming Mail    Specifies a mailbox path or email address to copy any incoming mail to.
Outgoing Mail    Same as above, except outgoing mail is copied.



5.3.4 User – Responder




Field                  Description
Status                  This option sets up an autoresponder which is useful if someone is
                        away from their email for a lengthy period of time.

                        Do Not Respond

                        The option is disabled.

                        Respond Always

                        All messages sent to this account will have the auto response message


VisNetic MailServer Administrator Guide                                             50
                           generated.

                           Respond Once

                           A response message will be sent to all received messages only once.
                           VMS keeps a log of previous email addresses so messages will not
                           loop and will only be sent once to the sender while having this option
                           set.
Responder File             This button opens the responder file for editing. The file is a VMS
                           script file which can contain commands and variables. You can easily
                           create a multipart message with attachments and html parts.

                           The Responder file may use VMS System variables for passing
                           various system values.

                           Example:

                           %%From%% - From field
No Responder For           This button opens the file that specifies exception email addresses and
                           domains of senders that will not get a responder sent when sent a
                           message to this account.

                           The file name is norespond.dat and it can contain email addresses and
                           domains.
Reply From                 This is the return address that will be used in the auto responder. If
                           blank the email of the account and name will be used.
Respond only if to me      If a message sent to this account contains the email address in the To
                           field that belongs to this account then a response will be generated.
Expires if Inactive For    Account expires if not used for specified number of days.
[Days]
Expires on (yyyy/mm/d) Specifies that the account is only valid until this date. After the
                         validity expiration, the received mail cannot be received with the
                         POP3/IMAP4 client. The result is the same as when the account is
                         disabled.
Notify Before Expiration Specified how many days before the account expiration the
(Days)                   notification will be sent. The notification is default, if no Notification
                         file is defined.
Notification File        This specifies the path and filename of the report that will be sent to
                         the user informing them their account will soon expire. If not
                         specified a standard report will be generated.
Delete Account When      Expired Account will be deleted if this option is ON.
Expired




VisNetic MailServer Administrator Guide                                                   51
5.3.5 User – Special




Field           Description
NULL Account This option specifies that this is a dummy account. Mail can still be sent to it,
                but no mail is saved. However all the forwarding and autoresponder functions
                will work. The user will not be able to login to VMS.
ETRN/ATRN This specifies that this is the account in which all the messages will be kept for
Account         the remote mail server that will issue the ETRN/ATRN command. This
                account must be the first and the only account defined in the domain. It is used
                only when the domain is an ETRN/ATRN domain.
Add X-          This option specifies that all messages received for this accounts should have
Envelope-To the X-Envelope-To header added with the real recipient. This option is used for
                Catch All accounts so the remote mail server knows exactly to whom the
                message was sent to.
No mailing list Specifies that this user will be excluded from all VMS mailing lists that have
                "Send to All" specified.
NT Password If set, the password for the mailbox will be inherited from a user account with
                the same name as the mailbox. The mail server must have the
                SE_TCB_NAME privilege. Enter a NT domain to validate against, or leave
                empty to validate against the default NT domain. Handy if you use a Windows
                NT network with domains.



VisNetic MailServer Administrator Guide                                                52
ANY Password This specifies that no matter what password is given, it will always be
               accepted.
Service Access Enables or disables specified services.
Anti Spam      Edits the user anti spam file filter.dat.
Filter



5.4 Mailing List

The mailing list feature is an easy way of sending an email to a single address that will be
forwarded onto all the members of the list. They are especially useful as discussion
groups or connecting with others who share the same interests and ideas.

VisNetic MailServer can go one step further and also be configured as a "list server"
which means it will handle the administration of the mailing lists and their members via
emailed commands.

5.4.1 Mailing List – General




Field         Description
Alias          Specifies the name for the mailing list. When you want to send a mail to the list it
               will be this <name>@domain that you will use.
Description    Descriptive text for the mailing list
Owner          The email address of the owner of the list. Multiple addresses can be specified
               using the semicolon delimiter.
List File      If the list is to be used to send mail to various recipients at various domains then




VisNetic MailServer Administrator Guide                                                  53
             a list file needs to be used.

             The list file specifies the full path and filename of a text file containing the email
             addresses of the list members. After specifying the path and filename use the edit
             button to edit the members of the list. Place each member on a new line in the
             format of "username <email>" as follows :

             Ian Atkins <iana@rsk.net>

             John Doe <john@msn.com>

             or only

             iana@rsk.net

             john@msn.com
Source       Users From List File

             A standard list file will be used. See above.

             Users From ODBC

             Email address can be stored in database. An ODBC source will be used. The
             connection string has to be written in the ODBC settings dialog.

             Non-Personalized Email:

             Fill in the SQL query. The query has to return only one field which will include
             the email addresses.

             Example:

             SELECT Email From Users

             It is suggested to use the Test SQL Query button. This button will execute the
             query and will show you the result of the query in the text file. The text file
             should look like a list file.

             Personalized Email:

             SQL query can return more than one field. The field names have to match to the
             one used in the personalized mail. Personalized field name in the email body
             have to be enclosed to the {{}}.

             SQL Statement Example:



VisNetic MailServer Administrator Guide                                                  54
              SELECT Email, ContactName, Totalsales FROM Users WHERE
              Totalsales>'1000'

              Personalized Mail Example:

              Hello {{ContactName}},

              Your total sales exceeded {{Totalsales}}!!! You win a prize - wife of my boss...

              Users From Domain

              This option will forward a mail received by the list to every user in the domain.

              All Users

              Message will be forwarded to all accounts on the mail server including all
              domains.

              All Domain Administrators

              Message will be forwarded to all domain administrators on the mail server.

              All Administrators

              Message will be forwarded to all administrators on the mail server.
SQL Query     SQL command used to select the mail recipients (to create mailing list on fly)
Test SQL      Listing of the records corresponding to the SQL Query Command
Query...
ODBC          Set the ODBC source for Database connection.
Settings...




VisNetic MailServer Administrator Guide                                                 55
5.4.2 Mailing List – Message




Field              Description
From:              You can specify what each header should contain. It depends on your desire.

&                  Either you want to set the From field to Sender and Reply To to the email
                   address of the mailing list (this will cause all replies to go to the mailing list
Reply-To:          back to the mailing list) or you want to set the Reply-To field to Sender and
                   From to the email address of the mailing list (this will cause all replies to go
Headers            to the sender of the message).
Set Recipient To: Specifies a new recipient in the To header.
Header
Add to subject    This prefixes the subject line with the specified string. If the text is already
                  present it does not duplicate it. If the subject line is not present it is created.
Header File       Specifies a text file that should be inserted at the beginning of all messages
                  passing through the mailing list. Always a full path name.
Footer File       Specifies a text file that should be inserted at the end of all messages passing
                  through the mailing list.
Originator        This is an advanced SMTP option. When connecting to an SMTP server the
                  MAIL From <value > command is issued.

                   The possible values are:

                          Empty Mail From <>
                          Sender
                          Owner

                   If the Empty Mail From <> is selected (default) some email servers reject
                   the message. It can either be empty, filled with the sender or the owner of the



VisNetic MailServer Administrator Guide                                                      56
                 mailing list.

                 When you choose the Sender or Owner all bounce backs of the mailing list
                 will be sent to that email address.



5.4.3 Mailing List – Security




Field          Description
Moderated      A moderated mailing list is where a message needs to contain a password for
Mailing List   the message to be approved and sent to list members. There must be a password
               at the start of the Subject. If the password is not specified then the message is
               sent to the list owner who can add it and send it back. When the message is sent
               out to list members the password part from the Subject is removed! When used
               along with the option Server Moderated all messages are saved on server and
               when replied to the original message will be sent out to members. In that case
               the reply serves as a password only. To delete stored messages on the server
               and not sending them out to the mailing list add '-DELETE' to your approval
               password.

               Some mail clients support the X-Approved MIME header which contains the
               password. VMS automatically checks that header. If it finds it and the password
               is correct it does not check and remove the first line. It will only remove the X-
               Approved header.
Server         If the mail is sent without a password it will stay waiting on the server for
Moderated      confirmation and the notification email is automatically sent to sender.

               If sender will replies to this notification mail - the original mail is sent from the
               server to the recipients from the mailing list. This processing can be used for
               simple protection against the unauthorized sender.
Password       Pass. pro Server Moderated
Allow          You can also specify a list of email addresses that are eligible to join the



VisNetic MailServer Administrator Guide                                                   57
Subscribers      mailing list in a second text file, and append this to the first with a semicolon
                 delimiter.

                 Example

              c:\deerfield.com\visnetic mailserver\list.txt;c:\deerfield.com\visnetic
              mailserver\allowed.txt
Max Mail Size Specifies the maximum message size that can be sent to the mailing list.
Deny EXPN     If a client issues an EXPN command the list members will be returned.
              Checking this option prevents this - "No such mailing list" will be returned.
Members Only Specifies that only the members of the mailing list can send messages to the
              mailing list. If users have some flags set they need the POST flag.


5.4.4 Mailing List – Other




Field             Description
Send to Sender  If unchecked and a user (who is on the list) sends a message to the list, he
                himself will not get it back. If checked he will receive a copy of his own
                message.
Forward Copy to If the owner is not on the list, this option will copy messages to the email
Owner           address specified in the "owner" field. However it is suggested that owners
                subscribe to the list themselves.
Digest Mailing Specifies that all messages sent to this mailing list will be saved and kept in a
List            package file which will contain the list of messages and their bodies. Then at
                midnight a single message will be sent to the digest members of the mailing
                list.
Process Mailing There are certain variables you can use inside of the body of sent mailing list
List Variables  messages. The variables are the same as the ones for Auto Responder. If this


VisNetic MailServer Administrator Guide                                                    58
                  option is set VMS will replace the variable definitions with the proper values.
Personalized      In your message you can use the Personalized Mailing List option and all
Mailing List -    message list variables {{item}} will be replaced with the value of the
Variable fields   member of the list. The values can be static or gained from the ODBC by an
                  SQL statement.

                  Static Mailing List Syntax:

                  emailaddress;parameters;field1=value1&field2=value2....fieldn=valuen

                  emailaddress               Email address of the recipient.
                  parameters                 Parameters are bit values and specify Post, Read
                                             and Digest flags.

                                             Bit 0 - Read/Receive

                                             Bit 1 - Post

                                             Bit 2 - Digest
                                             0       or empty - plain mailing list (default)
                                             1       Read/Receive
                                             2       Post
                                             3       Post & Read/Receive
                                             4       Digest
                                             5       Digest & Read/Receive
                                             6       Digest & Post
                                             7       Digest & Post & Read/Receive
                  field=value                Field definition for the personalized mailing list.
                                             In the email message is field enclosed to the {{ }}

                  Personalized Mailing List Example:

                  user@deerfield.com;;name=User&totalsales=1050&pricecode=gtysrv778

                  ryan@deerfield.com;;name=Ryan&totalsales=1500&pricecode=dert464566

                  Personalized Mail Example:

                  Dear {{name}}},

                  Congratulation! Your sales exceed ${{totalsales}}. Let us offer you the




VisNetic MailServer Administrator Guide                                                59
                   special price for the next purchases. Your new pricecode is {{pricecode}}.

                Your Deerfield.com Team.
Remove Dead     When this feature is enabled, VMS will automatically remove an address
Email Addresses from the members list file when it encounters a permanent fatal error while
                attempting delivery.

                 The removing process is applied when sending a new message to the mailing
                 list.
Max # Messages If this field is other than 0 it specifies the number of messages that can be
To Send Out in 1 sent per 1 minute. VMS lets you control the flow of outgoing messages using
min.             this option. It might become handy when sending large amounts of messages
                 (more than 10000).
Join/Leave File If the list is administered by a listserver, then when a new user is added VMS
                 will inform the new user of their subscription and also unsubscription when
                 leaving the list.

                   A text file (rules of the list perhaps) can be appended to this information by
                   specifying a path and filename here. As always the edit button can be used to
                   edit the file.

                   The leave file is specified by using a semi-colon and specifying another text
                   file.
Notify Owner       You can notify the owner of the list of certain events. These are:

                    Join           when somebody new joins the mailing list
                    Leave          when somebody leaves the mailing list


5.5 List Server
List Server is used for controlling the Mailing Lists via emails.
The only lists controlled are mailing lists based on text files.




VisNetic MailServer Administrator Guide                                                 60
5.5.1 List Server – Creating a List Server




Field          Description
Alias          Specifies the name for the list server. When you want to send commands to the
               list server it will be this <name>@domain that you will use.
Description    Descriptive text for the list server
Owner          The email address of the owner of the list server. Multiple addresses can be
               specified using the semicolon delimiter. This option is used for replies from the
               list server and as a confirmation email address.
List File      By default this option should be empty and servers to all mailing lists.

               If you need to list allowed mailing lists this file contains a list of all the mailing
               lists that can be administered through it.

               Place each mailing list on a new line as follows :

               List1@domain1.com

               List2@domain2.com
Confirmed      All subscriptions will have to be confirmed by email by the owner.
Subscription
Command In     By default the list server will accept commands that are embedded into the
Subject        body of mails sent to it. Check this and VMS will require that commands are
               entered into the subject line.
List Server    If a user sends a help command to the list server, the list server will send back a
Help           standard help response. If a file is specified here, VMS will send it back
               instead. If you add a semi-colon and another text file path here this file will be
               used in the Confirmation message from the list server when used confirmed
               subscriptions.
Allowed        These checkboxes specify what commands the list server is allowed to process.
Commands       See the list of commands on the next page


VisNetic MailServer Administrator Guide                                                    61
5.5.2 List Server – Commands


Command                 Description                         Usage
JOIN or SUBSCRIBE The join or subscribe commands are         JOIN [password] {listname},
(JOIN-DIGEST or   issued by users who want to join the       [mail address], [full name]
SUBSCRIBE-DIGEST) list. These commands are only
                  accepted if allowed by the list            or
                  server. Otherwise, the owner gets a
                  message about the user request.            SUBSCRIBE [password]
                                                             {listname}, [mail address], [full
                                                             name]

                                                             The values inside the braces are
                                                             optional. If no email address is
                                                             given, the one they use to send
                                                             the request will be used.
LEAVE or                Users can leave the list             LEAVE [password] {listname},
UNSUBSCRIBE             automatically using the leave or     [mail address]
(LEAVE-DIGEST or        unsubscribe command.
UNSUBSCRIBE-                                                 or
DIGEST)
                                                             UNSUBSCRIBE [password]
                                                             {listname}, [mail address]

                                                              The values inside the braces are
                                                              optional. If no email address is
                                                              given, the one they use to send
                                                              the request will be used.
NORMAL or DIGEST        Users can change the mode of their NORMAL [password]
                        subscription either to normal or to {listname}, [mail address]
                        digest.
                                                              DIGEST [password] {listname},
                                                              [mail address]
LISTS                   Use this command to obtain a list of LISTS [password]
                        all the mailing lists that are served
                        by this server.
WHICH                   This command returns you a listing WHICH [password] [mail
                        of all the mailing lists to which you address]
                        have subscribed.
                                                              The values inside the braces are
                                                              optional. If no email address is
                                                              given, the one they use to send


VisNetic MailServer Administrator Guide                                              62
                                                                  the request will be used.
RECIPIENTS or               Get a listing of all members of the   RECIPIENTS [password] <list>
REVIEW                      specified mailing list.
                                                                  or

                                                                  REVIEW [password] <list>
HELP                        Use this command to get a             HELP [password]
                            description of all the list server
                            commands (as on this page)


5.5.3 List Server – Options




Field           Description
Moderated List When running as a listserver, all list server commands are protected by a
Server         password. This password is placed between the command name and the
               command parameters.
Password       Password for moderated list server.
Originator     The possible values are:

                                Empty Mail From <>
                                Sender
                                Owner

                If the Empty Mail From <> is selected (default) some email servers reject the
                message. It can either be empty, filled with the sender or the owner of the
                mailing list.



5.6 Executables

Executables provide the ability to execute jobs on a server without having to use any
remote admin tools. Simply setup a job in advance, then the job can be executed by
sending an email to the server.


VisNetic MailServer Administrator Guide                                                 63
Do not forget the application must properly exit at the end. All applications usually
require the temporary message file name as the input.

It would be a good idea to use the anti spam filters to only allow your email address
through to this account though or to use password.




Field                 Description
Alias                 This is the executable name at the domain. E.g. defrag@vmsdemo.com
                      would require an alias of defrag
Description           Some descriptive text for this executable
Application           Specifies the path and filename of the application to execute. This can be
                      a DOS or W32 application or a DLL. Must not require a user input.


                      Executable - A standard executable

                      StdCall - A DLL with the WINAPI (StdCall) interface

                      Cdecl - A DLL with the Cdecl interface
Parameters            Specifies the parameters to execute the application with:

                      %%From%% - who the mail was sent from
                      %%To%% - who the mail was sent to
                      %%Subject%% - the subject of the mail

                      %%Date%% - the date of the mail
                      %%Message-ID%% - the header id of the message
                      %%MessageFile%% - the full path/filename of the message

                      When passing parameters to the executables, it is a good idea to enclose
                      them with double quotes in case the parameter has a space embedded in
                      it.
Password              The executable can be protected by a password. If this field is filled the


VisNetic MailServer Administrator Guide                                                 64
                      Subject of the message will be checked for the password. If found the
                      password will be deleted from the Subject and executable will be
                      processed. Else the executable will not be processed.
Forward To            Specifies that the contents of any email is also forwarded to the specified
                      address.



5.7 Remote Accounts

Remote Mail Accounts are user accounts on external POP3 servers. You can assign VMS
to check for waiting email on a remote server. It can either be done for one account or for
the whole domain using the Domain POP feature and other related options.

All Remote Accounts send a message to the Forward To addresses if they are not Domain
POP.




Field           Description
Name            The name of this remote account. It is used purely for informational purposes.
Server          Specifies the POP3 host name server example pop3.demon.com
Username        Username of the collected mailbox
Password        The password of the remote POP3 account.
Forward to      Specifies the list of addresses separated by semi-colons to which the
                message(s) should be forwarded.
APOP            Check this to ensure that VMS logs in using the secure APOP command. The
                remote server must support this. (APOP is a secure login using md5
                encryption)
Dedupe          VMS will read the message's Message-ID header field and if some messages


VisNetic MailServer Administrator Guide                                                 65
Collected Mail have the same ID the message will be processed only once and no message
               duplicates will be done.
Leave          VMS will leave the messages on the remote server after retrieving them. In
messages on    other words, will not erase them.
server
Delete Message This option is related to the Leave Messages On Server option. If the message
If Older Than on the remote server is older than the specified number of days it will be
               deleted.
Delete         This option is related to the Leave Messages On Server option. If there is the
Messages If    specified number of messages or more on the remote server, messages will be
More Than      deleted.
Schedule       Specifies the Schedule tasks for this remote account that need to be entered.
               This is the standard VMS scheduler dialog. Do not ever forget to setup the
               Schedule
Use Direct SSL If checked, whole session will be encrypted by SSL if possible.




5.7.1 Remote Accounts – Domain POP




Field                Description
Domain POP            Specifies that this remote account is to be used to collect mail for the
                      entire domain i.e. the remote POP3 account contains all the email for this
                      domain.




VisNetic MailServer Administrator Guide                                                66
                      The messages will be resolved by the header "To: ", "Cc: " or other
                      methods.

                      Example if a message has the header "To: John Doe <john @doe.com>",
                      the doe.com domain must exist on VMS and the message will be
                      delivered to john in the doe.com domain. If the domain does not exist or
                      the user either, the "Forward To" option will be used and the message will
                      be delivered to the specified email address. In other words, Forward To
                      contains an email address to send messages to that are undeliverable and
                      come via Remote Accounts.

                    Sometimes all messages are delivered to the Forward To account. This
                    might be caused by several reasons. If such thing happens make sure the
                    domain in the To header matches the domain defined on VMS else use
                    the Special option Domain Conversions. You can also use direct Email
                    Address Routing which has the same syntax as the VMS Redirect option.
Do Not Process      Specifies that the Domain POP procedure should not use the "Received: "
Received Header     header and the "for" item. Some remote mail servers set this field to a
                    different email address then the one in the To header. This can cause
                    nothing but problems. VMS uses the first Received header created.
Stop Parsing If     If processing the received headers VMS will always use the first received
Received Yields A header created in the message. When this option checked VMS will read
Local Address       all of the received headers and will check to find if some of them contains
                    a local email address. If found the processing will be stopped and the
                    address will be used.
Parse These Headers By default VMS parses some given headers like To, Cc etc. This option
                    when used lets you specify other MIME header fields for VMS to use.
                    The window lets you specify additional header items. One per each line.
Real Name Address Specifies that when using Domain POP VMS should try to search through
Matching            actual names in the header and only lookup based on the alias. Example
                    for "John Doe <john@doe.com>" VMS will look for "John Doe" on the
                    server and if found it will deliver the message to that account.
If Email            You can also limit the feature above only when the email address matches
                    the given email address.

5.7.2 Remote Accounts – Special




VisNetic MailServer Administrator Guide                                               67
Field             Description
Forward Extra     All messages received by the remote account can be forwarded to a given
Copy To           email address using this option.
Convert Domain    VMS relies on the domains of the recipients to be defined on the server. If
Names             your messages received by the remote account do no have the domain name
                  defined on the server you can create domain name conversions using the
                  Domains button.

                  Example:

                  dummy.com=localdomain.com
Email Address     This option lets you specify routing rules for messages received by the
Routing           remote account. The same syntax as for the VMS Redirect feature applies.
                  You can use email addresses, domains anything.


5.8 Static Routes

Static Routes are simply aliases which are able to receive email and forward these
directly to other mail servers or domains based on whatever filter mechanisms are
configured.




Field                 Description
Alias                 Specifies the alias for the static route.
Description           Some descriptive text.
Action                Forward To Address

                      Message will be forwarded to this address.




VisNetic MailServer Administrator Guide                                              68
                        Forward To Domain

                        Message will be forwarded to this domain with the received recipient.

                        Forward to Host

                        Message will be sent to the specified Host machine. It can be a host name
                        or IP address.

                        Deliver to This Domain

                        Message will be delivered to the actual domain without any other
                        filtering. This is useful when you want to check all messages for
                        something and then deliver it to the recipient. You can use external filters
                        to do whatever you want.

                        Delete

                        Message will be deleted.
Forward                 Specifies that even if the domain to forward to is local, to still forward via
                        the Internet. This is useful when there are more MX records for one
                        domain and the other domain with higher priority was not working. This
                        mail server will receive the mail and will try to deliver it to the other
                        primary mail server.
Value                   The value i.e. address, domain, host etc
Forward To              This option lets you save all messages which meet the filter criteria and
                        were filtered. This is a relative directory path for local mailboxes. This
                        should be the same string as for the user’s mailbox path that will receive
                        the messages. It can even contain a full qualified path.

Filter Settings

Field             Description
All               All messages will be processed by the static route.
Filters           Specifies VMS filters which will be applied to messages.

                Each filter has a logical condition of AND or OR. Once the logical value of the
                filters is true the action of the Static Route will be processed.
External Filter Specifies an external filter file instead of the built-in VMS ones. The external
                filter file must be a DLL with this function or an executable:

                  TMessageStruct = Packed Record




VisNetic MailServer Administrator Guide                                                     69
                szOriginalAddress: Array [$00..$FF] Of Char;

                szRecipientAddress: Array [$00..$FF] Of Char;

                szFilename: Array [$00..$FF] Of Char; // Name of the temporary message file

                End;

                There are 3 other options: StdCall, Cdecl and Executable. The 2 first options
                specify the type of the DLL.

                Function VMSFilterProc(Var MessageStruct: TMessageStruct): Boolean;
                StdCall;

                Function VMSFilterProc(Var MessageStruct: TMessageStruct): Boolean; Cdecl;

                If the function returns true the message will be processed by the server else not.
                Do not forget when importing the DLL function that the case matters. The
                function’s name is case sensitive.

                The 3rd parameter specifies that the filter is an executable and will be called
                each time. A first parameter passed to this executable will be the file name of the
                message. If the executable returns an exit code other than 0 then the message
                will be processed by the server.
Anti Spam       As always, an anti spam filter can be applied.
Filter


5.9 Notification

The Notification account is an alias that is designed to convert a message into a suitable
format for Notification delivery.

In essence this usually means chopping the message into Notification chunks and
stripping off attachments.

If the message is received with an attachment, then the attachment is dropped and only
the text of the message is sent.

In order to use this option you need an email gateway from your provider. This means
you need to have an email address that you sent messages to your notification device.




VisNetic MailServer Administrator Guide                                                  70
Field            Description
Alias            Specifies the alias for the Notification
Description      Some descriptive text.
Notify To        Specifies the email address of the email gateway that the formatted message
                 will be sent to.
From             If filled this will be in the message's From field.
Max Size         This specifies the maximum number of characters that can be accepted in a
                 single notification. This is specific to the telecoms provider.
Count            This specifies that if the message is larger than "Max Size" how many chunks
                 it is allowed to be split into. A count of 1 and a Max Size of 128 means that
                 only the first 128 characters of a message will be sent. A count of 2 means
                 that the first 256 characters of the message will be split into 2 separate
                 messages and forwarded onto the gateway.
Forward To       Specifies an email address that the message will be forwarded to.
Originator       The possible values are:

                       Empty Mail From <>
                       Sender
                       Owner

                 If the Empty Mail From <> is selected (default) some email servers reject the
                 message. It can either be empty, filled with the sender or the owner of the
                 mailing list


5.9.1 Notification - Other




VisNetic MailServer Administrator Guide                                              71
Field                Description
Into Subject         The Subject of the notification message will be compiled from the options
                     below
To                   Specifies that the recipient field is placed into the notification.
From                 Specifies that the sender field is placed into the notification.
Subject              Specifies that the subject field is placed into the notification.
Date/Time            Specifies that the date and time is placed into the notification.
Body                 Specifies that the body text is placed into the notification.

You can create the own notification Subject or Message, instead off the arrived one.

Field            Description
Subject          Any notification account can contain your own subject. You can specify the
                 content by this option.
Body             Any notification account can contain your own body. You can specify the content
                 by this option.
Text File        Any notification account can contain your own body. You can specify the content
                 by this option. The whole content of the text file will be inserted into the
                 Notification account.


5.10 Catalog

Catalog allows you:

         Mail server to send you file from the Catalog file list on the server. Catalog file
          list can contain any files from any folders.
         Mail server to send you file from the specified folder
         Mail sender to compress content of the any folder and to send it to you in Data
          Package compressed file. This file can be automatically decompressed by the
          specially defined Content Filer
         Mail server to send any of above to the any specified email address.



VisNetic MailServer Administrator Guide                                                         72
See examples for the each listed possibility at the end of this document.

Catalog is activated by the properly specified email send to the catalog account, similar to
the List Server account.

The catalog account is a special storage mechanism where you can have several
catalogs containing several items. Items are links to files.

Each catalog account can be protected by a global password and each catalog item
retrieving can be protected by a special password.

You can also specify what commands are allowed for the account and where the
commands should be placed.




Field              Description
Alias              Specifies the alias for the Catalog
Description        Some descriptive text.
Password           Specifies a global password which has to be used for all
                   commands sent to the catalog account.
Command in         By default all commands will be read from the message body. If
Subject            you set this option there can be only one command and that is in
                   the subject of the message.
Allowed            The commands you can send to your catalog accounts are listed
Commands           below. You can use more commands in a message.

                   DIR

                   The DIR command lets you retrieve the catalog item listing.
                   [Password] is used only when the global password is set. The



VisNetic MailServer Administrator Guide                                                  73
                 syntax is the following:

                 DIR [PASSWORD] CATALOG

                 GET

                 The GET command lets you retrieve items from the catalog.
                 [Password] and [CATALOGPASSWORD] is used only when
                 passwords are set. The syntax is the following:

                 GET [PASSWORD] CATALOG ITEM
                 [CATALOGPASSWORD]

                 Example:

                 DIR CATALOG1

                 DIR CATALOG2

                 GET CATALOG1 Manual.doc

                 SENDTO

                 The SENDTO command lets you specify the receiver's email
                 address. In other words you can send a file from a catalog to
                 somebody else without even receiving the files from the catalog.
                 The syntax is the following:

                 SENDTO EMAIL_ADDRESS

                 To use SENDTO command you have to Uncheck option
                 "Command in Subject" and place two commands to the body of
                 the mail, as shown in the example below.

                 Example:

                 SENDTO john@deerfield.com

                 GET CATALOG1 Manual.doc
Catalogs         This buttons lets you define lists of the files used for the transfer
                 with the catalog feature.
Originator       This is an advanced SMTP option. When connecting to an SMTP
                 server the MAIL From <value > command is issued.




VisNetic MailServer Administrator Guide                                                  74
                   The possible values are:

                          Empty Mail From <>
                          Sender
                          Owner


To define/modify files you can send by the catalog account, press button Catalogs.




In the catalog dialog you can add, edit and delete particular catalogs.




In this dialog you configure the whole catalog with its items.

Field            Description
Name             Specifies the catalog name or ID which will be used in the commands.
Password         Specifies the password for Item retrieving (GET command). DIR command
                 does not need a password.
Folder           Folder option allows you to link the catalog with a specific directory so all the
                 files in it will be the items. You have to specify the full path here.

                 The advantage of this option is that you can retrieve ANY file from the
                 specified folder and you do not need to define items (see below).
Allow            By this option the GET command will be able to retrieve items from


VisNetic MailServer Administrator Guide                                                   75
Subdirectories subdirectories in the Folder.

                You cannot use the "...” for security reason, but you will be able to use "\" in
                the item name which is prohibited by default.
Folder Data     If you will check this option, the all files from the Folder will be compressed to
Package         the file PACKAGE.IDP

                The PACKAGE.IDP can be automatically decompressed by the specially
                defined Content Filter. See Actions list of the Content Filter options.
Item            Specifies the identification of the item which will be used in the commands.
                The typical command syntax is:

                COMMAND catalog name [item]
Filename        Specifies the full path to a filename on your HD which is linked to the Item.


5.10.1 Catalog – Retrieve File Example

Suppose that you have data structure:




Define Catalog Account DataRetrieve@vmsdemo.com




Notice, that is checked Command in Subject.

Press Button Catalogs... and define catalog DATA:



VisNetic MailServer Administrator Guide                                                 76
To retrieve file c:\data\logo.gif send an email to the catalog account as:




Notice, that for the getting file logo.gif you have to specify its item name logofile.

You will get back an email with the file logo.gif in the attachment.

5.10.2 Catalog – Retrieve File from Folder Example

Suppose that you have data structure and Catalog Account DataRetrieve@vmsdemo.com
as in the first example.




Press Button Catalogs... and define catalog FILES:




To retrieve file c:\data\logo.gif send an email to the catalog account as:




VisNetic MailServer Administrator Guide                                                  77
You will get back an email with the file Releasenotes.txt in the attachment.

5.10.3 Catalog – Retrieve all Files from Folder Example

Suppose that you have data structure and Catalog Account DataRetrieve@vmsdemo.com
as in the first example.




Press Button Catalogs... and define catalog ALLDATA:




To retrieve file c:\data\logo.gif send an email to the catalog account as:




You will get back an email with the file Package.idp in the attachment:




VisNetic MailServer Administrator Guide                                        78
The PACKAGE.IDP contains compressed files of the folder specified in the folder
definition (see ALLDATA above). If the option Allow subdirectories was on, the
subdirectories are included too.

To decompress PACKAGE.IDP use Content Filter with the action Extract All
Attachments to Directory (see Security, Content Filter) or free tool IDP.EXE, which can
be downloaded from ftp://ftp.deerfield.com\pub\current\idp.exe

5.10.4 Catalog – Send File from Server to the Any Recipient Example

Suppose that you have data structure and Catalog Account
DataRetrieve@VMSdemo.com as in the first example.

To send content of the whole ALLDATA folder packed to the one file PACKAGE.IDP to
the email address user@vmsdemo.com, by sending email:




Notice, that catalog commands are located in the Body now. To be able place commands
to the body you have to uncheck option Command in Subject - Catalog Tab.




VisNetic MailServer Administrator Guide                                              79
Chapter 6


Server Windows Administration


6.1 Server Monitor




Server Statistics contains 4 tabbed sheets.

Protocol Statistics lets you monitor all important information about your server traffic.
You can see Running time, total number of all server/client connections, amount of
server transferred data and statistical graph. Information is available for all VMS
services.




VisNetic MailServer Administrator Guide                                                 80
You can see how many messages were rejected by Content Filters, marked as a Spam,
rejected by Antivirus core, filtered by filters, messages that for any reasons exceed limits
and messages rejected by RBL.




Volume Statistics lets you watch all global server statistics data like Number of domains,
number of users, total free and use space, total size and number of messages waiting in
outgoing queue. Same statistics are available for specific domain or user.




VisNetic MailServer Administrator Guide                                                   81
Active Sessions tab sheet lets you monitor the active connections and sessions to the
server. If you have the service logging on then you can double click on the particular
session and the whole history will be displayed.




If you use right button and click on the line with server session, you can kill any session
in real-time.

Session History tab sheet will save all history events up to the Max History value. You
can also perform filters on the history by using the History Filter button. To enable and
disable the session monitoring use the Monitor Sessions checkbox. You can also view the
whole session history when the logging is switched on by double clicking the history
session line.


VisNetic MailServer Administrator Guide                                                   82
Chapter 7


Server System Tab


7.1 System Tab

This is the VisNetic MailServer Administration applet that provides an overview of the
status of the mail server services rudimentary settings.

The panel at the bottom shows what is happening to VisNetic MailServer in real-time.
Current connections and data transferred to date are shown.




VisNetic MailServer Administrator Guide                                                  83
7.2 Remote Server Control

By default the control panel applet connects to the localhost. If you wish to connect to a

remote VisNetic MailServer use the Connect button                , then enter the hostname,
port, admin user and admin password.




The admin user can be any user account which has the Administrator privilege.

7.3 Remote Server Control




Field                     Description
Mailserver Hostname       This specifies the name of the mail server computer. It must not be
                          empty. It is used when the mail server authenticates itself with other
                          mail servers. Typically it would be mail. {yourdomain.com} Basically
                          it should the host name of your mail server which has been registered
                          on DNS.
Use Relay Server          If this server is not going to be sending out email directly (it may be a
                          small company server on dialup to the Internet which passes mail to
                          the ISP mail server) then it will need to relay the mail to a server
                          capable of sending. This field specifies the hostname or IP address of
                          the relay server.

                          You can also use the SMTP AUTHentication when relaying. The
                          same syntax applies to all host options in VMS. You simply need to
                          specify the host name in the complete URL form:

                          username:password@hostname

                          E.g.:

                          customer01:passxx02@mail.myisp.com
Use DNS Lookup            If this server is to be used to send out mail itself, then it will need to


VisNetic MailServer Administrator Guide                                                     84
                            lookup DNS MX (Mail Exchange) records for external domains.
                            Enter the hostname or IP address for DNS server(s) here. Separate
                            multiple entries with a semicolon. Always use the Test DNS button.

                            Make sure you read the DNS Appendix section.

A special delivery mode is available for static IP delivery inside private networks, among
multiple mail servers, when no DNS server is available.

If a hosts.dat file is found in the Config subdirectory, VMS will override the normal MX
record resolution (DNS Lookup mode) and provide a static domain to hostname/IP
address mapping.

The syntax is as follows:

<domain>=<hostname>

or

<domain>=<IP address>

Example:

domain1.local=mainserver

domain1.local=192.168.0.100

To restore the normal DNS Lookup mode, simply remove hosts.dat from the Config
directory.

DNS Query Test

If you are using the DNS Lookup method to send email via Internet, the valid DNS
Server Hostname (one or more) have to be entered into the DNS Lookup field.

Check DNS by pressing button DNS Query Test. If the DNS Server (at least one from the
list) responds properly, all is OK.




If the DNS Server is not responding properly, you will get an answer:



VisNetic MailServer Administrator Guide                                                 85
Enter valid the hostnames or IP address of at least one DNS server in the DNS field.

You can enter ANY DNS Server hostname or IP, since the all DNS server on the Internet
are replicated automatically. If you are not sure about your DNS leave the default one. It
will work. However, if you put an incorrect one here it will not work.

Note: If the DNS Query Test replies OK, your Mail Server is ready to SEND messages to
the Internet. However if you want to RECIEVE emails from the Internet, you have to set
properly MX Records for your domain at the DNS Server.

If you are not familiar with the DNS Server, contact your Internet Connection Provider
and ask him to set you the MX records for your domain. This service is provided by the
most of the Internet Server Providers or Connectivity Providers for small annual fee.

7.4 Service State




For each of the services the status is showed along with start/stop control buttons.

The green light means, that the service is running.

Service                    Used for                               Default Ports
SMTP                       Send mail                              25, 366, 465
POP3                       Receive mail                           110, 995
IMAP                       Read Mail                              143, 993
HTTP                       Web Administration, Web Mail,          32000, 32001
                           Proxy Server
IM                         Instant Messaging server               5222, 5223
LDAP                       LDAP Server                            389, 636

If some of the functions above are not running, check if the services are running first.



VisNetic MailServer Administrator Guide                                                    86
If some service is not running, try to start it again, however if it is not possible, there is
probably conflict with another program using the same port.

See the next option about standard ports assignments.

Server Diagnostics

The simplest way to check the server functionality and ability to send mail via Internet is
to use the Server Diagnostics... button.



7.5 Service Settings




Click on the Service Settings button. This brings up the advanced service settings. You
do not need to change these settings usually.




VisNetic MailServer Administrator Guide                                                          87
7.5.1 Service Settings – Performance Settings




Field            Description
SMTP Client      The max number of simultaneous connections to another SMTP server.
Channels
POP3 Client    The max number of simultaneous connections to another POP3 server when
Channels       collecting mail via POP3.
SMTP / POP3 /  The Cache Thread specifies the maximum number of threads that can be reused
Inst. Msg. /   for new client connections. Each new connection that is accepted by the server
Control Thread is given a separate execution thread. In order to improve performance, server
Cache          sockets store these threads in a cache rather than freeing them when the
               connection is closed. New connections can then reuse threads from the cache,
               rather than requiring the server to create a new thread every time a connection
               is accepted. This can speed up the server.
Listen Back    The maximum length to which the queue of pending connections can GROW.
Log            If this value is SOMAXCONN, then the underlying service provider
               responsible for socket will set the backlog to a maximum "reasonable" value.
Packet Delay   If the server is on a very fast connection (eg local LAN) the speed at which
(Outgoing &    VMS works might impact on other services' performance. Use this option only
Incoming)      when you are sure you need it. You do not need with a 128k and less
               connection at all.
Protocol       VMS is a very fast mail server and although all supported Internet protocols are
Response Delay synchronous and work with most of the mail clients properly there are some
               mail clients that get confused by the speed of VMS. We are talking about
               Outlook 2002/XP. Microsoft made an implementation bug. If you put here 10 it
               will work just fine.
Session        Specifies the amount of time in seconds of session inactivity. If this number is
Inactivity     exceeded the session will be automatically ended and timed out.
Timeout
DNS Query      Specifies the timeout for the DNS Lookup function. If the DNS server does not
Timeout        respond in this given time, the server found the DNS as not responding. The
               default value is 20 seconds and can be lowered if you think your DNS server
               responds in fewer seconds. You can test this with the DNS Query Tool.
DNS Query      Enables the smart dns queries. A powerful feature which can process 10000


VisNetic MailServer Administrator Guide                                              88
Smart Cache      DNS queries per 1 second. It uses real DNS TTL.


7.5.2 Service Settings – Service IP Binding




Use this option to choose the adapters IP addresses that should be used by the services. If
this option is not used all adapters will be used. Multiple addresses can be specified using
semi-colon.

Binding is not necessary for proper multiple domain configuration.

If you need to bind VMS at W2K or WXP, you must disable the IP Pooling features of
this operating system first. Search for more details at Microsoft Web site.

VisNetic MailServer has integrated full IPv6 support, so you can bind VMS to an IPv6
address. Use Edit button, or edit manually bind.dat file. This file contains IP address for
the services to Bind To.

Format is:

// Outgoing_Bind=<IP2>
// IPv6_Bind=* // Enables IPv6
// Example:

Outgoing_Bind=192.168.0.2

IPv6_Bind=*

7.5.3 Service Settings – Max Parameter Settings




Field                  Description
Max Hop Count          Specifies the maximum number of hops from mail servers. This is
                       protection from mail looping. This option specifies the maximum number
                       of mail servers through which a mail can be delivered. If the number is
                       exceeded the message is returned as undeliverable. This can occur when
                       there are problems with the DNS Mail Exchange (MX) records for a
                       domain or when you use the Relay feature and you relay back to VMS.
Max Recipients         Specifies the maximum number of recipients in a message. This is a
                       protection from spam.



VisNetic MailServer Administrator Guide                                                   89
Protocol Max bad      This specifies the number of bad commands VMS will accept on a
commands              connection before closing the port.
Max Server            Specifies the maximum number connections for a server service. If the
Connections           connections would exceed a temporary unavailability message will be
                      returned.


7.5.4 Service Settings – Undeliverable Messages




Field          Description
Undeliverable This specifies the number of days that VMS tries to send mail. If the mail
After          cannot be delivered in the specified period it is returned to the sender as
               undeliverable.
Undeliverable This specifies how many hours pass until the sender of a mail is informed that it
Warning after cannot be delivered. The server will keep trying to deliver the mail until it is
               successful, or reaches the "undeliverable after" number of days.
Report Alias / The report alias is the alias that is added to the primary domain and is put into
Report Name the "From: " field when the mail system generates an automatic report such as
               Undeliverable report, Disk space monitor report etc. The report name is the
               name that comes before the report address.
Info To Admin All undeliverable messages will be also send to the administrator.
Bad Mail       This option requires an email address or addresses (separated by semi-colon)
Address        which will be used in any case of an undeliverable message which cannot be
               send back to the sender. These are messages with empty "from", server
               generated messages, sender's mailbox is full etc. The email address can be any
               email address including local and external.


7.5.5 Service Settings – Other




Field              Description
SSL - Enable bug   If SSL compatibility is somewhat broken with some mail clients you
workaround options should enable the bug workaround options. Particularly we are talking
                   about Eudora and The Bat!
SMTP - Enable      E-Mail message is ended by ".”. However, some scripts aren't written


VisNetic MailServer Administrator Guide                                               90
LF.LF message         according to RFC and generated messages are ended incorrectly by
ending                "LF.LF". You should enable this option if you have problem with non-
                      delivered messages from your script. Particularly we are talking about
                      Perl or Cold Fusion.
Service ID            Service ID feature is useful for load balanced installations. Specified ID
                      will be used as a prefix for messages filenames.
Enable Change         If enabled, lets you change user’s passwords over the POP3 protocol.
Password Protocol


7.5.6 Service Settings – Misc Outlook 2002/XP Bug Work Around

Outlook 2002/XP has improperly implemented the multithreaded POP3 protocol service.
This bug can cause problems with reading email from the high-performance
multithreaded servers (like VisNetic MailServer).

The only way to fix this bug is to slow down VMS protocol response.

In most cases the 10 ms works just fine, but you may need to increase this value slightly.




VisNetic MailServer Administrator Guide                                                 91
Chapter 8


Server Professional Tab


8.0 Server Professional Tab
The PROFESSIONAL Tab is available in Trial and licensed versions of VisNetic MailServer Pro.




8.1 Professional Tab – Data Base Settings




This option lets you specify the type of the VMS DB that should be used. You can choose
from 3 different DB types:




VisNetic MailServer Administrator Guide                                                    92
Field                    Description
Standard File System     Standard DB is the same as the Standard VMS version. Users,
                         Domains and data are stored in the folders/files on the hard drive
Professional Memory File Professional Memory File System caches used accounts temporarily
System                   in memory and the speed is very high but requires a large amount of
                         RAM.

                          Memory Mode Cache

                          You can specify the cache size for the Professional Memory File
                          System, of the:

                          Account User Authentication

                          User Search

                          It can significantly speed-up processing of the users.

                          For each 1200 Accounts you should add 10 MB of the cache
                          memory.
ODBC                      ODBC lets you store and access all accounts in any DB via ODBC.
                          The DB system can be any common DB such as MS SQL, MySQL,
                          Oracle, MS Access, InterBase, Postgre, Informix or any other.

                          The only Users and Domains parameters are stored in the tables via
                          ODBC. The data (mails) are stored in the files.

                          VMS is DATA - DRIVEN when the ODBC mode is used. You can
                          ADD/CHANGE user data only by submitting the proper SQL
                          command.

                          This mode is also very important for the load balanced installations,
                          when the domains/users data are stored in the SQL Server tables
                          shared by the all VMS installations

                          Connection string contains all needed information to connect and
                          communicate with a DB:

                          DSN;username;password

                          Eg.: mailserver;sa;sapass

                          Always use the Test Connection button to find out the connection


VisNetic MailServer Administrator Guide                                                93
                           string is constructed properly.

                           Sometimes you might need to tell the DB ODBC engine not to use
                           the ODBC Cursors or to use Magic Quotes (for MySQL). You have
                           to create the DB.INI file in the VisNetic MailServer directory. It has
                           the following structure:

                           MagicQuotes=1

                           ODBCCursors=0

                           OracleSyntax=0

                           Note: MySQL users should use myODBC 3.51

                           Before using the server you need to create the table’s structure in the
                           DSN first. Use the Create Tables button.

ODBC Settings step by step:

1. Create a System DSN in the ODBC Data Sources to connect to your DB.

2. Create the proper Connection string in the DB settings of VMS. Check with the Test
Connection button.

3. Save the settings.

4. Click the Create Tables button.

5. If successful you can import the previous VMS users by clicking the Convert To
ODBC button.

6. Press F5 to reload and you are ready to go.

Please use the Conversion buttons with caution. Conversion must be done only once to an
empty DB or empty VMS File System.

8.2 Professional Tab – ODBC Logging




You can set the logging system so it inserts log into any DB system using ODBC. Set the
connection string and create the tables. Warning! The each server protocols operation is
one line in the table. Use this logging carefully, on the high-volume servers can became
the Log table very big.


VisNetic MailServer Administrator Guide                                                  94
8.3 Professional Tab – LDAP




LDAP is an acronym for Lightweight Directory Access Protocol.

LDAP lets you "locate organizations, individuals, and other resources such as files and
devices in a network, whether on the Internet or on a corporate intranet," and whether or
not you know the domain name, IP address, or geographic whereabouts.

An LDAP directory can be distributed among many servers on a network, then replicated
and synchronized regularly. An LDAP server is also known as a Directory System Agent
(DSA).

LDAP was developed at the University of Michigan; its "lightweight" in contrast to DAP,
a part of the older X.500 direct protocol for networks.

VMS implementation of the LDAP is based on the OpenLDAP Project at
http://www.openldap.org/, extended with SSL support and is available in VisNetic
MailServer Professional only. The whole LDAP server is installed and configured
automatically during the VMS installation and includes also proper configuration for
Netscape Messenger and Outlook Express (schemas).

8.3.1 Professional Tab – LDAP Architecture

LDAP utilizes Client-Server Architecture.

LDAP Server is installed together with your VisNetic MailServer Professional and
resides in the folder VisNetic MailServer\LDAP\

LDAP Client is usually your email client, or other application. Many current email
clients, including Microsoft Outlook, Eudora, and Netscape Communicator are able to
access this LDAP Server.

8.3.2 Professional Tab – LDAP Server

VisNetic MailServer Professional supports LDAP v3 and is based on the OpenLDAP
project. Any additional information can be found on that site. See the license agreement
in the LDAP\readme.txt file.

Once installed you can start the LDAP server and it will be ready and working. It has its
suffix already created so you can go on with creating new entries immediately.




VisNetic MailServer Administrator Guide                                                 95
LDAP runs under the Control service and works only on Windows NT and higher
(NT,2000,XP) platforms. It does not support Windows ME,95,98.

LDAP setting files can be found in the VisNetic MailServer\LDAP directory and follows
the OpenLDAP project.

To activate LDAP you must have the Professional version of VisNetic MailServer and
have VMS running on Windows NT platforms. Click Active and Save. LDAP server will
start immediately.

When started you can see it is really running in the System tab where it has to say
"LDAP" under the control service.

You can also change the LDAP ports. LDAP in VMS supports SSL so you can connect to
the LDAP over a secure connection using the certificates installed on VMS. Same
certificates as for HTTP and other services will be used.

The Reload button will make sure to restart the LDAP server so it reloads all of the
LDAP setting files. This is mostly handy when changing the schemes or slapd.conf file so
you do not have to restart the Control service manually by stopping and starting it. You
just press the Reload button. Make always sure to check the LDAP running status. If you
do any errors in the settings the LDAP server will not start.

8.3.3 Professional Tab – LDAP Configuration

VisNetic MailServer LDAP will let you immediately add, modify, delete and search
records on LDAP.

The main settings are done in the file LDAP\slapd.conf. The file looks like this:

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 20:00:31 kurt Exp $

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include schema/core.schema

include schema/inetorgperson.schema

# Define global ACLs to disable default read access.



VisNetic MailServer Administrator Guide                                               96
# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral ldap://root.openldap.org

#pidfile slapd.pid

#argsfile slapd.args

# Load dynamic backend modules:

# modulepath %MODULEDIR%

# moduleload back_ldap.la

# moduleload back_ldbm.la

# moduleload back_passwd.la

# moduleload back_shell.la

#

# Sample Access Control

# Allow read access of root DSE

# Allow self write access

# Allow authenticated users read access

# Allow anonymous users to authenticate

#

#access to dn="" by * read

#access to *

# by self write

# by users read

# by anonymous auth



VisNetic MailServer Administrator Guide                              97
#

# if no access controls are present, the default is:

# Allow read by all

#

# rootdn can always write!

#######################################################################

# ldbm database definitions

#######################################################################

database ldbm

suffix "dc=root"

rootdn "cn=admin,dc=root"

# Cleartext passwords, especially for the rootdn, should

# be avoid. See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

rootpw admin

# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd/tools. Mode 700 recommended.

directory ldbm

# Indices to maintain

index objectClass eq

Include

This item lets you include additional schema definitions. All schema definitions are
located in the LDAP\Schema directory. You can create your own definitions and edit the
existing. Make sure to follow the creation rules otherwise LDAP will not start. If you are



VisNetic MailServer Administrator Guide                                                 98
a beginner use always the existing schema definitions. Includes are used on multiple
lines. Please, see the Schema paragraph below.

Suffix

This item identifies the suffix you will use the LDAP server under. All client connections
will have to use this suffix. All DB records are also under this suffix so when you change
the suffix you need to create the new records again under the suffix. Usually the suffix is
like your domain name.

suffix "dc=deerfield,dc=com"

We wanted you to be able to use the LDAP right always so we created the suffix

suffix "dc=root"

Rootdn

This item identifies the administrator user of LDAP that does not need to exist in LDAP
and still perform any actions like add, edit and delete records. It always has to contain the
suffix at the end. The default is.

rootdn "cn=admin,dc=root"

rootpw

This item contains the password for rootdn the administrator account in LDAP.

The rest of the slapd.conf lets you perform additional changes. Make sure you do not
change them unless you know what you are doing. Any additional information can be
found at http://www.openldap.org/.

8.3.4 Professional Tab – LDAP Shared Address Book

The users of the VisNetic MailServer can be automatically synchronized with the LDAP
Server. The workstation clients (Outlook, Netscape Messenger, etc.) can be configured to
read email addresses from the LDAP Server. By the using LDAP synchronization you
can have Shared Address Book now.

To use this feature:

        Enable the Shared Address Book feature:




VisNetic MailServer Administrator Guide                                                   99
      Press the button Complete User Synchronization - it will convert all existing
       VMS users - except ones defined in the bypass file.


To create/edit bypass file press the    button. Enter the domains and users, which will
be NOT synchronized there.

If you want to see the accounts converted to the LDAP Server, use a free LDAP Browser,
one which can be downloaded from:

http://www.softerra.com/download/download.php

The commercial version - LDAP Administrator can even modify/add new contacts at the
LDAP Server.

VMS accounts are by default stored to the location given by the suffix of the slapd.conf. -
to the root. You can specify another location for the VMS accounts in the user suffix,
however keep in mind, that you have to specify the folder for the user suffix prior its
usage.

The user suffix can contain the variable %s. The %s will be replaced with the domain
name. If you will use it in the path, you can easy separate storage by domains.

Example:

usersufix o=user%

8.3.5 Professional Tab – Using LDAP

Adding, modifying and deleting records on LDAP can be done using different LDAP
tools. We recommend using LDAP Administrator from Softera
(http://www.softerra.com/)" which is a shareware and can be downloaded from. It has a
nice windows-like explorer interface and works properly.

All mail clients supporting LDAP allow you to search records on LDAP servers. Some
mail clients have a better LDAP implementation and searching is smooth and some are
cumbersome and hardly to use.

Configuring Netscape Messenger

Configuring Netscape Messenger to use LDAP servers is easy and is done in the Address
Book area. Click File and New Directory.




VisNetic MailServer Administrator Guide                                                100
Description can be anything you would like to see in the Address Book. Server needs to
be the IP or the host name of the LDAP server. Search root is the suffix or desired root
you want. Leave the port numbers default. You can use the secure SSL connections if
needed. Configuring is done.
To search the directory. Click the directory and press Search. A dialog will appear.




Press search and a list of items will appear in the directory listing. Netscape messenger
has really a nice way of using LDAP. The list and the search are cached and next time
you open the directory last search results will be present.

Configuring Outlook Express

Outlook Express has slightly less support of LDAP. Each time you want to use it you
have to perform a search and select the directory you want to search. To configure
Outlook Express to use LDAP you have to do this. Select the Tools - Accounts -
Directory Service and click Add Directory Service.




VisNetic MailServer Administrator Guide                                                 101
Searching in Outlook is a bit too complicated. You have to open the Address Book and in
the Edit menu item use the Find Persons item. Select the LDAP directory and fill in the
desired search conditions. Click Search.

8.3.6 Professional Tab – LDAP Tools

There are some tools in the LDAP directory that help to administer LDAP DB. The tools
have the same parameters as the tools of the OpenLDAP project.

Slapadd

Slapadd lets you add records to LDAP DB using the LDIF format. You can see an
example in the LDAP directory. The 2 files create.ldif and create.bat this batch file
creates the suffix in the LDAP DB using the slapadd tool. Similarly you can add more
records by editing the create.ldif file. Syntax of the LDIF format can be found on the
Internet.

Schema

The LDAP schema, as with all database schemas, is the definition of what can be stored
in the directory. The basic thing in an entry is an attribute, like givenName. Each attribute
is associated with a syntax that determines what can be stored in that attribute (plain text,
binary data, encoded data of some sort), and how searches against them work (case
sensitivity, for example). An objectclass is a three-tuple, consisting of (must have,
required, may have), saying what other attributes can or should be present.



VisNetic MailServer Administrator Guide                                                  102
There is a standard core of schema definitions (object classes, attributes and syntaxes),
and you can define your own to suit your particular needs. Most every organization will
want to do that.

The best resource for information is where you can browse object classes, attributes,
syntaxes and matching rules.

Additional Resources Include:

      LDAP Zone http://www.ldapzone.com/
      ldapman.org http://www.ldapman.org/ has some great introductory articles.
      The LDAP Schema Repository http://ldap.akbkhome.com/ is indispensable for
       figuring out what to stuff in there and how.
      A System Administrator's View of LDAP
       http://people.netscape.com/bjm/whyLDAP.html by Bruce Markey from Netscape
       is a very clear introduction to our use of it (note how his layout style resembles
       ours :-P).
      Jeff Hodge's LDAP roadmap and faq
       http://www.kingsmountain.com/LDAPRoadmap/ which seems to be the
       authoritative guide to links. Unfortunately, it's so badly organized that it's almost
       not worth it. Beware that this guy is way confused about "versioning" his web
       site, so you may very well find yourself reading something out-of-date by more
       than a year! Check the "Last updated" on top of the page and try the other
       versions.
      The Yahoo! category
       http://dir.yahoo.com/Computers_and_Internet/Communications_and_Networking/
       Protocols/LDAP__Lightweight_Directory_Access_Protocol_/ has fine links.
      Here's something about the Abstract Syntax Notation
       http://www.techapps.co.uk/asn1gloss.html used in specifying the protocol.
      Here's something about the Basic Encoding Rules
       http://renoir.vill.edu/~cassel/netbook/ber/node1.html defining what the protocol
       looks like on the wire.
      More about BER, this time LDAP-specific
       http://users.neca.com/vmis/berldap.htm

8.4 Professional Tab – Remote Server Watchdog

VisNetic MailServer lets you monitor other remote servers and their specific services.
You need to specify the host and the port and the schedule. Once the server is down you
will be notified by a server generated email message containing the server name and the
time of the possible breakdown.

Each watchdog record can have a different notification email address and different
unreachable time if filled.




VisNetic MailServer Administrator Guide                                                 103
Field                   Description
Active                  Specifies the server watchdog feature is enabled.
Report To Email Address All server generated email messages will be sent to this email address
                        or addresses. This item can be left empty for the watchdog item. In
                        this case the default global one will be used.
Server is Down When     Sometimes it is desirable to consider the server being down for more
Unreachable for More    than number of minutes. Specify the number of minutes. Only then
                        the server will report the state of the server being down. This item can
                        be left empty for the watchdog item. In this case the default global
                        one will be used.
Notify when Server is   If the server was unreachable and VMS finds it back online then a
Back Online             notification will be sent to the email address containing the total down
                        time.
Send String             String that would be send to server on defined port. Example: "GET"
                        for retrieve an response from webserver.
Result Reg Ex           Regular expression that describes correct remote server response.



8.5 Professional Tab – Multiple CPU Support

Specifies that all CPUs will be used on multi CPU machines. Otherwise only the first one
will be used.




VisNetic MailServer Administrator Guide                                              104
8.6 Professional Tab – Task Schedule




Task Schedule is a feature that lets you execute any application or associated program at
any given time using the schedule. Each task has a different schedule and you can run
any application with any parameters.




This feature can be mainly used for automated daily reports of any kind.

If you will check the option Send Email Message, you can define simple email message,
which can be send to some email address at pre-defined time.

Click on the button Message... to specify the email.

8.7 Professional Tab – TCP/IP Tunnel




This feature allows you to create several TCP/IP tunnels. Tunnel is in fact TCP/IP
gateway listening on a specified port and forwarding all TCP/IP datagrams to a
destination address and port in both directions.

Format of this file is following:

<[Listening IP]:Port>,<[Destination IP]:Port>,<Rights>

<[Listening IP]:Port> - IP:Port / :Port
<Destination IP:Port> - IP:Port
<Rights> - 1:<IP>;0:<IP>;1:<IP>;.. (1 - Allow, 0 - Reject)



VisNetic MailServer Administrator Guide                                               105
Example:5000,gate.deerfield.com:80

Listens on all interfaces on port 5000 and sends data to gate.deerfield.com port 80

127.0.0.1:5001,194.213.224.2:25,1:192.*.*.*

Listens on IP 127.0.0.1 port 5001 and sends all data to 194.213.224.24 port 25 only for
connections from 192.*.*.*




VisNetic MailServer Administrator Guide                                               106
Chapter 9


Server Options Tab


9.1 Options




9.2 Options - Logging




If you are using Server Monitor for viewing the individual sessions, the Logging for the protocol


VisNetic MailServer Administrator Guide                                               107
you are studying have to be set to the Debug or Debug & Summary Logging
Field           Description
Logging Levels No Logging

                The logging is switched off.

                Debug Logging

                The most detailed logging will be used showing all service traffics.

                Summary Logging

                A summary logging is simply the most important information to be logged and
                also the summary of the whole action for the service. In other words what
                would take few lines for the Debug logging here it would take a single line with
                more information.

                Debug & Summary Logging

              Both Debug and Summary logging will be used.
Logging Cache 0 specifies no cache. Otherwise a log cache is specified in KB. Logs are kept in
              memory and flushed to disk when the cache has been exceeded.
Delete Logs   If logging is enabled it is usual to keep the number of log files to a manageable
Older Than    limit. The 'Delete logs older than:' setting will delete old log files after the set
              number of days has passed.
Output Debug If the 'Output Debug String' is checked, whenever a log is switched the
String        Windows API function OutputDebugString will be called with the event log
              value. This is useful for online monitoring of the services and it can be done
              remotely. In order to use this option, you have to have a tool that will display
              these messages, like the

                http://www.sysinternals.com

                Do not forget to switch on the option for CRLF Returns in the tool. Otherwise,
                it will not display the messages.




VisNetic MailServer Administrator Guide                                                 108
9.3 Options – Other Options




Most of the text and configuration files can contain comments which is signaled by the
"//" 2 slash characters.

Field           Description
Login With    If you have a large number of domains and users it is advisable to use this
Email Address option. If you do, then enabling this option reduces mail authentication and
              login time - VMS is able to find the domain faster as is specified inside by the
              email address. Basically a performance option for large sites. If you do not
              specify the domain name the primary domain will be used by default.
Convert % To This option is for administrators who use full email addresses as usernames and
@             Netscape and Mac users who cannot use @ in the login name. With this option
              enabled Netscape and Macintosh users can login as name%domain.com and the
              authentication engine will convert this to name@domain.com
Atomic Clock This option lets you to synchronize the server clock from the world's time
Sync          servers using the Daytime protocol. It is synchronized when enabled this option
              and after midnight every day. Time Zones are considered.

              You can also define your own Daytime servers and time zones.
Use SMTP      This is the text that will be displayed whenever a client contacts the server to
Policy Banner send mail. Using the edit button will bring up the text editor, enter some text
              then close the window and either save or discard your changes.

                NB You may have to stop the SMTP service to enable editing. Here is an
                example. All the text beginning with the line of asterisks was entered.

                220-mail.domain.com ESMTP VisNetic MailServer 2.10.350; Sun, 22 Oct 2000
                14:32:28 +0100
                220-*********************************************************************
                220-* Secure Mail Server *
                220-* *




VisNetic MailServer Administrator Guide                                               109
                 220-* All connections are logged! *
                 220-* This server employs AntiVirus and antispam technology *
                 220 *********************************************************************
Use             This file is filter for the name of the server that is specified during the
HELO/HELO       HELO/EHLO command in a SMTP session so you can easily block some
Host Filter     servers without knowing their IP.
Server Title    When connecting to VMS it gives the response above including version on the
                first line. Sometimes you want to put a different text value there so nobody
                knows it is VMS. Create a file called config\servertitle.dat and edit the first line
                to match the VMS name you want.
Protocol Policy This file specifies several protocol policy settings. The policies reflect all
                services.

                 AUTH Policy

                 You can either leave this value empty and the default values (all AUTH
                 schemes) will be used. Sometimes you might need to disable some schemes or
                 change their order. Use the syntax as below.

                 AUTH=NTLM CRAM-MD5 LOGIN PLAIN

                 Example: AUTH=CRAM-MD5 LOGIN PLAIN

              The NTLM Authentication is by default DISABLED. Use it carefully, since it
              can cause authentication problems in some Outlook versions (Microsoft
              implementation issue).
Convert From: VMS lets you to change the domain name of the originator recipient. When
Header        sending a message this option converts the domain name to the new one
              specified in this file config\headerconvert.dat. The structure of the file:

                 {olddomain}={newdomain}
                 {olddomain}={newdomain}

                 E.g.: vmsmail.com=deerfield.com

                 usa.net=netaddress.com
SSL - IP         This file lets you specify other than the default certificate for SSL server
Addresses        connections.
Certificates
                 The default certificate is kept in the file cert.pem. You can edit it and use your
                 own certificate.

                 You can also have multiple SSL certificates on one system. Each certificate can
                 be used for a different IP address.



VisNetic MailServer Administrator Guide                                                      110
                 Syntax & Example:EXAMPLE

                 [Server]

                 193.179.195.74=c:\certificates\deerfieldcert.pem

                 193.179.195.75=c:\certificates\vmscert.pem
WebServer        The integrated web server engine is controlled via these settings. Webmail
Service          engine is used for the Web Mail and Web Admin access and i running under
Settings         Control Service.

                 All settings are stored in the file /VisNetic
                 MailServer/Config/WebServer.CFG To edit this file press the EDIT button
                    or use any plain text editor. Parameters descriptions are located in the
                 section Advanced Web Mail Settings.

               This web server engine supports html and PHP and can be used for regular PHP
               based web sites too.
Hide Systray This option specifies that the systray icons should not be visible in the
Icons          Windows 9X environment for the selected services.
Auto Start     Auto start checkbox has the effect of starting the service automatically on
               machine boot. (This functionality is standard using Windows NT/2000
               Services, Auto start is necessary only for the W9X)
Message String Lets you customize all default system messages (delivery notifications, server
Translation    lists or mailing list messages etc.).



9.3 Options – User Statistics
Activating User Statistics enables the server to log all user activity. For each user it will
record the size and number of received and sent. It will even log the activity of unknown
and external users.




The user statistics logs can be exported by using the User Statistics Logs button. The
From and To fields indicates the timescale over which to obtain log entries. The Filter


VisNetic MailServer Administrator Guide                                                   111
indicates multiple filters separated by commas. You can enter here email addresses or
domains:
info@deerfield.com;vmsdemo.com
The format of the use statistics log file is following:
Domain,Alias,Received,Received_Amount,Sent,Sent_Amount,SentOut,Amount_SentOut
,Last Sent,Last Received,Last Login
Amounts are in bytes. You can import this file to any database or system analysis tool.
The line before the last line of the log file contains statistics for external, unknown users
and messages self created. Last line contains the summary.
To log a particular service, just select the logging type you need. Debug logging level is
recommended for SMTP.
The filename of the log files are of the format SYYYYMMDD.log
S = Service type (S)MTP, (P)OP/IMAP or (C)ontrol or (E)rror
YYYY = Year example 2000
MM = Month example 10
DD = Day example 23
So P20001023 would be the POP3/IMAP4 log for 23rd Oct 2000.

9.4 Options – Data Storage Directories




The directories section specifies where VisNetic MailServer creates various files. The
directories need not be created in advance VMS will create all directories as required.
Also, the file path.cfg (in the VisNetic MailServer directory) can be edited when needed -
first line specifies where the Config directory is and the second line specifies where the
HTML directory is (for remote web admin).

Field     Description
Mail      Specifies a default directory under which the user's mailboxes will be created. For
Path      example, if we had a user called admin in the domain of vmsdemo.com then the
          default directory for the admin users' inbox would be c:\deerfield.com\visnetic
          mailserver\mail\vmsdemo.com\admin. This directory also contains the Outgoing


VisNetic MailServer Administrator Guide                                                   112
         queue folder which is called Forward. This folder holds all messages to be sent out. If
         this directory contains undelivered messages it is likely something is wrong with your
         internet or configuration options.
Temp     The Temp area is used to receive mail as it comes in. After the mail has been received
Path     by VMS it is copied into the correct mailbox (or mailboxes!) and then removed from
         the Temp area. This directory is automatically cleared when VMS starts up.
Log Path Defines which directory log files are created in. These will be the
         SMTP/POP3/IMAP4 and Control log files. Log files can be viewed from the Web
         Admin or the Configuration program.



9.5 Options – Proxy Server
VisNetic MailServer has a built in Proxy Serve. Configure your web browser to use
proxies then enable the proxy server by activating it on the General tab. The proxy server
host name will be the VisNetic MailServer machine's host name or IP. The port is the
same as control server is running on (default 32000).




VisNetic MailServer Administrator Guide                                               113
9.5.1 Options – Proxy Server / General Settings
To monitor activity on the Proxy Server you can enable Logging features.




If your ISP has utilizes a Proxy Server you can specify it as "Parent". This setting can
increase the speed of the browsing, however may also cause problems on some bad
designed database driven web sites - you can get "old data" while providing SQL
Requests.
Authentication
You can also specify special users that are allowed to use the proxy server when they
authenticate. These users are not VMS Account users. They are all new users you need to
define in the Users field.




Example:
user1:pass1
user2:pass2
When no filters are used and you require authentication all users must authenticate before
accessing any URL. If you create filters then specifically allowed users do not have to
authenticate and users specifically denied cannot authenticate.



VisNetic MailServer Administrator Guide                                                    114
Filters
Filter proxy filter file can contain a URL, Hostname, IP address or Port. Example:
1:http://www.adult.com
1:www.deerfield.com
0-191.*.*.*
193-255*.*.*
192.168.0.10
:0-79
:81-65535
Proxy Tunnel Filter file is for SSL access. In that case the proxy server does not know
the URL only IPs, Ports and Hostnames ale allowed in the filter file.

9.5.2 Options – Proxy Server / AntiVirus Settings
VisNetic MailServer’s Proxy Server has a very good proxy Antivirus. It requires the
Deerfield Integrated Antivirus. Once enabled all downloaded files will be scanned for
viruses.
Memory scanning mode holds all bytes received up to the limit. The file is scanned and if
no viruses are present the file is sent to the browser. If a virus is found an error page will
be sent to the browser.
Large file scanning mode sends the percentage of the size to the browser and the rest of
the file is not sent. Once the whole file is received by the proxy server it is scanned and
either sent to the browser with the correct content or all zero data when infected. Infected
files will be corrupt.
Bypass types lets you specify extensions not to be scanned.

9.6 Options – Header / Footer

Click on the "Active" checkbox




And then use the "Header/Footer" button to bring up setup dialog.




VisNetic MailServer Administrator Guide                                                   115
This option inserts headers and footers into messages automatically.

You can specify a header, footer or both. This option works together with the file
tags.dat (in the Config subdirectory) which can be opened for editing using the edit
button. Placing tags.dat in the domain config directory overrides the global settings.

If you do not wish to use a header or footer, leave the corresponding line blank. Only
plain/text files can be used. You can specify for what messages the header/footer should
be added by the checkboxes in the Header/Footer dialog.

       Local To Local - The sender is local and recipient is local
       Remote To Local - The sender is remote and recipient is local
       Local To Remote - The sender is local and recipient is remote
       Remote To Remote - The sender is remote and recipient is remote

9.7 Options – Disk Space Monitor




Field               Description
Monitor Active      Check the 'Monitor Active' checkbox to enable the Disk Space Monitor.
                    VMS can monitor all of your HDs free disk space and can alert you by
                    sending a message to your email address.
Minimal Disk        Enter a figure (in Megabytes) into this field which will be used as a
Space               threshold. When available disk space falls below this figure a warning will
                    be sent.
Report Address      This is the email address that the warning report will be sent to. Multiple
                    email addresses delimited by a semicolon can be specified.

You can also use the diskspace.dat file for more disks to monitor:

C=400

D=800

If the threshold is reached a warning mail will be sent out similar to below:

From: Mail Delivery Subsystem [MAILER-DAEMON@deerfield.com]

Sent: 23 October 2000 21:31

To: admin@deerfield.com




VisNetic MailServer Administrator Guide                                                  116
Subject: Warning: system report

Warning: system report

Disk Space Monitor has detected low disk space on drive D: 410 MBytes

9.8 Options – Auto Archive

Clicking in the "Active" checkbox then "Auto Archive" brings up the dialog below.
button.




Field           Description
Active          The Auto Archive option enables archiving all messages delivered to the
                server. SMTP and IMAP delivery is considered.
Archive Path    Specifies the directory where the archive will be placed.

                Similarly as the Mail directory is maintained another Archive directory will be
                created and all messages will be mirrored online from the Mail directory. You
                can easily browse thru the Archive directory and get messages even deleted.

                If you will specify non-existing folders, they will be created automatically when
                first archive event will happen.

                Example: If you will receive at your server mails for the domain
                vmsdemo.com and user admin, they will be archived to the folders:

                C:\data\mailarchive\vmsdemo.com\user\

                Currently the Archive does not get cleared so be careful not to exceed your HD.
Archive         By default only the local incoming messages are archived. By checking this
Outgoing        option all outgoing messages will be archived in the Outgoing folder.
Messages
                Example: The mails send from the server with the archive path above will be
                saved to the folder:

                C:\data\mailarchive\outgoing\


VisNetic MailServer Administrator Guide                                               117
Sequential Auto Archive

Use Sequential Auto Archive, if you want to separate archived mails for each year, day,
hour, etc. To get this functionality add string of the variables below, anywhere to the
archive path.

String with variables must be delimited by the double quotes.

The path as:




will create the archive folders depending on the actual year, date and month as:

C:\data\20030327-mailarchive\ for 27th. Of March 2003

C:\data\20030328-mailarchive\ for 28th. OF March 2003, etc.

Variable                  Description
YYYY                      Year of the actual date
MM                        Month of the actual date (01 - 12)
DD                        Day of the actual date (01 - 31)
HH                        Hour of the actual time in 24 format
NN                        Minute of the actual time (00-59)
SS                        Second of the actual time (00 - 59)



9.9 Options – Auto Backup

Use Backup and Sequential features if you want to backup under different name and in
set time.




VisNetic MailServer Administrator Guide                                              118
To get Sequential functionality add string of the variables below, anywhere to the backup
file name. Variables must be delimited by double quotes.

The file name below will create the backup file as:




20040219vms_backup.mcb at the 19th. Of February 2004, however the next day will be
created the new file 20040220vms_backup.mcb

Variable                  Description
YYYY                      Year of the actual date
MM                        Month of the actual date (01 - 12)
DD                        Day of the actual date (01 - 31)
HH                        Hour of the actual time in 24 format
NN                        Minutes of the actual time
SS                        Second of the actual time (00 - 59)

Configuration Restore

Choosing the Restore option will prompt you for a file containing backed up data. Once a
file is chosen and opened, the configuration will be restored. Use this option carefully in
order to prevent overwriting your config with an old version.




VisNetic MailServer Administrator Guide                                                119
Chapter 10


Server Security Tab




10.1 Security – Content Filter

Just click on the "Active" checkbox and then use the "Content Filter" button to bring up
setup dialog.




VisNetic MailServer Administrator Guide                                               120
VisNetic MailServer has a very powerful and intuitive content filter tool which allows a
whole host of functionality based on message content. Messages can be forwarded,
trashed, rejected or allowed, or programs/DLL's can be executed. You can even create a
filter for attachments and use layman’s logic. Filters are issued for all messages passing
thru VMS (incoming and outgoing).

The B Button is used for by-passing the Content Filter for specified hostnames or IP
addresses. Activate the filter and Click the Content Filter to edit filters.




The check box on the left enabled or disables the particular filters. You can
add/edit/delete filters and you can also move the filters up and down using the arrow
buttons.

You can import other content filters from a XML file or you can simply export your
content filters to a XML file and share it.




VisNetic MailServer Administrator Guide                                                 121
10.1.1 Security – Content Filter / Editing




This window specifies the whole content filter item.

Field         Description
Conditions    This checkbox list contains all conditions you can use to filter messages. You
              simply click the checkbox and the condition will be added to your filter. To add
              more conditions of the same type use double-clicking on the condition item.

              When added to the description window some conditions might have links you
              need to click to specify the proper information.

              Attachment

              Specifies the whole name of the attachment in the message.

              Sender & Recipient

              Specify the real sender and recipient as in the SMTP session MAIL FROM and
              RCPT TO.

              Message & Body

              Message specifies the whole message decoded including the MIME headers and



VisNetic MailServer Administrator Guide                                              122
             attachments. Body is only the main message part.

             Custom Header

             Lets you specify your own message MIME header. You have to type in the Text
             field exactly the same string as in the message itself. Eg. 'X-Mailer: Web Mail'.

             Any Header

             Specifies the whole message header area.

             Message Violates RFC822




             When creating messages, some mail clients include bare LFs and thus violate
             RFC822 (http://www.faqs.org/rfcs/rfc822.html).

             A bare LF is an ASCII linefeed (LF) character not preceded by an ASCII
             carriage-return (CR) character. Every line in an Internet mail message is required
             to end with CR LF. The entire message ends with CR LF dot CR LF. RFC822
             specifically prohibits other uses of LF.

             This problem generally occurs in either new mail clients not following RFC822
             or in spam messages generated by web server applications. In such cases, some
             receiving mail clients cannot process particular messages and will hang up or
             disconnect from the mail server. These problems have been reported from
             Outlook and Eudora.

             This filter will check all incoming messages for bare LFs and will make sure it
             rejects these improperly formatted messages.

             Some mail clients are incorrectly ending lines with LF and, in most cases, ending
             the entire message with LF dot LF. That's not CR LF dot CR LF, so most of the
             servers will sit there waiting for the rest of the message. After a while it will give
             up and drop the connection. Your mail doesn't get through.

             In some cases, the problem goes unnoticed since some mail servers convert a
             bare LF into CR LF, and accept LF dot LF as the end of a mail message. This
             behavior is specifically prohibited by RFC821, though, so a filter such as this one


VisNetic MailServer Administrator Guide                                                 123
             will alert the sender to the problem when the receiving mail server follows the
             rules set forth by RFC standards.
Actions      Contains the whole list of all actions you can use on filtered messages. By
             checking and un-checking the checkbox the action will be added or removed
             from the description.




             Some actions have a link you need to click to specify the proper information.

             Reject/Accept/Delete

             Specifies the message mode the server should perform.

             Delete seems like the message was received but is deleted and not delivered.

             Stop content filter processing

             No other filters will be processed.

             Forward to email address

             You can forward the message as been received to any email address.

             Copy to email address

             You can copy the message after changes to any email address.

             Respond with message

             Specifies the responder to the message. All system variables %% are supported.

             Send message

             You can send a custom email message. All system variables %% are supported.




VisNetic MailServer Administrator Guide                                             124
             Execute application

             VMS can execute any application or DLL.

             Edit message header

             You can change headers of the message as you want. You can also use the
             system variables %%.

             Example:

             Change Header:

             Subject: [SPAM] %%Subject%%

             Add header/footer

             A header or footer can be added to the message

             Strip all attachments

             All attachments can be stripped off.

             Extract Attachments to Directory

             The attachments of the message will be extracted to the specified directory.

             If you will check the option Extract Data Packages - the specially compressed file
             PACKAGE.IDP will be extracted to the specified directory.

             The PACKAGE.IDP can be created with the Catalog Account features, or by the
             using free utility IDP.EXE.

             The VMS configuration backup file (.MCB) is compressed by the same way and
             for the decompression this content filter action can be used for the automated
             decompression.

             Add text to a file

             You can append text to any text file on your system. All variables are supported.
             This option is primarily used for an auto subscription mailing lists, auto white list
             and spam filters.

             Respond with SMTP Message Text




VisNetic MailServer Administrator Guide                                                125
               The original SMTP Message Text will be replaced with this one.


Description    This area specifies the whole filter together. You can click the link properties to
               specify the desired values.

               When browsing thru conditions the arrow buttons on the top will change to
               enabled and disabled states. By these buttons you can move particular conditions
               up and down.

               You can also use the Delete button to remove a condition. This is specifically
               handy for multiple conditions of the same type.

               There are also bracket buttons. When these are used you can create complex
               boolean conditions.

               Example:

               ((Subject Contains Hello And Sender Jakub) Or (Subject Contains Bye And
               Sender John)) Or Subject Contains Bye
Title          Specifies the title of the content filter. This title will be also displayed in the
               SMTP session when rejected a message.



10.1.2 Security – Content Filter / String Condition

Conditions specify multiple filter criteria. Each filter relate to a following and previous
filter with a boolean operator And, Or. You can have as many filters as you want.

To specify the action and condition properties click the link in the description area. All
property dialogs are very intuitive. The one that needs more explanation is the String
Condition




Field                 Description
Function              Specifies the function to perform on string matching.

                      Contains List



VisNetic MailServer Administrator Guide                                                     126
                   Will try to match separate strings from the String area. Strings are
                   separated with semi-colons.

                   Contains

                   Tries to match the string.

                   RegEx

                   Uses the GNU Regular Expression. VMS automatically converts all
                   message strings to lowercase so use the RegEx with lower case. The String
                   area will not be converted to lower case.

                   Example:

                   (!){4,}$

                   Tries to match 4 or more "!" at the end of the tested string.

                   ^$

                   Tries to match an empty string

                   See the RegEx Basic Tutorial after this section

                   Starts With

                   Starts with the specified string

                   End With

                   Ends with the specified string

                   Is String

                   Equals to the specified string
Not                Negates the whole function logics.
String             Specifies a value of the string to be matched.
Case Sensitivity   When unchecked all strings and expressions are converted to lower case.
                   After that all string functions are processed. You do not have to worry
                   about the case then. For the RegEx filter the RegEx expression is not
                   converted to lower case, only the text to be searched. When checked the
                   strings are checked as they are. No conversions performed.
Parse XML          This option lets you make string queries against HTML messages so all
                   HTML tags will be removed and entities will be converted to characters


VisNetic MailServer Administrator Guide                                              127
                          during the comparison

                          Example:

                          He<!dummy>llo brother, this is &#070or you;

                          When switched this option on the compared string in the case above would
                          be:

                          Hello brother, this is For you



10.1.3 Security – Content Filter / Basic RegEx Tutorial

First of all, let's take a look at two special symbols: '^' and '$'. They indicate the start and
end of a string, respectively, like:

"^The"              matches any string that starts with "The"
"of despair$"       matches a string that ends in the substring "of despair"
"^abc$"             a string that starts and ends with "abc" -- that could only be "abc" itself!
"notice"            a string that has the text "notice" in it.

You can see that if you don't use either of the two characters we mentioned, as in the last
example, you're saying that the pattern may occur anywhere inside the string -- you're not
"hooking" it to any of the edges.

'*', '+', and '?'

There are also the symbols '*', '+', and '?', which denote the number of times a character
or a sequence of characters may occur. What they mean is: "zero or more", "one or
more", and "zero or one." Here are some examples:

"ab*"               matches a string that has an a followed by zero or more b's ("a", "ab", "abbb",
                    etc.)
"ab+"               same, but there's at least one b ("ab", "abbb", etc.)
"ab?"               there might be a b or not
"a?b+$"             a possible a followed by one or more b's ending a string

Braces { }

You can also use bounds, which come inside braces and indicate ranges in the number of
occurrences:



VisNetic MailServer Administrator Guide                                                        128
"ab{2}"           matches a string that has an a followed by exactly two b's ("abb")
"ab{2,}"          there are at least two b's ("abb", "abbbb", etc.)
"ab{3,5}"         from three to five b's ("abbb", "abbbb", or "abbbbb")

Note that you must always specify the first number of a range (i.e, "{0,2}", not "{,2}").
Also, as you might have noticed, the symbols '*', '+', and '?' have the same effect as using
the bounds "{0,}", "{1,}", and "{0,1}", respectively.

Now, to quantify a sequence of characters, put them inside parentheses:

"a(bc)*"     matches a string that has an a followed by zero or more copies of the sequence
             "bc"
"a(bc){1,5}" one through five copies of "bc."

'|' OR operator

There's also the '|' symbol, which works as an OR operator:

"hi|hello"        matches a string that has either "hi" or "hello" in it
"(b|cd)ef"        a string that has either "bef" or "cdef"
"(a|b)*c"         a string that has a sequence of alternating a's and b's ending in a c

('.')

A period ('.') stands for any single character:

"a.[0-9]"         matches a string that has an a followed by one character and a digit
"^.{3}$"          a string with exactly 3 characters

Bracket expressions

Specify which characters are allowed in a single position of a string:

"[ab]"            matches a string that has either an a or a b (that's the same as "a|b")
"[a-d]"           a string that has lowercase letters 'a' through 'd' (that's equal to "a|b|c|d" and even
                  "[abcd]")
"^[a-zA-Z]"       a string that starts with a letter
"[0-9]%"          a string that has a single digit before a percent sign
",[a-zA-Z0-       a string that ends in a comma followed by an alphanumeric character
9]$"




VisNetic MailServer Administrator Guide                                                       129
You can also list which characters you DON'T want -- just use a '^' as the first symbol in
a bracket expression (i.e., "%[^a-zA-Z]%" matches a string with a character that is not a
letter between two percent signs).

In order to be taken literally, you must escape the characters "^.[$()|*+?{\" with a
backslash ('\'), as they have special meaning. On top of that, you must escape the
backslash character itself in PHP3 strings, so, for instance, the regular expression
"(\$|„)[0-9]+" would have the function call: ereg("(\\$|„)[0-9]+", $str) (what string does
that validate?)

Just don't forget that bracket expressions are an exception to that rule--inside them, all
special characters, including the backslash ('\'), lose their special powers (i.e., "[*\+?{}.]"
matches exactly any of the characters inside the brackets). And, as the regex man pages
tell us: "To include a literal ']' in the list, make it the first character (following a possible
'^'). To include a literal '-', make it the first or last character, or the second endpoint of a
range."

10.2 Security – Instant Anti Spam




VisNetic Instant Anti-Spam incorporates all of the known and most advanced anti-Spam
methods for identifying Spam. The total and unique solution gives you the power to
identify more than 99.5% of Spam messages with an extremely low number of false
positives.

Cutting Edge Technology:

VisNetic Instant Anti Spam merges time-tested technologies such as Content Filtering,
Anti Spam filtering and Static Filters and integrates them with our new cutting edge
Bayesian Filtering technology. Bayesian filtering technology calculates the
probability of a message being Spam but analyzing the message content. The system can
run in automated, auto-update, mode requiring no administration at all.

Sophisticated Self Learning Mode:

VisNetic Instant Anti-Spam can also run in a sophisticated "self learning" mode. This
mode allows the system to learn from mistakes by allowing users to easily teach the
system by feeding it known Spam that is received by your organization back
to the VisNetic Instant Anti-Spam System.

Hands Off Auto-Update Mode:




VisNetic MailServer Administrator Guide                                                      130
For those who do not wish to teach the system and maintain the Bayesian Spam database
you can use the Auto-Update system that will function similarly as anti virus download
new updates automatically without any user interference from our web site.

The entire VisNetic Instant Anti-spam solution is very flexible and enables you to
perform an array of actions with Spam messages. Spam messages can be:

Deleted
Reject, or;
Change their subject and place them under a Spam folder

Full Control of Spam:

The "Spam Folder" in VisNetic Instant Anti spam is a new and unique feature that allows
users to store Spam messages, on the server. Users can then browse their Spam and Inbox
folders and can move messages from one folder to the other.

Ease of Administration:

A new type of users called "Spam Administrator" is a new feature that has been
introduced which allows any user in VisNetic MailServer to monitor and maintain both
Spam and Genuine messages and teach the system to significantly improve
identification accuracy. An administrator’s basic function is to correct false positives and
make the system running properly or even more efficiently. Spam administrators use a
special instant messaging plug-in. With this IM interface a Spam Administrator
can manage the Spam database and user folders. Furthermore it allows for the creation of
your own White and Black lists which can significantly improve the systems accuracy
and achieve near-100% accuracy.

You can enable Instant Anti Spam engine by "Active" checkbox in this table. Button "B"
lets you set bypass rules for the accounts, IP addresses, domains etc. In other words the
filter will not be activated for them.




VisNetic MailServer Administrator Guide                                                  131
Instant Anti Spam configuration dialog contains of four configuration tabs and buttons
for index all spam messages in the queue and button for direct spam file settings.

Field           Description
Add Text to     Messages identified as spam will have added text prefix to the subject. The
Subject         string can contain the system variables. The default value in this field is [Spam]
Place Spam      This option enables Spam Folder support. All spam messages will be placed
Messages        under the user's spam folders. Users can then browse their spam and inbox
Under Spam      folders and correct any mistakes, create black & white lists or simply view the
Folders         content of folders. You can enable or disable particular folders in user account
                settings. .
Delete Spam     Messages older than the given amount of days will be automatically deleted
Messages        once the user logs in to collect messages. 0 means that feature is disabled.
From Spam
Folders When
Older Than
User Smart      Auto learning system creates a unique feature of spam and genuine auto
Learning Auto   indexing to the spam database. The engine uses the threshold for genuine and
Indexing        spam messages when they should and should not be indexed to the DB. Please,
System          do not use this feature unless you know what you want to do.
Process Index   Lets your index all messages waiting in Index queue.
Queue button
Spam File       You can edit whole Instant Anti Spam settings manually by this button.
Settings




Field           Description
Information     Displays the last update date and the version of the SPAM DB
Update          Lets you specify the schedule to update the Spam DB from our server. If you do
Schedule        not want to maintain the DB yourself, you should use this feature so all new
                spam messages can be recognized properly. Think about it as AntiVirus updates.
                New viruses need new virus bases. Anti Spam system needs new spam and word
                database.


VisNetic MailServer Administrator Guide                                                 132
This option lets you specify your own stop words that will be ignored by the indexing and
recognition process.




Field         Description
Forbidden     Certain character sets do not have any words separators. These languages cannot
Charsets      be used by the bayesian filters and might not work properly. It is suggest to
              bypass all of these character sets from the bayesian filtering process by
              specifying them in this field
Mark          You can easily mark all messages with forbidden charsets as a spam. This option
Messages with uses the forbidden character set field above.
Forbidden
Charsets As
Spam
Mark          All MIME complaint messages should have a character set (charset)
Messages      specification in all messages parts. If there's none and still the message includes
With Missing some non ascii characters the message should be considered as spam. All mail
Charsets And clients insert the character set automatically.
Characters
Higher Than
0x7F As Spam




VisNetic MailServer Administrator Guide                                               133
How it works ? - VisNetic Instant Anti Spam & Bayesian Filters

Bayesian filters is a method for spam recognition based on the Bayes theorem which
calculates the probability of a message being spam based on its content. It is a statistical
approach to spam. The system requires a Spam DB which stores all words/tokens it found
in previous messages. Each token has a number of genuine occurrences and spam
occurrences. Using the total number of indexed spam and genuine messages and number
of occurrences in either curposes we can calculate the probability of a token being spam.
In the end we combine all token probabilities together and calculate the final message
spam probability. Using this method the system is accurate about 99.5% in identifying
spam messages and has very low false positives.

In order to have the system running smooth and accurate we need to maintain the Spam
DB. Deerfield.com does that ourselves and offers the Spam DB to all customers. It might
be a good idea to maintain the DB yourself as we might not receive the same spam
messages as you do. Teaching the system from genuine and spam messages is called
Indexing. VisNetic MailServer stores the Spam DB in the VisNetic MailServer\Spam
folder in the file called Spam.db. All indexing reflects in updating this file. Indexing is
immediate and the Spam DB is updated daily or on the service shutdown for performance
reasons.

Considering human interference with the DB we always make human mistakes.
Sometimes we might index a message to the Genuine corpus although it is a spam
message. To correct this problem you can easily move the message to the Spam folder
then index again. VMS will automatically detect the previous indexing and will de-index
the message and index it to the proper Corpus. That way the system and DB will remain
accurate. Making mistakes might end up in the system being not helpful and accurate.

The actual indexing should follow a few rules. Either start the IM Instant Anti Spam
Plugin or VisNetic WebMail. Go thru all messages in the Inbox folder and all spam
messages move to the Spam folder. Do the same with the Spam folder. You should end
up with the correctly sorted folders. Now you can click the Index Now button. All
messages will be immediately parsed for tokens and indexed to the DB accordingly
depending on which folder they are located. Following this simple rule will help you
keep the system running smooth. You should also make sure when you do manual
indexing that you index roughly the same number of genuine & spam messages.

VisNetic MailServer parses all messages, removes HTML tags from HTML messages
and simply creates the right tokens. Some messages with character sets that do not have
spaces as word separators tokenazation is not possible. These messages should not be
indexed and you should rather create the charset filter for them.

Instant Messenger Instant Anti Spam

You can easily control the entire Instant Anti Spam engine by our Instant Messenger
plug-in. This plug-in can be used as a pre-processor for your mail traffic. It allows you to



VisNetic MailServer Administrator Guide                                                  134
manage your entire inbox, write and reply to messages, forward them, create your own
personal black list and white list. The technology is based on XML scripting language, so
it's very fast and reliable. Every action is executed direct on server side.




VisNetic Instant Anti Spam Plug-in allows simple management of your Inbox. You can
use this interface as some kind of pre-processor for your real e-mail client, move
messages between folders, compose new e-mail messages, reply, forward and run
external mail client. Our IAS plug-in is compatible only with JAJC instant messaging
client and is based on XML protocol.

How to install this plugin?

Jajc is available for download at: http://www.deerfield.com/download .




To run client, just click on the new icon in JAJC




Now you can simply perform any action by icons at the bottom of interface. All data is
stored on the server, so if you for example a message is deleted, it is deleted fro the server
as well.

There are in fact two levels of access:




VisNetic MailServer Administrator Guide                                                   135
Ordinary user access - user has ability to manage entire Inbox and if enabled anti spam
filter, create his own black and white list.

Spam administrator access - Spam Administrator has ability to index spam messages to
the database (when spam messages were placed under the spam folder). Every ordinary
user can be set as a Spam Administrator in accounts user settings table (see below).

How to create Spam administrator?

Open Accounts table, and select concrete user...




In accounts table is a "Spam Administrator" checkbox. Just enable this field and use
"Mailboxes" button to set Spam Administrator permissions. Syntax in that file is
following;

Enter the mailboxes on separate lines

Example:
john@domain.com
Jenny@domain.net,1

This setting allows you manage Jenny’s Inbox.

<Mailbox>,[0|1],[GenuinePath;SpamPath],<Display Name>

Results looks like:



VisNetic MailServer Administrator Guide                                                136
Now you can simply select messages from Admin, place them under the Spam folder and
index as Spam. Next message from Admin won't be delivered. That's why Spam
Administrator has ability to manage other users mailboxes..

How ordinary users can create black list and white lists?

Open Accounts settings and there enable Spam Filter for concrete users...




This setting lets you move any message from your inbox to black or white list. Just select
message and then press White list or Black List icon. See below




VisNetic MailServer Administrator Guide                                               137
When you press add button, this message will be placed in the black list folder, and won't
be delivered to user next time.

10.3 Security – Anti Spam Filter

Just click on the "Active" checkbox and then use "Spam Filter" button to brings up spam
filter configuration




VisNetic MailServer Administrator Guide                                               138
This option indicates that Global Anti Spam filter, Domain Anti Spam filter and Greeting
filter should be used. In this way separate filters can be specified for the entire mail
server as well as separate domains. These filters will be used together plus the user Anti-
Spam filter. The user Anti-Spam filter does not relate to this option in any way. They are
only filters for separate accounts. The global filter takes priority and will be executed
first. Last will be the account filters.

This file specifies the anti spam filter items. In anti spam filters you can specify any
conditions and string functions you could ever need. Most of the time you can use the
Anti Spam Filter dialog to edit those.

Structure of the filter file:

The file is constructed by several anti spam filter items. Each filter is placed on a separate
line. By default all filters will reject all messages. Sometimes you might want to accept
some messages instead. For this purpose you can use the prefixes at the beginning of the
line:

0: - Reject

1: - Accept

2: - Delete

This will make a filter exception but will not affect other filters. You can also specify the
whole area to be accepted or rejected by a single line containing 1 or 0. That means all



VisNetic MailServer Administrator Guide                                                    139
following filters are meant to be rejected (0) or accepted (1) unless the filter record itself
has the reject/accept prefix.

Syntax of the filter:

Items:

H - Header

B – Body

A - Attachment

S - Sender

R - Recipient

I - IP Address

Y - Any Header

P - rDNS (PTR)

Functions:

~ - Contains

^ - RegEx

{ - Starts With

} - Ends With

= - Is

! - NOT (Negates the function)

$ - Case Sensitive

Filter Examples:

A~.com;.exe;.bat;.cmd;.scr // Attachment contains any of the file types

H~Subject: win;free;!!! // Header contains any of the strings

I=205.128.218.193 // IP Address


VisNetic MailServer Administrator Guide                                                    140
Y$^^Subject: WIN Free!!!$ // Any header case sensitive RegEx expression

H!~Subject: money // Header does not contain the string

205.*.*.193 // IP Address matches the mask

domain.com // Sender domain name match

bill*@domain.com // Sender email address matches the mask

More Sophisticated Filter Examples:

1:H~Subject: please help // Accept if subject contains "please help"

A~.com;.exe;.bat;.cmd;.scr // Reject attachments containing

1 // Accept the following filters

IP=192.168.0. // 1 Accept messages from IP 192.168.0.1

0 // Reject following filters

A~.vbs;.bat // Reject attachments containing any of the file types

10.3.1 Security – Anti Spam Filter / Bypass File
VMS supports several bypass files. That means if a certain named file exists with some
content the content filters, anti spam filters, RBL or tarpitting will be ignored.
If a message has a recipient or sender and it is listed in the bypass file the proper filter
will be ignored. The bypass files are located in the VisNetic MailServer\Config directory.
The files can contain email addresses and domains, IP addresses, masks each per line.
Each VMS option supporting Bypass files has the small        Button.

10.4 Security - AntiVirus




The Server Antivirus field contains the Server Antivirus button for the Anti Virus
configuration and it also contains the States of the Integrated Antivirus and its Updates.

Internal Antivirus state considers the functioning engine, running SMTP or POP3 and
enabled Integrated Antivirus.




VisNetic MailServer Administrator Guide                                                 141
10.4.1 Security – AntiVirus / Settings




VisNetic MailServer supports full virus checking and has an integrated antivirus built-in
using the awarded VisNetic AntiVirus Plug-in engine. When configured use the Send
EICAR Virus Test Message to test your anti virus settings.

Field          Description
Use Integrated This option will make VMS to use the Available VisNetic AntiVirus Plug-in. If
Antivirus      enabled, all mail sent thru VMS will be checked for viruses.
Use External   This button allows you to use other external anti virus packages. If enabled, all
AntiVirus      mail sent thru VMS will be checked for viruses.
Scan All       This option will force VMS to parse all message parts. That means not only the
Message Parts  attachments will be parsed for the anti virus to be scanned but all message parts.
               This is much more efficient and powerful than scanning the attachments only.
Reject /       By default all messages containing a virus will be rejected. However, you might
Remove         not want to reject them but only remove the virus and the rest of the message
               deliver to the recipient. In that case use the Remove check.
Clean Infected When this option checked infected messages will be tried to be cleaned. Some
Messages If    viruses cannot be cleaned. If this is the case the message will be processed
Possible       regarding the Reject/Remove options. If message could be cleaned it will be
               delivered without the virus.
Quarantine     VMS supports a quarantine option which lets you forward the infected message
Infected       to any email address or store it directly to the specified folder.
Messages
               The address may be local or external. The control accepts email addresses



VisNetic MailServer Administrator Guide                                               142
                separated by semi-colon.
Attachments     If checked, the only infected attachments will be saved to the specified folder,
                or send to the email address.
Notification To If checked, any emails which are found to have a virus will cause notification to
                be sent to the selected entity.
Administrator /

Recipient /

Sender



10.4.2 Security – AntiVirus / Integrated AV Mode




The Integrated Antivirus Scanning Mode lets you specify the conditions when to scan
messages. It is suggested to use the Scan All Messages mode. With that mode the server
will scan any message that comes to or thru the server.

You can separately scan accounts and make exceptions as much as you want. You can for
instance check only mailing lists and not other accounts. Anything is possible with this
new Scanning Mode feature.

Field            Description
Scan All         This mode specifies that all messages passing thru the server should be
Messages         scanned. Outgoing and incoming messages included.
Scan Following   The other specifies certain conditions when to scan messages for viruses.
Outgoing         By checking this option any message going outside the server will be scanned
                 for viruses.
All Accounts     This radio button specifies that all accounts receiving messages should be
Except           scanned for viruses except the ones that are checked with the Antivirus
Selected         Scanning option. If both Domain and the Account in it are checked then the
                 account will be scanned. If either of the two is checked the account will not be
                 scanned.
Selected         This radio button specifies that only the domains with the Antivirus Scanning


VisNetic MailServer Administrator Guide                                                 143
Domains Only option checked should be scanned for viruses.
Selected      This radio button specifies that only the Accounts with the Antivirus Scanning
Accounts Only option checked should be scanned for viruses.


10.4.3 Security – AntiVirus / Plug-in Settings




VisNetic AntiVirus Plug-in features a multi-threaded scanning engine and SMTP-based
virus update notifications. VisNetic AntiVirus Plug-in is powered by Kaspersky Labs,
known for its ability to rapidly identify new viruses and update antivirus signatures.

Because it is installed on the email server computer, rather than dispersed on each client
computer, VisNetic AntiVirus Plug-in is a superior antivirus solution, able to protect
the network from email borne viruses.

VisNetic AntiVirus Plug-in is supported by Kaspersky's continually updated virus
signature list. Designed to download only the necessary update information in a small
download, VisNetic AntiVirus is able to update quickly, with minimum bandwidth
requirements. Making it easier to download and install virus updates makes the job of
protecting the network from email viruses easier.

Urgent Updates are automatic and occur with no user intervention.



VisNetic MailServer Administrator Guide                                                 144
A scheduler further enhances AntiVirus Plug-ins ability to secure an entire networks
email. Set by default to update itself daily, VisNetic AntiVirus Plug-in can support any
update frequency, even to the minute.

10.4.3 Security – AntiVirus / Miscellaneous




Field          Description
Logging        Antivirus logging lets you log all antivirus events to a log file similarly as the
               server logs. Antivirus logs are placed into the Logs\Antivirus directory. You can
               specify to delete logs older than few days.

               Debug - Logs all events including all scanned files

               Summary - Logs only infected filenames and updates
Bypass File    Like any other filter option VMS lets you bypass scanning of some messages.
               The bypass file can contain email addresses, IPs and other things specific to
               bypass files.




VisNetic MailServer Administrator Guide                                                145
10.4.4 Security – AntiVirus / External AV Filters




Note: For Windows 9x and DOS command line scanners always perform the following:

Make a shortcut link (a .pif file) to the executable.

Set the properties of the shortcut link to close the window on exit.

Use the shortcut link as the executable.

Click on the External Antivirus button. This will bring up a panel where the third party
virus scanners may be configured.

Enter the path and executable name in the Virus Scan Application field.

Enter any parameters in the Parameters field.

Return Values you can either be empty in that case the interval is 1-* or you can specify
your return values. Example: 1;2;4;8-255. See the exit codes of your antivirus
application. You can also specify the timeout for the antivirus. TIMEOUT=0, or
TIMEOUT=30. By default TIMEOUT is set to 30 seconds. 0 stands for no timeout.

File Deleted Checking is for such antivirus programs that do not return the exit code
properly. In such case tell them to delete the infected files. VMS will recognize this and
will assume the file was infected. This option is recommended to be used with Norton
Antivirus.

The parameters will be different for all packages, but look for parameters which turn off
memory/bootsector scanning, archive parameters so .zip and .arj files contents are
scanned etc.

External Antivirus Setup Examples

McAfee 4.7.0


VisNetic MailServer Administrator Guide                                                 146
Virus Scan Application: scan.exe

Paramaters: /ALL /NOMEM /NOBEEP /UNZIP %s

Return Values: 1-*

F-Prot

Virus Scan Application: f-prot.exe

Paramaters: /ARCHIVE /NOBOOT /NOMEM %s

Return Values: 1-*

AVG 6.0

Virus Scan Application: avg.exe

Paramaters: /NOMEM /SCAN /NOSELF /ARC %s

Return Values: 1-*

10.5 Security – Security




Field          Description
Disable        This will prevent anyone from using the ESMTP service. If a remote server
ESMTP          issues the EHLO command VMS will reply with an error code. Outgoing SMTP
               connections will not use ESMTP and will use the standard SMTP commands.
               This is sometimes desirable when remote servers and routers/proxies have
               implementation bugs. Should be switched off.
Deny VRFY      This prevents anyone from using the VRFY command to check whether a mail
               account exists on the server or not. If a remote server issues the VRFY
               command VMS will reply with a not supported error message. You can leave
               this option switched off.
Deny Telnet    This prevents anyone from using telnet to access the ports used by VMS.
               Normal keyboard operations are interfered with. Should be switched off. Our
               support team cannot test your mail server via telnet when switched on to help
               you.
Disable Web    This prevents anyone from using the web administration functions of VMS
Admin          (default port 32000). Access denied is returned.


VisNetic MailServer Administrator Guide                                           147
Denny SMTP If set, the server will not accept the SMTP AUTH command. Removing this
AUTH       setting allows the clients to specify authentication for their outgoing mail server.
           Following AUTH schemes are supported: LOGIN, PLAIN, CRAM-MD5

                This option works in conjunction with the Relaying From control. The Relaying
                From control needs to be switched on otherwise no authentication will be
                required. The IPs specified in the Relaying From control do not need to SMTP
                AUTHenticate. All other IPs must authenticate in order to relay messages.
Web Admin       If set, this allows domain administrators to read the contents of other user’s
mailbox         mailboxes.
viewing
Web Admin       If set, this allows domain administrators and administrators to read the messages
message         in other user’s mailboxes.
viewing
Secure Web      If set, then all file paths are checked to be in the Config path and above from
Admin           Web Admin. This prevents user access to important files.
Hide IP From    This option hides the IP address from the message's Received: MIME header.
Received        Using this option no-one will be able to see the configuration of your local
Header          network.



10.6 Security – Service Watchdog




VisNetic MailServer provides a self checking option which will restart services in the
highly unlikely event that they fail or somebody stops them.

In order for the Watchdog functionality to work the Control service must also be running.
The control service will check (in the interval specified) to see if the required services are
still running. If not, they will be restarted automatically.

10.7 Security – Tarpitting




VisNetic MailServer provides a great feature called tarpitting. With Tarpitting enabled,
VMS checks for unsuccessful attempts to deliver messages to unknown users by external
or local non existing users. If the number of attempts in a session exceeds the Count field
the IP address of the sender will be remembered for the Period and no access from that IP
address will be allowed within the period.




VisNetic MailServer Administrator Guide                                                   148
Basically this option serves as a protection from spammers trying to spam your mail
server accounts. Spammers usually have a dictionary of aliases they try to deliver to your
domain. Once the count of unknown aliases exceeds the limit they will not be able to
spam you for the given period of time.

Sometimes you might want to enable some IP address and do not want to wait for the
period to expire or simply specify a white list. The file is called Config\tarpitbypass.dat
and contains the white list IP addresses.

Cross Session Processing - By default the Tarpitting feature works in one session only.
By enabling this checkbox it will work cross session.

Close Connection - When the session is tarpitted you can either leave the session open or
force it to close the connection.

10.8 Security – Static Filters




Static Filters are special DLL filters that are loaded in memory and each time a message
is received filters are applied to it. The format for the DLL file is the same as Content
Filter DLL files using Cdecl parameter passing.

The static filter settings are kept in the file config\staticfilters.dat. It has the following
structure:

Title=<Title>

Filter=<Full path to the DLL file>

Message=<Message that gets displayed in the SMTP session>

SMTPMessage=<A complete message including the SMTP result code>

Enabled=<[0,1] If you want to disable the filter use '0'>

Multiple filters are separated by a blank line. Currently you can use the RegEx filter
developed by Doug Swallow and do not have to use the Content Filter.

Example:

Title=Reg Ex Filter

Filter=c:\filters\mregexflt.dll



VisNetic MailServer Administrator Guide                                                          149
Message=Reg Ex Filter Rejection

Enabled=1

Title=LF Filter

Filter=c:\filters\lffilter.dll

Message=Contains bare LF

SMTPMessage=551 5.7.1 Message contains bare LFs (violates RFC822)

Enabled=1

10.9 Security – Firewall

Clicking on the "Active" checkbox and then on the "Firewall Settings" button brings up
firewall configuration window.




Field            Description
Active           This enables the firewall functionality which is defined in the following 3 fields.
                 Basically this is not an anti relaying feature. It is a firewall and that means only
                 the specified IP addresses will be able (or not) connect to the server. If the Grant
                 checkbox is unchecked the listed IPs will not be able to connect. If it is checked
                 only the listed IPs will be able to connect.

                 These fields are used to list IP addresses or subnets. The format can be
                 aaa.bbb.ccc.ddd or *.*.*.*. or a range a-b.*.*.* The asterisk stays for the subnet.
                 The minus stands for a range between a and b. Entries are separated by semi-
                 colon delimiters.




VisNetic MailServer Administrator Guide                                                    150
Chapter 11


Server Delivery Tab




11.1 Delivery – Anti Relaying & Anti Spam




Field            Description


VisNetic MailServer Administrator Guide     151
Relaying From    If checked, this specifies that only listed IPs are allowed to send mail through
                 the SMTP server out. The local machine (127.0.0.1) should always be
                 specified.

                 IPs and domains are separated by a semicolon delimiter. For example,

                 192.168.1.*;127.0.0.1;194.213.224.5-20

                 If you have a large number of entries then it may be easier to use the file

                 relay.dat (in the Config subdirectory) to specify the IPs and domains.

                 The format is each record on a separate line. For example,

                 192.168.1.*

                 127.0.0.1

                 You can also specify domains in this field. It can only be a full domain name.
                 In that case VMS will validate the MAIL FROM command to match the
                 domain name on the system. It is not very safe as the SMTP MAIL FROM
                 command can be easily forged. For this problem we created a domain IP
                 shielding system where you can assign to your existing domains IP addresses
                 that are able to relay messages.

                 domainshield.dat

                 This file contains list of domains and their IP addresses. If the domain does
                 not exist here it will be considered that any IPs can relay. Each line contains
                 one domain and IPs.

                 Structure:

                 domain=IP;IP;IP...

                 Example:

                 Deerfield.com=127.0.0.1;192.168.*.*
POP before       If a client connects to the POP3 or IMAP service (to check mail) and is
SMTP             authenticated, then the client's IP address is remembered for the time span
                 specified. Within that time span, the client is allowed to use the SMTP
                 service. The time span is specified in minutes. This option does not affect
                 Relaying from by default.
RBL - Realtime   An RBL is a service which provides a list of known spammers. If a sender is
Blackhole list



VisNetic MailServer Administrator Guide                                                152
                 found to be on the RBL then the messages are rejected.

                 Specify the RBL provider domains in the file rbl.dat (in the Config
                 subdirectory) which can be opened for editing using the edit button.

                 The format is each provider domain on a separate line. Currently we
                 recommend blackholes.mail-abuse.org, sbl.spamhaus.org and
                 relays.osirusoft.com. You can enter more RBL domains found from the net.
                 For example:

                 relays.ordb.org

                 Each RBL line can have a comment separated by semi-colon that gets
                 displayed in the SMTP server response. It can contain any link or info on how
                 to deal with RBL.

                 Eg: relays.ordb.org; Comment and URL here

                 There is also a bypass file for RBL. The file is named config\rblbypass.dat
                 and contains IP addresses and email addresses that are not to be checked
                 against RBL servers.

                 Use as least RBL servers as possible. Only 1 is suggested.

                 Possible RBL servers:

                 bl.spamcop.net

                 relays.ordb.org

                 orbs.dorkslayers.com

                 dev.null.dk

                 relays.osirusoft.com

                 relays.visi.com

                 blackholes.wirehub.net

                 dynablock.wirehub.net

                 proxies.relays.monkeys.com

                 ipwhois.rfc-ignorant.org



VisNetic MailServer Administrator Guide                                                153
Reject if          Another security check is to receive mail only if the sender is a valid email
originator's       address. Checking to see if the sender's domain has a Mail Exchange DNS
domain has no      record is one way of doing this. If checked VMS will perform a MX lookup
MX record          and reject the mail if no MX record exists. Sometimes when you have
                   incorrectly configured your DNS server this can cause real harm.
Reject if sender's This security option check is to receive mail only from servers that have
IP has no rDNS reverse DNS PTR record (rDNS).
Do not relay if    VMS will only forward mail if the sender's domains are one of those setup in
originator's       VMS. It will not allow empty email addresses to send messages out.
domain is not
local              It is NOT RECOMMENDED to use this option.
Domain IP          Domain IP Shielding is additional option for the Relay From.
Shielding
                   It is important to use it, when you are going to use hostnames in the Relay
                   From field or file - without Domain IP Shielding it will cause, that your VMS
                   is OPEN RELAY!

                  The Domain IP Shielding file contains list of domains and their IP addresses.

                  If the domain does not exist here it will be considered that any IPs can relay.
                  Each line contains one domain and IPs.

                  Structure:

                  domain=IP;IP;IP

                  Example: domain1.com=127.0.0.1;192.168.*.*

                  domain2.com=127.0.0.1;194.135.*.*;192.*.*.*



11.2 Delivery – Delivery




Field           Description
Use TLS/SSL     Specifies that all outgoing messages will be forwarded using the STARTTLS
                ESMTP command. If the remote mail server supports TLS/SSL messages will
                be transferred in a secured manner using the Secure Socket Layer (SSL). It is
                similar to https protocol. Messages are not transferred in a plain text and



VisNetic MailServer Administrator Guide                                                154
             nobody can monitor the TCP/IP protocol. All VMS vs. VMS transfers will be
             completely secured. It is recommended to use this option.
Retry with   There are some lousy routers and proxies on the Internet that do not follow
SMTP when    RFC821 and do not support SMTP EXTENTSIONS they report they do. In
ESMTP failed such cases sending SMTP server gives up with an error. It is a RFC822
             violation and such routers and proxies should be replaced or the function should
             be disabled. Basically what happens is that the sending and receiving servers
             are communicating thru the proxy in between. The sending and receiving
             servers support some extensions the proxy does not. However when the sending
             server receives the list of supported extensions the proxy does not change it in
             the way so it reports what it really supports. In such case the sending server
             issues a command and receives a bad response from the proxy.

                 VMS has a work around so in such cases it will retry to send the message using
                 plain SMTP without any extensions.
Max message Specifies the maximum message size that can be sent through the mail server.
size             When a message exceeds this limit, it is rejected.
Search for alias If a message is sent to xyz@domain.com but xyz is an unknown alias, checking
in other local this option will make VMS to check for the alias in other domains. So if it finds
domains          xyz@another.com it will give the message to that user instead. Might be
                 sometimes dangerous.
Activate         VMS will obey special headers like "Return-Receipt-To" and "Deferred-
Message          Delivery". If an email is received with a "Return-Receipt-To" header VMS will
Header           automatically reply to say the mail has been received. NB This is not the same
Functions        as the receipt notification features in Outlook. Deferred delivery defines when a
                 mail is to be delivered (only for outgoing messages).
No Auto          Specifying domains here will prevent an autoresponder from firing. Each user
Responder        has a personal No Auto Responder file in the mailbox folder called
                 norespond.dat which has the same format. Email addresses and domains
                 separated by semi-colons.
Require          This option specifies that the SMTP session should always start by introducing
HELO/EHLO the servers (or mail client) by the command HELO or EHLO. If no introducing
                 is done server will not accept any messages.
Redirect         This feature lets you redirect messages due to email addresses. All settings are
                 located in the redirect.dat file. It has the following format:

                {email}={email}

                {domain}={email}

                {domain}={domain}

                Example:




VisNetic MailServer Administrator Guide                                                155
               info@deerfield.com=info@business.com

               sales@luko.com=info@business.com

               deerfield.com=vmsmail.com

               microsoft.com=sales@deerfield.com

               When a message for info@deerfield.com arrives it will be redirected to
               info@business.com and when a message for sales@luko.com arrives it will be
               redirected to info@business.com. Messages for any deerfield.com domain will
               be sent to vmsmail.com instead. Messages sent to microsoft.com will be sent to
               sales@deerfield.com instead.



11.3 Delivery – ETRN and ATRN Settings




Field               Description
ETRN/ATRN           Specifies that when server connects to the Internet it should perform the
                    ETRN or ATRN command to the hostnames specified in the ETRN list
                    with their given parameters. When you press the ETRN button an ETRN
                    dialog appears. You can specify the hostnames and parameters for the
                    ETRN command.

                    ETRN

                    Parameter is usually the domain name. VMS has a great advantage of
                    more than one ETRN command. This option is used when the remote
                    server holds all messages for this server and by this action, it will know
                    this server is connected and it sends the messages in the queue. Therefore,
                    this is a client ETRN. VMS has also the feature of the server ETRN
                    Queue.

                    If the remote ETRN queue has more domains for the same machine you
                    can use the semi-colon and specify other commands in the parameters
                    section. More ETRN commands will be issued in the same session.

                    ATRN

                    If you need VMS to use ATRN check the ATRN switch. ATRN requires
                    to authenticate on the remote server thus requires a usersname and



VisNetic MailServer Administrator Guide                                             156
                     password. The format of the parameter is as following
                     {domains};{user}:{pass}

                     Example: deerfield.com;atrnuser:atrnpassword



ETRN & ATRN Settings

You can specify more than one ETRN/ATRN Commands for the different servers and
domains.

The all command are provided together.




Commands are provided in pre-scheduled time, or when Proceed Now is selected.

11.4 Delivery – Connection




Field            Description
Network          This specifies that VMS will connect to the Internet via network. No other
Connection       settings are needed. This is the preferred connection type.
Dial on Demand   This specifies that VMS should not try to send until either the schedule or
Router           "other connection options" condition is true - it prevents VMS from opening
                 up a dial on demand connection too frequently.

                 You might want to use the config\demand.dat file to execute an application
                 before connecting. The file consists of one line that specifies the application to
                 execute and its parameters.
Dial-Up          This specifies that VMS will open up a dialup networking connection



VisNetic MailServer Administrator Guide                                                 157
Connection         according to the schedule or the Other options.

                If the connection is already in use VMS will automatically use the same
                connection and will not fail. Disconnecting in this case must be done by the
                initiating application or use.
Global Schedule This option lets you to specify global schedule for remote accounts. In that
                case you do not need to configure the Remote Accounts with a specific
                schedule and you leave it empty. The global schedule will be then used for all
                remote accounts. If you specify a different remote account schedule it will
                override the global one.




Field                  Description
Login Name /           These will be passed through to the dialup networking connection.
Password
Disconnect after max   After the specified period of inactivity on the dialup networking
idle time:             connection the line will be dropped.
Schedule               A connection to the Internet can be scheduled through the standard
                       scheduling dialog box. This schedule overrides all subsequent schedules
                       in Remote Accounts and others. We do not want to fire up the connection
                       from Remote Accounts.

VisNetic MailServer can be configured to make a dialup connection if it reaches a certain
number of outbound messages, if a message is waiting for more then x minutes, or if a
message is sent with certain values in the header.

Example someone sends a mail and clicks the high priority button. The mail will have a
header of "Priority" and a value of "High".

Enter each header item on a separate line.

Example: Priority: High

X-Priority: High


VisNetic MailServer Administrator Guide                                              158
Chapter 12


Server Instant Messaging Tab



12.1 Instant Messaging

VisNetic MailServer Instant Messenger allows you to provide new, secured instant
messaging services to all VisNetic MailServer Users.

Detailed explanation of the Instant Messenger features in the Instant Messenger chapter.




Check Box Active will enable/disable the IM Messaging Server for all users. If you want
to disable it just for some of them, use Special options of the user Account.

Field                    Description
Redirect Unknown       It is "workaround" for the improperly specified Client Login. If the
Domain to Local Domain non existing domain is used during the login, IM Server will try to
                       find a user at the primary login of the mail server and log-in this user.

                          It is useful for first-time IM users. Different IM clients are using
                          terminology, which is sometimes not matching to the VisNetic
                          MailServer. The client Server means mostly VMS Domain. If they
                          will enter the host name to the Server labeled field, IM will try to use
                          primary domain instead.

                          This option is ON by default.



VisNetic MailServer Administrator Guide                                                 159
Enable Anonymous          If checked, the Instant Messenger Server can communicate with other
Server To Server          servers, even without specified servers in the Trusted Hosts options.
Communication
Enable Account            Check to allow use VMS Instant Messenger by NON VMS users.
Registration
Enable Server OS Report   If enabled, the version of the operating system is returned as response
                          to the request from Instant Messenger Client.

                          It is NOT recommended to check this option.

                          Typical version response with the checked option:

                          Description: VMS Instant Messaging Server

                          Version: 6.0.3

                          OS: Windows 2000 (Build 5.0 2195 Service Pack 3)
Service Domains           You can specify services for your Instant Messaging server there.
                          Currently implemented service is group chat - conference.

                          Syntax:

                          [<servicename.domain>]

                          category=conference

                          type=public

                          name=<description>

                          browse=<type>

                          history=<roomname>;<filepath>;[0|1] // Enables history logging for
                          the room - path params ("yyyymmddhhnnss", {name}, {service})

                          [<servicename.domain>].

                          Parameters Description

                          [<servicename.domain>]

                          It is virtual hostname, which will be used by clients using the service
                          to log-in. It is created from some domain name by the prefix -
                          servicename, e.g. [chat.deerfield.com]. chat is servicename there and




VisNetic MailServer Administrator Guide                                                160
                        the deerfield.com is the domain.

                        If you want to allow just one conference. Use form:

                        [<servicename@servicename.domain>]

                        DO NOT define the servicename.domain as the real domain in
                        VMS.

                        category=conference

                        the only value conference is allowed. It will handle the
                        [<servicedomain>] as an conference - group chat

                        type=public

                        the only value public is allowed. It will create the conference as
                        anonymous.

                        name=Deerfield General Chat

                        Any descriptive text.

                        browse=public or private

                        This parameter enables/disables listing of the specified service
                        (conference) in the BROWSE command of the user client.

                        Browse without any value (browse=) will disable listing.

                        history

                        History is used for the logging of the specified conferences.

                        history=*;c:\IM\log\allconf.log

                        Will log communication of the all conferences to the file allconf.log

                        The path to the log file can contain variables:

                        "yyyymmddhhnnss" - system datetime variable

                        {servicename} - name of the logged service

                        {domain} - domain of the logged service



VisNetic MailServer Administrator Guide                                                 161
                        Examples:

                        [chat.deerfield.com]

                        category=conference

                        type=public

                        name=Public Chat

                        browse=public

                        history=general;c:\IM\Logs\General.log;1

                        history=chat;c:\IM\Logs\Chat.log

                        [rooms.deerfield.com]

                        category=conference

                        type=public

                        history=*;c:\IM\Logs\{Room}@{Service}.log

                        If you want to have just one conference define servicedomaina as:

                        [chat@chat.deerfield.com]

                        category=conference

                        type=public
Trusted Hosts           This option specifies the domains of the trusted servers to enable the
                        server to server communication. Each server that needs to share the
                        presence, messages and other instant messaging features needs to be
                        enabled in this file.

                        You can easily create a group of trusted servers across different
                        domains and users can chat, send messages to any other instant
                        messaging server that is in the trusted hosts file.

                        Syntax:

                        <domain1>;<domain2>...=<hosta>[:<port>][;SSL]

                        <domain3>;<domain4>...=<hostb>[:<port>][;SSL]



VisNetic MailServer Administrator Guide                                              162
                         Examples:

                         Deerfield.com=im.deerfield.com:5223;SSL

                         visneticmailserver.com=mail.visneticmailserver.com:5222

                         Remember that each IM server has to have the remaining trusted
                         domains specified in the file too otherwise the route back (server
                         response) would not work.

                         In the example above we have the domain deerfield.com on the
                         im.deerfield.com server and the communication will be done using the
                         SSL. The deerfield.com server has to have our domain and host in its
                         trusted hosts.
Server Port              The port number 5222 is used for the standard non-secured IM
                         communication.
SSL Server Port          The port number 5223 is used for the SSL secured IM
                         communication.
Enable Server File       If checked files aren't transferred between users directly, but all files
Transfer                 are stored first on the server and then sent to end user.

To use VisNetic MailServer Instant Messenger you need to download and install Instant
Messenger Client or setup your existing one to work with the VisNetic MailServer
Instant Messenger.



12.2 Instant Messenger Gateways

Instant Messenger Gateways

VisNetic MailServer's IM server can also be enabled, via a gateway, to work with ICQ,
AIM, Yahoo and MSN IM servers. This is the first time in the history of a mail server
product, that five IM services can be accessed by a single IM client. The IM Gateway
functionality is only available with the VisNetic MailServer Unlimited Users License or
IM Gateway license,sold separately. Additional information is available at:
http://www.deerfield.com/products/visnetic_mailserver/instant_messaging/

From the VisNetic MailServer configuration console:

MSN Example;

      1. Click the Instant Messaging icon
      2. Select Active in the Instant Messaging Server field
      3. Click the Services button in the Instant Messaging Server field


VisNetic MailServer Administrator Guide                                                163
     4. Click Example button to open the IMServices.dat file
     5. Copy and Paste the MSN example into the opened IMservices.dat file.

         [msn.localhost]
         category=service
         type=msn
         name=MSN Transport Gateway
         ns=jabber:iq:register;jabber:iq:gateway
         module=Modules\MSN.DLL

     6. Update the [msn.localhost] to your domain. As example [msn.demo.d2g.com]
     7. Save the configuration file

From the VisNetic MailServer computer:

Download and Install the VisNetic MailServer Chat Client (JAJC Jabber Client).
Available from http://www.deerfield.com/download/visnetic_mailserver

From the System icon, stop then start the Instant Messaging service

Connecting JAJC to the VisNetic MailServer IM:

Assume, that we have installed VisNetic MailServer and created users with the domain
demo.d2g.com. The hostname of our VisNetic MailServer is: mail.demo.d2g.com

To connect to your VisNetic MailServer Instant Messenger:

        1. Double click on the JAJC icon in the System Tray
        2. Click the light bulb button
        3. Select Tools | Accounts
        4. Enter your VisNetic MailServer account name (e.g. miker) in the Username
           field
        5. Enter your VisNetic MailServer password in the Password field
        6. Enter the VisNetic MailServer Hostname (located under the System icon in
           the VMS Configuration console) (e.g. mail.demo.d2g.com) in the Server
           field

         Port Port number used for the IM communication. Default is 5222 for the
         standard communication and 5223 for encrypted by the SSL. Do not forget to
         open the IM port on your firewall, router or proxy server!

From the VisNetic MailServer computer:

        1. Right Click the JAJC icon in the System tray
        2. Select Register Service then MSN Transport Gateway




VisNetic MailServer Administrator Guide                                            164
       3. Enter valid MSN email address and password. This may be a MS Passport
          .Net password created specifically for your organization for the purposes of
          registering the MSN gateway.(e.g. msngateway@yourdomain.com)
       4. The MSN icon and gateway domain (e.g msn.yourdomain.com) will be listed
          under Agents

To Add users through the Gateway:

       1. Double Click the IM icon in the System tray
       2. Right Click Add Users thru Gateway
       3. Enter email address of the registered MSN user, replacing the @ with a %.
          (e.g. msn_user%anydomain.com)
       4. Define their nickname and add them to an existing group or create a new
          group
       5. To Instant Message Right Click and select Message


Chapter 12


Server License Information Tab




VisNetic MailServer Administrator Guide                                           165
The info tab of VisNetic MailServer contains your VisNetic MailServer, AntiVirus Plug-
in, Instant Anti Spam and Instant Messenger license information, upgrade options, and
contact information for purchase and support.




VisNetic MailServer Administrator Guide                                            166
Chapter 13


Instant Messenger



13.1 Instant Messenger

VisNetic MailServer Instant Messenger allows you to provide new, secured instant
messaging services to all VisNetic MailServer Users.

All VisNetic MailServer users can chat, transfer files and join group conferences using
secured SSL protocol now.

VMS Instant Messenger implements the Jabber open XML protocol, for more details see
http://www.jabber.org/user/userguide/. However we are not using any open source code,
the entire implementation is proudly written by us.

Implementation of the Jabber open XML protocol brought the compatibility with various
instant messenger clients and other modules supporting this standard. You can use any
Jabber compatible client.

Having your own chat communication with your business partners is extremely simple
now. All you need is:

      VisNetic MailServer version 6.x and greater
      Open ports 5222 for standard and 5223 for secured communication at your
       firewall
      Download and install any Jabber compatible client at each workstation. VisNetic
       MailServer Instant Messenger is compatible with all Jabber clients. You can find
       plenty of them on the Internet.

We are recommending the JAJC (Just Another Jabber Client) available for download
from: http://www.deerfield.com/download/VisNetic_MailServer

VisNetic MailServer Instant Messenger allows communication between:

      All users of a single domain using a VisNetic MailServer installation
      All users of all domains using a single VMS installation
      All users of all domains using any VMS installation



VisNetic MailServer Administrator Guide                                               167
VisNetic MailServer Instant Messenger Features Overview

      Message Send ( incl. Off-Line Delayed Delivery)
      Chat
      Multi-User Chat (+ Chat with 2 in a multi-user chat environment, Participant
       Status, Server Conference Messages)
      Presence (+ Delayed Delivery)
      Subscription
      File Transfer
      Privacy - Black & White List
      Private - Private Store - All Data
      vCard - Personal Details
      Roster - Contact Management Stored On The Server
      Avatar - user definable graphics for the personal ID
      Browser - to see the defined chat rooms
      Offline Data Processing
      Server To Server Communication - (Server Joins Across Nodes) Trusted Hosts
      Last User Logon, User Server Version + Time
      Message Event Notification
      Account Registration
      Digest Authentication
      Password Change
      SSL
      Admin - Online users, Send a message to all online users

13.2 Basic IM Setup

VisNetic MailServer Instant Messenger comes pre-configured with the each VMS
installation. You can use it without any other configuration for the:

      Single Domain Multiuser
      Multi Domain Multiuser

To configure advanced - Multi Server usage and chat rooms you must define the
parameters as defined in Chapter 11.

The Instant Messenger parameters can be configured in the VMS Windows
Configuration program only. It is not possible to configure it over the WebAdmin
interface.

System Tab - Service Settings

                                 You can control the cache for the IM users.




VisNetic MailServer Administrator Guide                                            168
Options Tab - Logging




                                  The different level of the IM activities logging can be selected
                                  there.

                                  The log data are stored in the folder:

                                  C:\Program Files\Deerfield.com\VisNetic MailServer\logs

                                  The IM log file is a plain text file, the filename starts with the
                                  letter "i" following by the date in a form YYYYMMDD, e.g.
                                  i20030327.log

                                  IM log file contains the Jabber XML protocol strings. For
                                  more details about the open Jabber protocol see the
                                  http://www.jabber.org/user/userguide/

Inst. Msg Tab                     Tab dedicated for the Instant Messenger settings only. You do
                                  not need to configure default values for the basic Instant
                                  Messenger setup.

Info Tab - License Keys           VMS comes with the Instant Messenger TRIAL license, which
                                  is valid for 30 days. There are no restrictions against the
                                  purchased license.



13.3 Single Domain IM Communication

Single Domain IM Communication is between users of the same domain.

Each user must install the IM Client at their workstation. To chat with another user;

      Connect to the VMS Instant Messenger with the domain used by the both users
      Add all users you wish to communicate with by adding them to your “Contact
       List”

JAJC Installation

Download the JAJC from the http://www.deerfield.com\download\visnetic_mailserver

Install JAJC by double-clicking the jajc.exe file.


VisNetic MailServer Administrator Guide                                                   169
Connecting JAJC to the VMS IM

Assume that we have installed VisNetic MailServer with the domain demo.d2g.com.

The hostname of our VisNetic MailServer is: demo.d2g.com

To connect to your VMS Instant Messenger run JAJC and enter your account data and
domain name.




Field                   Description
Account                 All user log-in data are associated with the Account. You can define
                        as many profiles as you want by clicking on the    icon. Pick the one
                        you want to use for log-in in the pull-down menu.
Account Alias           Alias of the any existing VMS user. If you have specified more
                        aliases, you can use any of them.
Account Password        Password of the VMS account with the specified user name.
Domain                  Domain name for the User Name above. It can be any domain
                        specified in the VMS configuration.
Resource                Anything. Ignored by the VMS IM Server.
Priority                Anything. Ignored by the VMS IM Server.
After Connect Stay…     Online, Ready for Chat, Away, Extended Away, Do not Disturb or
                        Invisible.




VisNetic MailServer Administrator Guide                                            170
Login_ Server (IP)       Hostname or IP address of the VisNetic MailServer you are
                         connecting to.
Server Port              Port number used for the IM communication. Default is 5222 for the
                         standard communication and 5223 for encrypted by the SSL.

                         Do not forget to open used port at your firewall!!!
Use Secured (SSL)        Check, if you want to use the SSL communication. Default is ON.
Connection

Press OK, and you will be connected to the VisNetic MailServer Instant Messenger
Server.




Adding Users to the Contact List

If you want to see the status of another user and communicate with them (On-line or Off-
Line), you have to add him to your "watch list".

Click on light bulb icon and select Add Contact menu item.




VisNetic MailServer Administrator Guide                                              171
The Jid is email address of VisNetic MailServer & Instant Messenger user.




If the opposite client has been set to confirm request, there is a new group named
guiutils_waiting. Click on the line with the bulb, confirm it and the new user was added
to your watch list (roaster).

After his approval, he will be displayed in your list like:




VisNetic MailServer Administrator Guide                                              172
To use Instant Messenger features just right - click on the user and select the required
function.




13.4 Multiple Domain IM Communication

Special configuration is unnecessary for multi-domain single server communication.

Assume you have multi-domain installation as:

Domains: vmsdemo.com and demo.d2g.com

If the user admin@vmsdemo.com wants to communicate with admin@demo.d2g.com t
via Instant Messenger, they both have to:

      Connect to the same VisNetic MailServer (both domains must reside on the same
       server)
      Add each other user to their contact list (roster).

The connection of the user admin@vmsdemo.com to the JAJC client has been described
in the previous section.

13.5 Multi Server IM Communications

Multi server Instant Messenger Communication covers the most advanced features of the
VisNetic MailServer Instant Messenger.

Suppose that we have two VMS Servers connected to the Internet. So far the all users of
the Instant Messenger were connected to the same server. However if you want to



VisNetic MailServer Administrator Guide                                                    173
communicate with the users from another server, you do not need to connect to these
servers directly.

You can connect to ANY Server.

When you will add the user from foreign server - VisNetic Instant Messenger will
recognize it and will connect with this another server automatically!!!

However to achieve this functionality you have to set either:

       Anonymous Communication

   Or

       Trusted Hosts

at both servers.

Anonymous Server to Server Communication

To enable anonymous communication just check the option with the same name:




Anonymous Server to Server communication works only for domains with the same IP address
as the IP address of the host computer.

If the IP addresses differ, you must use trusted hosts.

Trusted Hosts Server to Server Communication

It is the recommended server to server communication, since you can control which
servers can communicate together.

To achieve that you need only specify the allowed domains and hosts of the opposite
servers.

Click on the button Trusted Hosts...



VisNetic MailServer Administrator Guide                                               174
The trusted hosts file is stored in the file /visnetic mailserver/config/IMhosts.dat.

For the example above, you need to specify trusted hosts:

Mail Server       Trusted Hosts (IMhosts.dat) Specification
mail.vmsdemo.com Demo.d2g.com;demo.d2g.com=mail.demo.d2g.com:5223;SSL
mail.demo.d2g.com vmsdemo.com;im.vmsdemo.com=mail.vmsdemo.com:5223;SSL

Notice, that we do not allowed communication for the domain myotherdomains.com of
the host mail.vmsdemo.com. In the both cases we used the secure communication.

The non-secured server to server communication must be specified in the form:

<trusted domains> = <hostname:5222>

13.6 Anonymous Group Chat

Anonymous Group Chat allows chatting of several connected users simultaneously.

You must first define the chat rooms. To do so open VMS Configuration program and
select Inst. Msg Tab.




Click on the Services button and specify the chat room name.




VisNetic MailServer Administrator Guide                                                 175
The chat room MUST NOT be any existing domain of the VisNetic MailServer. There
are no DNS records associated with the domain; it is just an internal VisNetic Instant
Messenger issue. In our example we have used the name of the chat room:
chat.vmsdemo.com

Join a Conference - anonymous chat room.

To create/join anonymous group chat from the JAJC client, click on the bulb icon in the
left top corner of the JAJC client and select from the menu option Join/Create Group
chat.

Specify the chat room and login details:




Field                     Description
Server                    Domain name specified in the Services… as one, which will be
                          used for chat room.
Room                      Chat Room name
Nick                      Any ID of the user, which is joining the chat.
Password                  Do not use for anonymous chat.

Click on the button OK and you will be connected to the Group Chat Room.




VisNetic MailServer Administrator Guide                                              176
If you want to chat with the some of users from the conference privately, double click on
his icon on the right side.

If the conference you want to join is located at another server, you have to add the chat room
name to your trusted hosts.

The only exception is if you have enabled anonymous server to server connection and the IP
address of the domain connected with the chat room is the same as an IP address of the host
computer.




VisNetic MailServer Administrator Guide                                                177
Chapter 14


Web Access



14.1 Web Access

VisNetic WebMail, integrated with VisNetic MailServer 6.x, allows users access to
their email accounts, folders, address books, and spell checkers with any standard web
browser. By using a web browser to access email, users can access their email from
anywhere on the Internet. Unlike typical email client applications, VisNetic WebMail
does not require reconfiguration to use. It does not leave any traces of messages on the
Internet terminal, which is an ideal feature for anyone who travels. VisNetic WebMail
also stores all of the messages on the VisNetic MailServer, not a third party server. This
is a key feature for anyone who uses email for sensitive or confidential communications.

To access VWM from your web browser, enter the URL as follows:

http://localhost:32000/mail

For example: http://mail.domain.com:32000/mail

The VisNetic WebMail login will appear. Enter your username and password and click
Login.




VisNetic MailServer Administrator Guide                                                178
Settings and configurations for VisNetic WebMail are located in the VisNetic
MailServer/WebMail directory.

To configure virtual hosts and other web server settings, you need to edit the VisNetic
MailServer\Config\WebServer.cfg file. The same rules as for web mail apply.

Primary Features

       Multi domain support
       Multi-language Interface
       Multi-skin Interface
       User definable folders
       User definable logo
       Remote web administration
       Spell checker
       Group support
       Automatic sign up
       Fully customizable
       TCP/IP Protocols - SMTP/POP3/IMAP4
       Multiple file attachments
       SSL
       Header/Footer, Address book importing
       Disk Quota

14.2 Administrator Settings

WebMail Access of VisNetic MailServer comes pre-configured and you do not need to
change it. However you may change a lot of global settings, e.g. which language will be
used as default, change logo and many others.

To do that log-in to the WebMail using Administrator account details at URL:

http://localhost:32000/mail/

Select the Settings Tab and the Administrator Settings.




Field                     Description



VisNetic MailServer Administrator Guide                                               179
SMTP Server             The name or IP address of the SMTP server that web mail will use to
                        send messages.

                        Make sure this works properly and that the mail server lets you relay
                        through. If no, add IP address of the SMTP Server to the field
                        Relaying From: (VMS Configuration, Delivery Tab).
Port                    The port used by the SMTP server. Most servers use port 25.
Default Incoming Mail   The default mail server host for account management. When creating
Server                  new accounts this setting will be automatically entered. Beware of the
                        Domain IP binding on the mail server unless you create virtual
                        domains and each will have a different incoming mail server whose IP
                        corresponds to the one the domain is bound to. Incorrect setting might
                        reflect in an inability for users to login.
Integrate with a mail   This links web mail into the account management of an existing mail
server                  server.

                        Make sure the Default Incoming Mail Server is correctly set;
                        particularly the mail server IP binding is not used.
Domain                  This is used for integration - web mail will be integrated with these
                        domains. Separate domains with a semicolon.

                        (If multiple domains are specified, the user is asked to pick one from a
                        list box at login - only when not using the "Complete VisNetic
                        MailServer Integration" (see below).

                        Example: Deerfield.com
Allowed Domains         If used "Complete VisNetic MailServer Integration" you might want
                        to allow only certain domains to login. Web mail knows what domain
                        it logs in only in the "Complete VisNetic MailServer Integration" and
                        therefore this cannot be used for other modes of integration.

                        Example: deerfield.com;vmsmail.com

                        Primary domain is deerfield.com and only vmsmail.com and
                        deerfield.com can login in.
IP Address Checking     If checked, the IP address of the Web Mail connected PC is became
                        the part of the Session ID.

                        Using IP Address Checking increases security, since if newly
                        connected user (in dial-up or another dynamic - IP connections) has
                        always new Session ID and the data of the previous session can not be
                        read. It prevents unauthorized data reading if previous user was NOT
                        logging out.




VisNetic MailServer Administrator Guide                                              180
                        However it can cause a problem to the users which are connected to
                        the Internet via DSL or routed connection, since these connections can
                        change IP during the session and in such case the user session will be
                        also terminated.




Field                   Description
Max Message Size        Specifies the maximum size of a message in KB users can send out. If
                        the size exceeds message will not be sent.
Use Disk Quota          In conjunction with the disk quota size, this option ensures that users
                        do not exceed their allotted space. Users will be automatically
                        informed about their quota status. When the limit is reached no more
                        messages will be received and the user must delete some of the
                        messages.
Disk quote size         Specifies the size in MB.
Delete Trash Messages   This automatically deletes trash messages after a specified number of
Older Than (Days)       days.
Use header/footer       Specifies that web mail should attempt to attach the contents of the
                        header/footer files to outgoing emails. The files should contain the
                        exact plain text that will be attached to every message.
Header file             The full filename containing the header text. If this field is empty no
                        header will be attached.
Footer file             The full filename containing the footer text. If this field is empty no
                        footer will be attached.
Content Type charset    A default character set can be specified here which will be entered
                        into the MIME headings. Countries with special national characters
                        should enter their charset here. Example:iso-8859-2


VisNetic MailServer Administrator Guide                                             181
Content transfer        Set to 7bit or 8bit.
encoding
Use ISO-8859-2          If checked this will perform inner web mail conversion from
Conversion              Windows1250 to ISO-8859-2 character sets.
Allow sign-up process   This allows a visitor to web mail to create their own account. If using
                        integration this will only work if VMS is the mail server (see the
                        separate section on integration)

                        The default values for the new users are given by the content of the
                        file /VisNetic MailServer/Config/Default.ini. This file can be edited
                        manually or via VMS Configuration Program Options – Other
                        Options.

                        The values from the Default.ini file are used only if the option Use
                        Account Defaults is checked.
Login with Email        If checked, the full email address must be used as User Name during
Address                 the login.
Store WebMail Folders   If checked, all web mail will be stored in the Mail Folder.
in Mail Folder




Field                   Description
SSL Login Only          If checked, logins are restricted to https connections only.



VisNetic MailServer Administrator Guide                                                182
SSL Port                  Allows you to specify SSL Port
Background Color          This specifies the background color of the web mail pages. Use hex
                          notation (#FFFFFF is white), or use words such as: "white", "red".
Title Text                The text that will appear in the web browser banner.
Logo File                 The URI path of the file to be used instead of the web mail logo. Copy
                          your logo into the html\images directory. Use web notation for the
                          path e.g. images/mylogo.gif

                          DO NOT use path with the hard drive letter like: c:\mydata\logo.gif
Web Mail Layout           Select the default Layout there. This layout will be used as "main"
                          layout.
Web Mail Language         Select the default Web Mail language. This language will be used
                          during the login and for the new users. Each user can change their
                          default language.
Charset                   If NONE (default) is selected, the emails in the Web Mail interface
                          are displayed with the charset of the browser. To force encoding in
                          another charset select one from the pull down menu.
Disable HTML              If checked, users are unable from composing HTML based messages.
Composing
Default HTML              Checked by default, all users will be HTML based.
Composing
Welcome Page            When this option is checked a welcome page welcome.html will be
                        shown after each login to the system. You should edit the welcome
                        page yourself.
Default Save Sent       If checked, the option "Save Sent Messages to Sent Folder" will be set
Messages To Sent Folder ON for new users.
Default Move Deleted    If checked, the option "Move Deleted Messages To Trash" will be set
Messages To Trash       ON for new users.



14.3 Administrator Global Address Book
If you are logged as administrator and you will enter the Address Book, there is a new
hyperlink - Global Address Book.
To create address book entries, which can be used by the all users just click on the Global
Address Book and enter data entry there.




VisNetic MailServer Administrator Guide                                                  183
The entries from this global address book are displayed together with the user defined
address book in the user "pull down" menu.

14.4 WebMail access without port 32000 in the URL
If choosing to use VisNetic WebMail on port 80 you must change the default Control
Port from 32000 to 80 and 32001 to 443 (SSL).
To do that open the VMS Configuration program, select System and change the values
for Control service, which is used for the Web Mail access.
Resulting setup will look like:




Stop and Start again the Control Service and your Web Mail access will work with the
URL:
http://<IP Address or Hostname>/mail/
Or
https://<IP Address or Hostname>/mail/
Example:
http://localhost/mail/
If you are unable to start the Control Service again, it means, that port 80 is used by
another program. It is probably another WEB Site running under IIS on port 80.
To fix this problem you have to:
              Stop the other process running on port 80 (stop IIS)
Or
            Bind each web (IIS) to the another IP address, as is used by the VisNetic
       MailServer




VisNetic MailServer Administrator Guide                                                   184
If you want to bind IIS web sites to another IP address as used by VMS and if you are
using Windows 2000 or Windows XP, you have to disable IP pooling first. The full
article is located at:
http://support.microsoft.com/default.aspx?scid=KB;en-us;q238131
To disable IP pooling:

1. Start the command prompt and make sure you are in the X:\Inetpub\Adminscripts folder
(where X is the IIS installation drive). To do this, type the following lines at the command
prompt:
X:
CD\Inetpub\Adminscripts
2. After you open the Adminscripts folder, type the following line at the command prompt:
cscript adsutil.vbs set w3svc/disablesocketpooling true
The command replies as follows:
disablesocketpooling : (BOOLEAN) True
3. Stop and start the IISAdmin service.
4. Restart the WWW service.




14.5 WebMail access without \mail in the URL
Default Web Mail Access of VisNetic MailServer uses URL schemas:
http://<IP or hostname>:32000/mail/
Or
https://<IP or hostname>:32001/mail/
If the VisNetic MailServer is using port 80 and 443 instead of default values, the URL as:
http://<IP or hostname>/mail/
Or
https://<IP or hostname>/mail/
To remove /mail/ from the URL you have to use the Virtual Hosts Redirection feature.
Let's assume that we wan to access Web Mail by using URL:
http://webmail.mydomain.com/
To achieve that you have to:
       Change Control Service Ports of VMS to 80 and 443 (as described in the
       previous section)



VisNetic MailServer Administrator Guide                                                 185
      Create DNS record pointing webmail.mydomain.com to the IP address where the
      VMS is running
      Edit /Program Files/Deerfield.com/VisNetic MailServer/Config/WebServer.CFG
      by the plain text editor and adding line under the section [Virtual-Host]:
       webmail.mydomain.com=c:\Program Files\Deerfield.com\VisNetic
MailServer\html\mail\
The resulting Webserver.cfg will look like:

[Settings]
Bind_To_IP=
Use_ISAPI=0
HTTP10=
[Default]
; [filename]
index.html
index.wml
[Filter]
; [file type]=[script interpreter file path]
; [executable file type]=
.html=webmail\web.dll
.wml=webmail\web.dll
.html=webmail\web.exe
.wml=webmail\web.exe
[Virtual-Host]
; [hostname]=[base path]
webmail.mydomain.com=c:\Program Files\Deerfield.com\VisNetic MailServer\mail\html\

[Free-Path]
; [path]
html\mail\



14.6 WebMail Multi-Domain Configuration (Virtual Hosts)
A virtual host is essentially a separate setting of VisNetic WebMail dedicated for a
particular domain. Virtual domains offer many advantages.
              Customization with VisNetic WebMail is possible at the domain level. As
               example, different ‘logos’ could be utilized for each domain.
              A copy of the directory structure is made for each domain and can be
               placed anywhere – this means that a domain could have all its users on a
               separate disk.


VisNetic MailServer Administrator Guide                                                186
                Users logging into their VisNetic WebMail domain do not get greeted
                 with a drop down box for domains – the correct domain is chosen based
                 on the entered URL.
                Each virtual host is assigned to a different URL, so you could have
                 webmail.domaina.com, webmail.domainb.com, etc.

14.6.1 Virtual Host Redirection
Accessing VisNetic WebMail via http://localhost:32000/mail/ will be replaced with:
http://webmail.localhost:32000
         Edit file \WINNT\system32\drivers\etc\hosts
               o 127.0.0.1 webmail.localhost
         Open file \Program Files\Deerfield.com\VisNetic
           MailServer\config\webserver.cfg and go to section [Virtual-Host] enter re-
           direction command: webmail.localhost=c:program
           files\deerfield.com\visnetic mailserver\html\mail

[Virtual-Host]
; [hostname]=[base path]
webmail.localhost=c:\Program Files\Deerfield.com\VisNetic MailServer\html\mail

Enter URL: http://webmail.localhost:32000/. You see that webmail.localhost has been
redirected to the VisNetic WebMail Login Screen. Admin access is through
http://webmail.localhost:32000/admin/.

If you want to create access to your email using WAP enabled devices, the webmail.cfg
line would be: webmail.localhost=c:\program files\deerfield.com\visnetic
mailserver\html\mail\wap\.


14.6.2 Multi-domain Virtual Hosts Configuration

Multi-domain Virtual Hosts Configuration allows you to create WebMail login and
configuration for each domain user. The example will provide instruction for creating
WebMail for two domains:
Company.mail and Domain.mail

Each VisNetic WebMail user will have its own login URL, logo and Other setting.
To accomplish this follow the steps below;

Prepare domain names at DNS
To emulate DNS at your PC where VisNetic MailServer is installed, add the two new IP
addresses to your TCP/IP network adapter protocol.


VisNetic MailServer Administrator Guide                                                 187
IP addresses for our example are: 192.168.100.100 and 192.168.100.101

Then add lines to your host file: \WINNT\system32\drivers\etc\hosts
192.168.100.100 company.mail
192.168.100.101 domain.mail

Prepare folders for virtual hosting of these domains

Create folder VirtualHosts with subfolders company.mail and domain.mail
We will create the virtual host company.mail forst.

Copy the folder \Program Files\Deerfield.com\VisNetic MailServer\html\mail and
\Program Files\Deerfied.com\VisNetic MailServer\webmail\ to the folder
\virtualhosts\comapny.mail\.

Rename folder \mail\ to \html\.

Create virtual domain redirection in webserver.cfg

Open file: \Program Files\Deerfield.com\VisNetic MailServer\config\webserver.cfg and
go to section [Virtual-Host], add two additional “redirection lines”.


[Virtual-Host]
; [hostname]=[base path]
webmail.localhost= c:\Program Files\Deerfield.com\VisNetic MailServer\html\mail
company.mail=c:\virtualhosts\company.mail\html
domain.mail=c:\virtualhosts\domain.mail\html


Create virtual domain redirection in config.html

Prepare file (in text editor) config.html with:

<?
define(companymailpath, "c:/virtualhosts/company.mail/webmail/");
  $SERVER_INSTALL_PATH = companymailpath;
?>




VisNetic MailServer Administrator Guide                                           188
and copy it to the html folder of the company.mail virtual hosts structure.

\virtualhosts\company.mail\html\config.html

NOTE: The config.html cannot use backslash (alt – 92) in path and cannot have a dot in
the defined variable. For example, “companymailpath” is a variable that cannot contain a
dot, but must be unique to any variables used by VisNetic WebMail.

Do the same for domain.mail. The content of the config.html is:

<?
define(domainmailpath, "c:/virtualhosts/domain.mail/webmail/");
  $SERVER_INSTALL_PATH = domainmailpath;
?>

Now try to access your web mail for domain.mail at: http://domain.mail:32000/

Change setting for each domain

Log-in to the company.mail domain as admin: http://company.mail:32000/admin

NOTE: All changes you will do at the Admin level will affect only company.mail now.

To change the logo. Create a logo named company.mail.gif and place it in the
c:\virtualhosts\company.mail\html\images folder.

Click on Settings and set new logo file: company.mail.gif. Change default values to:

Title Text:    Company.mail WebMail
Logo File:     c:\virtualhosts\company.mail\html\images\company.mail.gif
Logo Width:    260
Logo Height:   62

Click Save then close browser.

Open your browser again for company.mail WebMail: http://company.mail:32000/

You will see a new login screen with the company.mail logo.


14.7 Secure WebMail Access

SSL is an encryption method based on public and private keys. It ensures that
information being transferred between a webserver and a web browser securely. VisNetic
WebMail uses its own built in webserver that supports the SSL standards, once enabled.



VisNetic MailServer Administrator Guide                                                189
Testing Secure Socket Layer

Test your installation by connecting to the SSL port of 32001. Ensure that https is
specified instead of http

https://127.0.0.1:32001/mail/

If all is working you will be greeted with a warning:




What does the warning mean?

An SSL certificate requires 3 conditions to be met:

      That it has been issued by a company who is trusted.
      That the date on the certificate is valid
      That the website name matches the name on the certificate.

There are only a few companies who issue certificates that are automatically trusted by
web browsers (e.g. Verisign and Thawte). As this certificate is issued by the VisNetic
MailServer software the web browser does not ‘trust’ it.

To resolve this, click on the ‘View Certificate’ button and then ‘Install Certificate’.
Follow the prompts. This tells the web browser that the certificate can be trusted.

Unfortunately it is not possible easy to fix point (3). A certificate is matched to a website
address at creation. To fix this point you have to use officially purchased certificate and
convert it to the VisNetic MailServer form.

SSL and Certificates is a highly complex subject. Trusted certificates that do not have
warnings have to be paid for from an issuer like Verisign or Thawte. If you wish to
pursue obtaining your own certificate from a trusted issuer then contact VisNetic
MailServer software who will be able to assist.


VisNetic MailServer Administrator Guide                                                   190
The certificate is kept in the file cert.pem. You can edit it and use your own certificate.
Our SSL system has the advantage of having multiple SSL certificates on one system.
Each certificate can be used for a different IP address. The cert.pem is used as a default
certificate. There is a file cert.dat with the following structure:

Cert.dat

[Server]

// [IP]=[certificate file path]

193.179.195.74=c:\certificates\secure.deerfield.com.dat

At the certificate warning proceed by clicking on the ‘Yes’ button. The VisNetic
MailServer login screen will be shown.

For Internet Explorer Users, in the bottom of the web browser status bar towards the right
the secure symbol will be shown:




This confirms to the user that the connection is secure.

Important!

It is only the connection between the web browser and the webserver that is secure. The
encryption during the transmission of a message to another mail server depends on the
recipient server features. However by default VMS tries to send the message by using
TSL/SSL.

14.8 Advanced WebMail Settings

VisNetic WebMail uses its own built-in web server which is installed upon installation of
VisNetic MailServer. The properties of this web server are controlled via configuration
file /Deerfield.com/VisNetic MailServer/Config/WebServer.CFG

You can edit this file with any plain text editor, or by using the VMS Configuration
program through Options, Other Options.




VisNetic MailServer Administrator Guide                                                  191
WebServer.CFG

// Web Server Settings File

//

// This file contains the whole web server engine settings. You can create new

// virtual hosts, redirects, MIME type associations, aliases and many more.

//

// Settings Section

//

[Settings]

Use_ISAPI=0

// Use_ISAPI - Values: 0/1/2, 0 - Disabled, 1 - Full ISAPI Mode, 2 - Smart ISAPI Mode

// Bind_To_IP - Allows you to bind the whole server engine to different IPs than in

// the Config Service Settings

// Allowed_PUT_Virtual_Hosts - Allows you to specify a host name that will accept

// PUT commands

//



VisNetic MailServer Administrator Guide                                               192
// Default Section

[Default]

index.html

index.wml

// Might contain more lines and specifies the default filenames for HTTP

// <filename>
WebServer.CFG - part 2

[Filter]

.html=webmail\web.dll

.wml=webmail\web.dll

.html=webmail\web.exe

.wml=webmail\web.exe

// Filter section lets you specify our own CGI and ISAPI filters.

// <file type>=<script interpreter file path>

//

// Alias Section

[Alias]

// Alias section lets you create directory redirects or virtual directories.

// [alias]=[base path]

//

// Virtual Host Section

[Virtual-Host]

mail.deerfield.com




VisNetic MailServer Administrator Guide                                        193
wap.deerfield.com=html\mail\wap\

*=html\mail\

// Virtual hosts let you specify different web server file locations for each host

// [hostname]=[base path]

// There is a special hostname * which stands for all hostnames (default) and should

// be used at he last host name. Hostname without the equal sign = specifies the hostname

// for the Web Admin service.

//

// Free-Path Section

[Free-Path]

html\mail\

// Free path section can help you define URI parts for the Web Admin service which will not be

// required to authenticate the session. Use backslashes.

// [URI]

//

// MIME Section

[MIME]

.jad=text/vnd.sun.j2me.app-descriptor

.jar=application/java-archive

// The MIME section lets you define additional MIME types.

// [file type]=[mime type]

//

// Redirect Section



VisNetic MailServer Administrator Guide                                                194
[Redirect]

// The redirection feature lets you redirect any URL passing thru the web server engine to any
other

// URL via the HTTP protocol.

// [URL]=[URL]




VisNetic MailServer Administrator Guide                                               195
Chapter 15


WAP Access



15.1 WAP Access

VisNetic WebMail also supports the WAP (Wireless Application Protocol) protocol of
delivering web information to WAP compatible devices. The WAP Mail has been tested
with the Nokia WAP Toolkit 2.0 and Microsoft Mobile Explorer.

Users accessing their inbox via a mobile telephone will have the ability to send and
receive emails, but not change settings.

There are also no administrator pages provided. This is a simple but powerful service to
send and receive emails while on the move.

Some phone providers are requiring to use only port 80 for the WAP access only.
Change the default port 32000 to the 80 in the VisNetic MailServer System Tab, as described in
the previous chapter.



15.2 Connecting to the Service

Enter the following URL on your mobile device:

http://<hostname>:32000/mail/wap/

Always add the slash at the end of your URL! Even though it is a plain host name.

To use URL without /mail/wap/ use the same virtual redirection as described in the
previous chapter.

Example:

Add to the [virtual-host] of the webmail.cfg

wap.domainA= c:\program files\deerfield.com\visnetic amilserver\html\mail\wap\


VisNetic MailServer Administrator Guide                                                196
Chapter 16


Advanced Server Protection


16.1 Relaying and the “we do not relay” message

Relaying is a common problem. It means that a server allows somebody to send messages
outside. It is desirable to allow sending messages only to your users. Thus you need to
use antirelaying options not to allow spam and relaying thru your server to unwanted
users (spammers) from outside. The error message "550 5.7.1 <>...we do not relay <>"
means your anti relaying settings are incorrectly set and you simply cannot send
messages thru your server out.

We do not suggest using any anti relaying options other than Relaying From, POP Before
SMTP. All other anti relaying options in the Delivery tab sheet should not be used.
Switch on all of the 3 options and into the Relaying From field enter:

127.0.0.1;192.168.*.*;10.*.*.*;172.16-31.*.*

That means all of these IP addresses will be able to relay. All of them are LAN IP
addresses. It's also suggested to specify the server's IP address in the field too. By this
your LAN will be able to send messages out just fine.

Sometimes you might need to allow relaying for your customers outside your LAN. That
is a small problem but can be solved. Usually all relaying is IP address based. Just like on
your LAN. ISPs know their IP addresses and allow relaying from all of these addresses. It
is suggested for users from outside to use their ISP's mail server to send messages out.
Sure, but you want them to use your mail server. You can use 2 options on your server to
fix this. Either the POP Before SMTP or SMTP Authentication. Using Relaying From is
not possible because the IP addresses of your external users are unknown and change
dynamically.

POP Before SMTP

The user needs to check his mail before sending messages out. The server will record the
user's IP and for some period of time will allow sending messages out from the IP. The
problem is that most of the mail clients (Outlook Express) send messages first and then
receives. Users would need to remember to check for messages manually before sending.

SMTP Authentication



VisNetic MailServer Administrator Guide                                                       197
This is a more professional way of allowing external users to relay thru your server. The
user will authenticate during the SMTP session and by that the server knows it is a legal
user and will let him relay. The thing is that users need to configure their mail clients to
use the SMTP authentication and you also need to switch off the Disable SMTP Auth
option in the Security tab sheet. This option works in conjunction with the Relaying From
control. The Relaying From control needs to be switched on otherwise no authentication
will be required. The IPs specified in the Relaying From control do not need to SMTP
AUTHenticate. All other IPs have to authenticate in order to relay messages.

16.2 Relaying and Spam

There is a fine line between making VisNetic MailServer a secure mail server and ending
up with a ‘broken’ mail server that refuses to send/receive mail! The most important
issues surrounding security are relaying and spam.

Relaying is essentially the sending out of messages. This is something that is required for
authorized users, but external users or intruders should not be allowed this privilege.

Spam (or spamming) is the sending of unsolicited messages to an email address. These
are typically mail shot type emails offering goods and services. They should be treated
with extreme caution since a reputable company does not spam!

Organizations that spam across lengthy email lists are always on the lookout for servers
that allow relaying; in this way the identity of the spammer can be protected. Therefore it
is important to consider the relaying and anti-spam features of VisNetic MailServer.

Three scenarios are covered:

      A company or department who uses VMS for internal use only. (Internal)
      A company or department who use VMS for both internal and external use, and
       have a permanent Internet connection or use dialup. (External)
      An ISP who uses VMS as the email service for all customers. (ISP)

Each will have different needs and concerns.

All Uses

The best protection from spam is to use the RBL. You can also use the Anti Spam Filters
but the problem is that these need constant editing to keep the files up to date. The RBL
is administered by Internet users so it's regularly updated.

Content filters are another issue against spam and also viruses: for example, setting up a
content filter that rejects any messages with the string I Love You in the header.

Internal Use




VisNetic MailServer Administrator Guide                                                 198
Security is not so much of an issue if VMS is being used in an intranet environment.
There is no need to enable Firewalls or the various deny options. Nor is Anti-relaying
required. It is unlikely that a worker is going to ‘spam’ his fellow colleagues! For this
environment it is recommended that the anti-relaying functionality is not enabled. There
is no email coming in externally so we need not worry about validating the originator
either.

As all the mail is being sent/received through local domains, there are 2 useful settings:
‘Do not forward if the originator’s domain is not local’ and under each user account
option enable ‘User can send mail only to local domains’.

External Use

If a company has a mail server that can be seen from the Internet it would be a good idea
to enable the firewall for the Control service so that only a couple of PC’s internally can
be used to change any settings. Denying the ability to telnet into the services is also a
good idea.

The last thing a company wants is for their email server to be used to send out spam or
unauthorized mailing lists. This reflects badly on the company and could have dire
consequences. It is most important that the only people who are allowed to send mail
through the server are employees. However, this scenario is easy to deal with since all the
employees are on fixed, easily definable networks.

For example, let’s assume that a company sets up 3 departments on 3 subnets of a private
address range:

192.168.1.X

192.168.2.X

192.168.3.X

Only clients with these IP addresses are allowed to send mail through the SMTP service.

Enable the ‘Relaying From’ functionality, and enter either 192.168.* or (more securely),
enter 192.168.1.*;192.168.2.*;192.168.3.*

Even easier, the domain(s) that the company can be specified instead of IP addresses.
This will only allow users on the internal networks to use the server to send mail.

Remember to include either the subnet or IP address of the server itself!!

If the server receives email from an external source, it is a good idea to check that the
email address has come from a valid domain. Enable the ‘Reject mail if the originator’s




VisNetic MailServer Administrator Guide                                                 199
domain has no MX record’ option - if email comes from an invalid address or has no
return path then it will be rejected.

Internet Service Provider

The ISP has the hardest time since it is very easy to over-secure the mail server and
prevent customers from sending/receiving email.

Certainly secure web-admin and Deny telnet should be specified, but since access could
be gained from anywhere it is recommended to not use the firewall options.

It is a good idea to check that that any incoming mail has come from a valid domain.
Enable the ‘Reject mail if the originator’s domain has no MX record’ option - if email
comes from an invalid address or has no return path then it will be rejected.

With regards to anti-relaying there are 2 kinds of ISP; one who also controls the user’s
access to the Internet (hence all the users will have easily identifiable IP’s and subnets)
and one who is an independent ISP and requires users to be able to use the server no
matter how they connect to the Internet.

For both types of ISP it is paramount that the server is not used to send out spam
however.

For the ISP who knows what subnets and IP’s the users are connecting with, it is simply a
matter of enabling the anti-relaying functionality and entering the subnets/IP’s in the
field.

If there are a large number of entries required then it is easier to create the file relay.dat
(in the Config subdirectory) and specify entries on a separate line eg:

192.168.1.*

127.0.0.1

For the ISP who has customers connecting from various IP’s it is not feasible to enter
subnets and IP’s in the relaying field. Instead, anti-relaying should be enabled for
everything except the local machine and alternative methods of user-authentication used
such as POP3 before SMTP, and the SMTP Auth command.

Both POP3 before SMTP and SMTP Auth will require that the sender has an account on
the mail server in order to be able to use the SMTP service.




VisNetic MailServer Administrator Guide                                                     200
16.2 Spammers and Tarpitting

One of the basic spammer techniques is to use SMTP servers other than their own. It
brings them many advantages. They are hiding identity and they use bandwidth paid for
by someone else.

Some servers have option "Relay if user is local", which is used mostly for LAN
installations (not connected to the Internet).

VisNetic MailServer has this option also (Delivery - Do not relay, if originator is not
local), however is strongly recommended DO NOT USE IT.

If this option is checked and a spammer happens to know some local username /
password, they can use server for relaying - sending unwanted mails.

To find valid usernames spammers use special programs, which are randomly checking
SMTP servers for name. Such programs are sending in loop common names, like: info,
john, sales, etc. and waiting for confirmation, that the name is valid.

Such testing can cause a heavy amount of traffic on your server, unnecessarily, so it is
good idea to block it.

VisNetic MailServer provides a great feature called Tarpitting. When Tarpitting is active
VMS checks for unsuccessful attempts to deliver messages to unknown users by external
or local non existing users. If the number of attempts in a session exceeds the Count field
the IP address of the sender will be remembered for the Period and no access from that IP
address will be allowed within the period.




Basically this options serves as a protection from spammers trying to spam your mail
server accounts. Spammers usually have a dictionary of aliases they try to deliver to your
domain. Once the count of unknown aliases exceeds the limit they will not be able to
spam you any more for the given period of time.

Sometimes you might want to enable some IP address and do not want to wait for the
period to expire or simply specify a white list. The file is called Config\tarpitbypass.dat
and contains the white list IP addresses. Cross Session Processing - By default the
Tarpitting feature works in one sessions only. By enabling this checkbox it will work
cross session. Close Connection - When the session is tarpitted you can either leave the
session open or force it to close the connection.




VisNetic MailServer Administrator Guide                                                    201
16.3 Disable Receipt of Improperly Formatted Emails

Improperly formatted emails are sometimes used by the spammers or hackers as attack to
the mail server. Each server is reacting differently. It some cases can these emails cause
that users can not download some messages - or they can even shoot down SMTP or
POP3 service! Unfortunately the RFC822 specifications are not allowing to build in
unconditional rejecting of the bad formatted mail.

To disable receipt of such email in VisNetic MailServer you should use the Content Filter




Specify the Content Filter, which will reject all improperly formatted mails. Use as
condition:

Where Message Violates RFC822.




You can also create such filter by importing from the following XML file:

<?xml version="1.0"?>

<CONTENTFILTER>

<FILTER>

<TITLE>&lt;&lt;&lt; Bad Formated or Empty Sender Mails &gt;&gt;&gt;</TITLE>

<ACTIVE>True</ACTIVE>

<CONDITION>

<AND>True</AND>

<EXPRESSION>7</EXPRESSION>




VisNetic MailServer Administrator Guide                                                202
<CONTAINTYPE>8</CONTAINTYPE>

<CASE>7</CASE>

</CONDITION>

<CONDITION>

<HEADERTYPE>10</HEADERTYPE>

<CONTAIN>&lt;&gt;</CONTAIN>

</CONDITION>

<REJECT>True</REJECT>

</FILTER>

</CONTENTFILTER>




VisNetic MailServer Administrator Guide   203
Chapter 17


Developer and System Integrators



17.1 API

The API (Application Programming Interface) for VisNetic MailServer is designed for
those who want to manipulate domains, users, mailing lists, notification accounts and
executables from external applications. It allows you to get lists of accounts, add, delete,
edit and read the settings.

The API.DLL can be found in the VisNetic MailServer directory and is used by the
Users.exe and Domains.exe command line tools. The source code for the tools is written
in Delphi and can be found in the API directory. In the API directory there are also other
programming languages examples.

Using the API

The API can be used in any programming language such as Delphi, BC++ Builder, MS
VC++, ASP, VB etc. All you need to do is to import the functions from the API DLL
(Dynamic Linked Library). The API.DLL is not a COM object.

API description is available in Deerfield.com\VisNetic MailServer\API directory.

17.2 API Variables and Values

The API Variables and Values are used for API programming or as parameters in the line
command tools USERS. EXE and DOMAINS.EXE described in a next section.

By using API Variables and Values you can provide in the "command line mode" almost
anything you can do in the VisNetic MailServer Windows Administration program.

You can find description of API Variables and Values in Deerfield.com\VisNetic
MailServer\API directory.

17.3 Users and Domains Command Line Tools

The users.exe and domains.exe command line tools can be found in the VisNetic
MailServer directory. You can also find the source code in the API directory. These tools


VisNetic MailServer Administrator Guide                                                  204
can be used for user and domain manipulation such as editing/adding/deleting etc. You
can even use it for exporting and importing users. The user’s tool is limited to work on
one domain only. That means you would need to run the tool subsequently to
export/import users from multiple domains.

Typical usage of these tools is for command line maintenance - adding new users, etc.

The default values for the new users are given by the content of the file /VisNetic
MailServer/Config/Default.ini. This file can be edited manually or via VMS
Configuration Program – Options / Other Options

The values from the Default.ini file are used only if the option Use Account Defaults is
checked.

Users Usage

By running the users.exe without any parameters you will get the output below.

API User Manager – VisNetic MailServer

Copyright (c) 2002 Deerfield.com. All rights reserved.

E-mail: info@deerfield.com

Usage: USERS {commands} -u{user|*@[domain]} [properties] [parameters]

Usage: USERS -STATISTICS <from> <to> <filter> <output file>

{commnads}
-a                            Add new user
-c                            Change user's properties
-d                            Delete a user
-l                            List a user
-e[delimiter char]            Export users
-g[delimiter char]            Import users from a file into a domain
-STATISTICS                   Creates the user statistics file
-h                            This help
-u{user[@domain]}             Specifies the user's address
{properties}
-n{name}                      Specifies the user's name
-p{password}                  Specifies the user's password
-m{mailbox}                   Specifies the user's mailbox name


VisNetic MailServer Administrator Guide                                                 205
-b{mailbox}                   Specifies the user's mailbox path
-i{+/-}{KB}                   Specifies the user's max mailbox size
-k{KB}                        Specifies the user's max message size
-r{address}                   Specifies the user's remote address (no local mailbox)
                              Empty address stands for no remote address
-f{address list}              Specifies the user's forward address list
-4{+/-}                       Specifies that the user can use the IMAP4
-z{+/-}                       Specifies that the user is self configurable
-s{+/-}                       Specifies that the user is the administrator
-x{+/-}                       Specifies that the user is the domain administrator
-j{+/-}                       Specifies that the user uses the NT Password
-o{+/-}                       Specifies that the user is disabled
-q{file path}                 Specifies auto responder file path
-t{+/-}{days}                 Delete mail older than x days
-w{+/-}{days};{address}       Forward mail older than x days to y
-q{file path}                 Specifies auto responder file path
-#{parameter}=[$]{value}      Specifies API variables and values
{parameters}
-cfg{path}                    Specifies the full path to the VisNetic MailServer
                              directory

Adding a user

Let’s add a new user with the name John Doe, alias john, mailbox john and password
secret into the domain deerfield.com. You do not need to specify the domain name if it is
a primary domain.

users -a -ujohn@deerfield.com -mjohn -psecret -n"John Doe"

In the case of a primary domain and alias equals the mailbox name.

users -a -ujohn -p"my secret" -#2=$"John Doe"

Notice the quotes which should be used for space containing parameters.

The last parameter is a special API syntax you can use for any parameter this tool does
not support directly.

See the API variables and values in the API Section.




VisNetic MailServer Administrator Guide                                                206
users -a -uu1@demo.com -mu1@demo.com -ppass1 -#58=100
This will add a user called u1@demo.com with a password of pass1 and a send limit of
100 messages per day.

Deleting a user

Let’s delete the user just created.

users -d -ujohn@deerfield.com

Editing a user

You might want to change the password for the user john to topsecret.

users -c -ujohn@deerfield.com -p"topsecret"

Listing a user

The listing feature displays one user information. It cannot be used for more users at
once.

users -l -ujohn@deerfield.com

Exporting and Importing users

The exporting feature exports the list of the given domain mask or all domains to screen.
If you need to save it to a file you need to redirect the output to a file. The first example
prints all users from the domain deerfield.com to screen.

users -e -u*@deerfield.com

or for all domains

users -e -u*@*

The exported data contain the program title before the actual lines. If you need to import
the data you need to delete those lines first. The format of the file can be easily found out.
Administrator's password will not be shown ever, instead it will contain the star character
"*". Exporting users to a text file follows.

users -e -u*@deerfield.com > c:\temp\export.txt

The text file after removing the information lines might look like this:

john@deerfield.com,john,*,deerfield.com\john\,John Doe,,,0,0



VisNetic MailServer Administrator Guide                                                   207
support@deerfield.com,support,topme,deerfield.com\support\,Support Team,,,0,0

The format of the file follows

[Alias]@[Domain],[Mailbox],[Mailbox Path],[Name]...

Import Users.

In order to import users from the file you need to do this.

users -g c:\temp\export.txt

User Statistics

If you use the User Statistics option the users tool can help you to export the user
statistics to a file so you do not need to use the Config GUI or the web admin. The syntax
is easy:

users -STATISTICS "2002/02/01" "2002/02/28" "*" "c:\temp\stats.log"

Domains Usage

By running the domains.exe without any parameters you will get the output below.

API Domain Manager – VisNetic MailServer

Copyright (c) 2002 Deerfield.com. All rights reserved.

E-mail: info@deerfield.com

Usage: DOMAINS {commands} {domain} [properties] [parameters]

{commands}
-a                               Add new domain
-c                               Change domain's properties
-d                               Delete a domain
-l                               List a domain
-e[delimiter char]               Export domains
-g[delimiter char]               Import domains from a file
-h                               This help
{properties}
-s{description}                  Specifies the domain's description
-i{+/-}                          Info To Admin


VisNetic MailServer Administrator Guide                                               208
-u{forwardto}                  Unknown Users Forward To
-f{alias}                      Admin Default Alias
-m{email}                      Admin Default Email
-t{domain type}                Domain Type (0..3)
-v{domain type value}          Domain Type Value
{parameters}
-cfg{path}                     Specifies the full path to the VisNetic MailSerevr
                               directory

Adding a domain

Lets add a new domain with the name deerfield.com and description Deerfield Domain

domains -a deerfield.com -s"Deerfield Domain"

Notice the quotes which should be used for space containing parameters.

Deleting a domain

Let’s delete the just created domain.

domains -d deerfield.com

Editing a domain

You might want to change the description of the domain.

domains -c deerfield.com -s"Deerfield Software Domain"

Listing a domain

The listing feature displays one domain information. It cannot be used for more domains
at once.

domains -l deerfield.com

Exporting and Importing domains

The exporting feature exports the list of all domains to screen. If you need to save it to a
file you need to redirect the output to a file. The first example prints all domains to
screen.

domains -e



VisNetic MailServer Administrator Guide                                                   209
The exported data contain the program title before the actual lines. If you need to import
the data you need to delete those lines first. The format of the file can be easily found out.

domains -e > c:\temp\export.txt

In order to import domains from the file you need to do this.

domains -g c:\temp\export.txt




VisNetic MailServer Administrator Guide                                                   210
Chapter 18


How VisNetic MailServer Works



18.1 How VisNetic MailServer Works

Services

VisNetic MailServer consists of three services and the configuration program. Services
are programs that run in the background of Windows and do the work for you.

SMTP service handles the mail delivery, forwarding the mail, disk space monitor and all
account options. This service handles the most work of the mail server and should always
run.

POP3/IMAP4 service handles the message sending to the mail clients when users want to
get new mail from the server. This service also handles the Remote Accounts and the
Antivirus System. This service should be always run as well.

Control service handles the DialUp connections, Remote Administration, Web
Administration, and the Watchdog option. If you do not need any of these you do not
have to run this service.

Files & Directories

In the VisNetic MailServer directory there are all the executable, help, readme files, and
the default.ini. In the HTML directory, there are files for the Web Administration. The
CONFIG directory contains all configuration and settings. The LOG directory contains
all logs.

SMTP, POP3/IMAP4 and Control logs can be switched on individually. Error logs are
always made when errors occur. The log structure:

[IP Address] [Thread ID] [Date Time] [Action]

Example:

SYSTEM [00000000] Fri, 19 Jan 2001 11:36:54 +0100 SMTP Service started



VisNetic MailServer Administrator Guide                                                 211
In the MAIL directory, there are domain directories and the FORWARD directory. In the
forward directory is the queue for outgoing mail. All mail has extension .tmp. When mail
is being transmitted its extension changes to .tm$. In the domain directories there are
mailbox directories for the received mail.

In the TEMP directory, files are being currently received. After they have been received
they are copied to the mailbox(es) and then deleted.

Mail Sending & Receiving

There is no difference between local and Internet mail receiving. Therefore if you can
receive your local mail you can also receive Internet mail. If mail is not being delivered
from the Internet it is likely that security options set are preventing this, or the DNS MX
records on the domain has been entered incorrectly.

Sending the mail follows a different path. When mail is being sent to a local account it is
immediately delivered to the local mailbox and the mail does not go to the Internet. Mail
server recognizes that according to the configured domains in the Config program. When
there is a recipient with the local domain, it is delivered to the local domain. When it
finds out it is an external recipient (domain) it places the mail in the FORWARD
directory (outgoing queue) and tries immediately to deliver the message. This is all done
in separate threads (processes). VMS is a full multi threaded multiple CPU support
server.

The greatest advantage of VisNetic MailServer is its safety and security. All of the
services run the TLS/SSL support (Secure Socket Layer) and you can set your mail
clients to support and use this option. In such case all message transmission to and from
server will be totally secured. VMS goes beyond this and when found a remote mail
server supporting this feature too (another VMS) the whole TCP/IP communication is
secured in the same manner. Therefore a network of VisNetic MailServer would totally
put hackers out of their business.

18.2 SSL Certificate Conversions

VisNetic MailServer supports SSL. VMS uses an SSL certificate issued by Deerfield.com
and as such generates warnings when used. It is likely that customers wishing to pursue
SSL already have a certificate installed for a given domain and would like to use their
existing certificate with VisNetic MailServer. This document explains how to convert an
existing certificate into the proper format for VMS.

Overview

SSL is an encryption method based on public and private keys. It ensures that
information being transferred between a webserver and a web browser cannot be seen by
anyone and thus ensures privacy.




VisNetic MailServer Administrator Guide                                                 212
VisNetic MailServer uses its own certificate built in webserver. This fully supports the
SSL standards once SSL support has been enabled.

Enabling Secure Socket Layer

The SSL software is provided as standard with VisNetic MailServer.

For VisNetic WebMail access test your installation by connecting to the SSL port of
32001 (instead of 32000). Ensure that https is specified instead of http

Example:

https://127.0.0.1:32001/mail/

For VisNetic MailServer Web Administration use the URL above without /mail/

Example: https://127.0.0.1:32001/

If all is working you will be greeted with a warning:

What does the warning mean?

An SSL certificate requires 3 conditions to be met:

1) That it has been issued by a company who is trusted.

2) That the date on the certificate is valid

3) That the website name matches the name on the certificate.

There are only a few companies in the world who issue certificates that are automatically
trusted by web browsers (e.g. Verisign and Thawte). As this certificate is issued by the
VisNetic MailServer software the web browser does not 'trust' it.

To resolve this, click on the 'View Certificate' button and then 'Install Certificate'. Follow
the prompts. This tells the web browser that the certificate can be trusted.

Unfortunately it is not possible to fix point (3). A certificate is matched to a website
address at creation. The only way is to purchase the official certificate for the Web site.

VisNetic MailServer Certificate Format

Find the file cert.pem in the installation directory. It should look like this:

-----BEGIN RSA PRIVATE KEY-----



VisNetic MailServer Administrator Guide                                                   213
MIICWwIBAAKBgQDhhrFex+K/HBZe/Sgl2nZmppRRmADgaRByOMURyI36gvQ1+FNO

uYfoPcOr/t3TiqfKmt4deBJU/l5EOH+VAcYGFjpOpmaS7HZbRBhrew53LLpk333L

aPLwKPBQNFgYOtZzB+CvwnAa4nAtkZYlkRMlnASYzXfHowuVu8ehVs5iTwIDAQAB

AoGAYnIpevZGRKY+HbjkjaGPjb+pfvSbbVpvk2y0mc6yK2h+shB0TSkv6nELuUjI

DE+6bvarfrGrTu66t4zyJFlh1vRWgezw7PddR6l1iUZX3M2jdfrj/Z9hcHoMgIEN

6flUhsUDR1/dYFLmC7erXiXpAlu2gx0vE+JlRkKh1lrcGgECQQD8SGa3vOqFoFcp

ghEZXpzqcYIvJfrtpPna7r1CNezMRvpYpC8hT5G7/t7fVtUtOfGURGkT2aYmtZeQ

T9hMhpu9AkEA5Nld4QkRa1Nyk3Qb/k/lYKLEovA4rySV2A446NdVLLZqI2fq1qH3

QChMtlYG7c6Iv6dIv3fkn1UOa9Mx4AVw+wJAfCwiqrMId6b438xOID+KWnZuDkjS

Xh/CfvjdHHawS8dvtytwqyOf5nlHN4RkvrLzbffSBFwvRIRCylwSaXAjvQJAbZYl

XXixLbrlF/U23n418iOflAMCseQMGU0eNWnAMMwdYV0G2Mbwlnl12q6xXLlVRKl/

rahlA2OAp2OX85XHdwJANv7ayfVDTMlfOdXB5nOJM9Y8/2h9TCVLUstxKh4qM9Hp

yVFxyTCRm/qplHLNuklGuWP55vEoblbba9aqYzWJjw==

-----END RSA PRIVATE KEY-----

-----BEGIN CERTIFICATE-----

MIICjTCCAfYCAQAwDQYJKoZIhvcNAQEEBQAwgY4xCzAJBgNVBAYTAkNaMRcwFQYD

VQQIEw5DemVjaCBSZXB1YmxpYzEPMA0GA1UEBxMGUHJhZ3VlMRkwFwYDVQQKExBJ

Y2VXYXJwIFNvZnR3YXJlMRkwFwYDVQQDExBJY2VXYXJwIFNvZnR3YXJlMR8wHQYJ

KoZIhvcNAQkBFhBpbmZvQGljZXdhcnAuY29tMB4XDTAwMDcyNDE0MDA1N1oXDTA1

MDcyMzE0MDA1N1owgY4xCzAJBgNVBAYTAkNaMRcwFQYDVQQIEw5DemVjaCBSZXB1

YmxpYzEPMA0GA1UEBxMGUHJhZ3VlMRkwFwYDVQQKExBJY2VXYXJwIFNvZnR3YXJl

MRkwFwYDVQQDExBJY2VXYXJwIFNvZnR3YXJlMR8wHQYJKoZIhvcNAQkBFhBpbmZv

QGljZXdhcnAuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhhrFex+K/

HBZe/Sgl2nZmppRRmADgaRByOMURyI36gvQ1+FNOuYfoPcOr/t3TiqfKmt4deBJU

/l5EOH+VAcYGFjpOpmaS7HZbRBhrew53LLpk333LaPLwKPBQNFgYOtZzB+CvwnAa

4nAtkZYlkRMlnASYzXfHowuVu8ehVs5iTwIDAQABMA0GCSqGSIb3DQEBBAUAA4GB


VisNetic MailServer Administrator Guide                            214
AEpb8ci98bywKDgm2ZZAndtisHLQa7rI1ZozmgYAS90qcShfXcrOlD1+si4wVanY

wOd93LjXuR5IzMUM48w7QeDYZxXeAcpmrp8PDvw54RZG2JyH7hITrDSw69Budw0C

VeCM6hHpRejRBf8DK+WNqG3CZh74jgDd3NGb+MijVagF

-----END CERTIFICATE-----

The file takes the format of base-64 encoded sections, the private key followed by the
certificate.

18.2.1 Certificate Conversion from IIS 4.0

When the certificate was first requested you would have created a certificate request file.
This would have looked like this:

-----BEGIN NEW CERTIFICATE REQUEST-----

MIIBJjCB0QIBADBsMQswCQYDVQQGEwJHQjEOMAwGA1UECBMFRXNzZXgxETAPBgNV

BAcTCFJvY2hmb3JkMRkwFwYDVQQKExBTaW1wbHkgV2ViRGVzaWduMQ4wDAYDVQQL

EwVTYWxlczEPMA0GA1UEAxMGU2ltcGx5MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJB

ALO0a8hNfU6Nb/JcIFPNgvxfUdp6Bo/NAK6+9tO2p6YbiWBf2mQw0WDOPELiRkly

kg0sNT9B6eFKH9qYHx9XipkCAwEAAaAAMA0GCSqGSIb3DQEBBAUAA0EAXaiLgP5S

VQlRjg0k5q2xXZSCFrwf4EbIb7xiAkIEStLiZP0RRv9OIBVlBbbuP2oY4Kgm7Jzx

DN/Ak597m0iBEw==

-----END NEW CERTIFICATE REQUEST-----

The organization who issued you your certificate would have replied with the certificate
in the following format :

-----BEGIN CERTIFICATE-----

MIICTTCCAbagAwIBAgIDdYWzMA0GCSqGSIb3DQEBBAUAMIGHMQswCQYDVQQGEwJa

QTEiMCAGA1UECBMZRk9SIFRFU1RJTkcgUFVSUE9TRVMgT05MWTEdMBsGA1UEChMU

VGhhd3RlIENlcnRpZmljYXRpb24xFzAVBgNVBAsTDlRFU1QgVEVTVCBURVNUMRww

GgYDVQQDExNUaGF3dGUgVGVzdCBDQSBSb290MB4XDTAwMDkyNDExMjYwMFoXDTAw

MTAyNTExMjYwMFowbDELMAkGA1UEBhMCR0IxDjAMBgNVBAgTBUVzc2V4MREwDwYD

VQQHEwhSb2NoZm9yZDEZMBcGA1UEChMQU2ltcGx5IFdlYkRlc2lnbjEOMAwGA1UE


VisNetic MailServer Administrator Guide                                                  215
CxMFU2FsZXMxDzANBgNVBAMTBlNpbXBseTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC

QQCztGvITX1OjW/yXCBTzYL8X1HaegaPzQCuvvbTtqemG4lgX9pkMNFgzjxC4kZJ

cpINLDU/QenhSh/amB8fV4qZAgMBAAGjJTAjMBMGA1UdJQQMMAoGCCsGAQUFBwMB

MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEAaBAP6YMGRzaBXRmmUxL9

D/sl+SI3TsPq/2Lu3CINHO4wyq0bBr+xKjr8FiM9rzYdDy66Cyux4RA89s2DzKtX

kCTZGnz0uBOr452WEjfhkmnm2dyB0bFe94Lb1lZ7wB1FmPrjIiWP49EAgtuMtiTA

sAXR6juqZdMpEkm1kfD4K2k=

-----END CERTIFICATE-----

The certificate itself is in the correct format for VisNetic MailServer but we also need to
obtain the private key. This can be extracted from IIS with a little manual intervention.

You will need some tools to do this:

a) A copy of the openssl executable with RSA encryption

b) A text editor that understands hex.

The openssl tools can be downloaded from anonymous ftp at
ftp://ftp.siwd.net/ssl/openssl_tools.zip. A good hex editor can be found at
http://www.ultraedit.com

(These instructions are courtesy of post to the openssl-users newsgroup)

MSIIS exports the private key and certificate in the same file. If you want to extract only
the private key, you can do it as follows:

1. Export a backup file of the Certificate from the Key-Manager. Call it cert.key.

2. Edit cert.key and find this string in the binary file: "private-key"

3. Trace back until you find this Hex value: "30 82"

4. Write from that position to a new file (tmp.bin).

5. With OpenSSL: openssl rsa -inform NET -in tmp.bin -out key.pem

6. Type password.

7. The private key is now in a separate file :-)



VisNetic MailServer Administrator Guide                                                 216
The above image shows an IIS key open in the "Elvis" text editor in HEXADECIMAL
mode. The characters in red will be deleted and the rest of the file -- from "30 82"
onwards -- will be saved.

So now you should have your private key in a file called key.pem and it should look like
this:

-----BEGIN RSA PRIVATE KEY-----

MIIBOgIBAAJBALO0a8hNfU6Nb/JcIFPNgvxfUdp6Bo/NAK6+9tO2p6YbiWBf2mQw

0WDOPELiRklykg0sNT9B6eFKH9qYHx9XipkCAwEAAQJAJQGqkH0kqOCHhSljnt5b

cw1OFee7IjHdSh8ZRVAABjyc8Kt5MZ4nVgpGEBv4Wz4X+Un3xW18bKF9uREViQeV

gQIhAOShEojbao1Z5QF9hPkC6fDPs/rPmjaBWbLQKbyXKHT9AiEAyTfvMu+sJZkD

tS/afFUhiA/Bp44OjRgMwh+MAJ0uDM0CIDEXRNuOAXsIalu/j+XH8mN6tbKNERfS

/meeutd7vXwhAiBJjVyubdWrWKd2T6u5zxSWu8u6B79h6+yd+RIgF1SB8QIhANDG

YzjKKPILB7euU0bfuJxWglYou9TAma5HzdeBCd7V

-----END RSA PRIVATE KEY-----

Find the certificate that was sent back by the issuing authority and concatenate it onto the
end thus giving you a file similar to:

-----BEGIN RSA PRIVATE KEY-----

MIICWwIBAAKBgQDhhrFex+K/HBZe/Sgl2nZmppRRmADgaRByOMURyI36gvQ1+FNO

uYfoPcOr/t3TiqfKmt4deBJU/l5EOH+VAcYGFjpOpmaS7HZbRBhrew53LLpk333L

aPLwKPBQNFgYOtZzB+CvwnAa4nAtkZYlkRMlnASYzXfHowuVu8ehVs5iTwIDAQAB

AoGAYnIpevZGRKY+HbjkjaGPjb+pfvSbbVpvk2y0mc6yK2h+shB0TSkv6nELuUjI

DE+6bvarfrGrTu66t4zyJFlh1vRWgezw7PddR6l1iUZX3M2jdfrj/Z9hcHoMgIEN

6flUhsUDR1/dYFLmC7erXiXpAlu2gx0vE+JlRkKh1lrcGgECQQD8SGa3vOqFoFcp

ghEZXpzqcYIvJfrtpPna7r1CNezMRvpYpC8hT5G7/t7fVtUtOfGURGkT2aYmtZeQ

T9hMhpu9AkEA5Nld4QkRa1Nyk3Qb/k/lYKLEovA4rySV2A446NdVLLZqI2fq1qH3

QChMtlYG7c6Iv6dIv3fkn1UOa9Mx4AVw+wJAfCwiqrMId6b438xOID+KWnZuDkjS

Xh/CfvjdHHawS8dvtytwqyOf5nlHN4RkvrLzbffSBFwvRIRCylwSaXAjvQJAbZYl




VisNetic MailServer Administrator Guide                                                 217
XXixLbrlF/U23n418iOflAMCseQMGU0eNWnAMMwdYV0G2Mbwlnl12q6xXLlVRKl/

rahlA2OAp2OX85XHdwJANv7ayfVDTMlfOdXB5nOJM9Y8/2h9TCVLUstxKh4qM9Hp

yVFxyTCRm/qplHLNuklGuWP55vEoblbba9aqYzWJjw==

-----END RSA PRIVATE KEY-----

-----BEGIN CERTIFICATE-----

MIICjTCCAfYCAQAwDQYJKoZIhvcNAQEEBQAwgY4xCzAJBgNVBAYTAkNaMRcwFQYD

VQQIEw5DemVjaCBSZXB1YmxpYzEPMA0GA1UEBxMGUHJhZ3VlMRkwFwYDVQQKExBJ

Y2VXYXJwIFNvZnR3YXJlMRkwFwYDVQQDExBJY2VXYXJwIFNvZnR3YXJlMR8wHQYJ

KoZIhvcNAQkBFhBpbmZvQGljZXdhcnAuY29tMB4XDTAwMDcyNDE0MDA1N1oXDTA1

MDcyMzE0MDA1N1owgY4xCzAJBgNVBAYTAkNaMRcwFQYDVQQIEw5DemVjaCBSZXB1

YmxpYzEPMA0GA1UEBxMGUHJhZ3VlMRkwFwYDVQQKExBJY2VXYXJwIFNvZnR3YXJl

MRkwFwYDVQQDExBJY2VXYXJwIFNvZnR3YXJlMR8wHQYJKoZIhvcNAQkBFhBpbmZv

QGljZXdhcnAuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhhrFex+K/

HBZe/Sgl2nZmppRRmADgaRByOMURyI36gvQ1+FNOuYfoPcOr/t3TiqfKmt4deBJU

/l5EOH+VAcYGFjpOpmaS7HZbRBhrew53LLpk333LaPLwKPBQNFgYOtZzB+CvwnAa

4nAtkZYlkRMlnASYzXfHowuVu8ehVs5iTwIDAQABMA0GCSqGSIb3DQEBBAUAA4GB

AEpb8ci98bywKDgm2ZZAndtisHLQa7rI1ZozmgYAS90qcShfXcrOlD1+si4wVanY

wOd93LjXuR5IzMUM48w7QeDYZxXeAcpmrp8PDvw54RZG2JyH7hITrDSw69Budw0C

VeCM6hHpRejRBf8DK+WNqG3CZh74jgDd3NGb+MijVagF

-----END CERTIFICATE-----

Your file is now in the same format as that required by VisNetic MailServer. Rename this
file as cert.pem and move it into the VisNetic MailServer installation directory (you may
wish to backup the old file first). Restart the services and then attempt to connect using
the SSL port and https protocol.

18.2.2 Certificate Conversion from IIS 5.0

The process is slightly different for IIS5.0. It is far easier to just request and install a
certificate onto the server, then extract the bits we need.



VisNetic MailServer Administrator Guide                                                        218
Request and Install the certificate for the website in the normal manner. You should have
backed it up anyway, but if you have not then it is likely that the Certificate Manager also
needs setting up.

      Start -> Run mmc.exe
      Under the Console Menu choose Add/Remove Snap-in.
      Choose Add then Certificates (for Computer Account, Local Computer)
      Under the Console Menu choose Save As and save as "Certificates Manager".

Open up the Certificates Manager (it will have been placed into the administration tools
on your Start Menu)

Find the certificate you want to use (Look under Personal Certificates). Right click the
certificate and choose Export.

When asked, reply "Yes, export the private key". The correct export type is the "Personal
Information Exchange PKCS12" format.

Enter a password twice, then the name of the file to export to.

The Certificates Manager will now export the file to disk.

Using the openssl tool we can extract both the private key and the certificate from the
exported file:

Openssl pkcs12 -in <infile> -out cert.pem -nodes

You will need to enter the password to extract the keys.

This will create a file called cert.pem…….

Bag Attributes

1.3.6.1.4.1.311.17.2: <No Values>

localKeyID: 01 00 00 00

1.3.6.1.4.1.311.17.1: Microsoft RSA SChannel Cryptographic Provider

friendlyName: f0ab0ab6ba76154b8482652adfd0392e_c071ee15-fbd3-4bb8-b597-
cd153273f125

Key Attributes

X509v3 Key Usage: 10



VisNetic MailServer Administrator Guide                                                   219
-----BEGIN RSA PRIVATE KEY-----

MIIBOQIBAAJBAM+aEQRnZbhWjfRqsrSWh8UWlSIeeiWQCcKzaGnMaTbfsGfylATB

ILP4Z/JrIS8UyIxls+qjzp0ycTCEk2/JnqUCAwEAAQJAIWTZA+pV9HcH0p8vK9li

8ZMWXiyk3VH0H/uX+hzFd+vs/zQabi5yYfaxHR1+fwIJ4ktO769w0r+njtKbwORi

qQIhAP5y2+RGaC2JVemqPOIi+tibae8xqR5rN7aRW4MI5MKfAiEA0N4W48CoS7ID

5NAbUHiKNDgnmFsvnVitHEeWw61cvDsCIHR1xcdZol0VOslULcGjGQUDPR1JsYpG

sJ1TMntrGqkpAiBCm9Do6PPC0A511fgf/ZD1fkMCT3Ir16+9KQdnd83vKQIgEbZK

4UF+7O/eTtCRii427cAR00EaqAiKf6cl1v+9qYI=

-----END RSA PRIVATE KEY-----

Bag Attributes

localKeyID: 01 00 00 00

friendlyName: GPC Secure

subject=/C=GB/ST=Staffordshire/L=Lichfield/O=Global Performance Centre
Ltd/OU=Sales and Marketing/CN=secure.gpc1.com

issuer= /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting
cc/OU=Certification Services Division/CN=Thawte Server CA/Email=server-
certs@thawte.com

-----BEGIN CERTIFICATE-----

MIICuDCCAiGgAwIBAgIDB6cGMA0GCSqGSIb3DQEBBAUAMIHEMQswCQYDVQQGEwJa

QTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAb

BgNVBAoTFFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0

aW9uIFNlcnZpY2VzIERpdmlzaW9uMRkwFwYDVQQDExBUaGF3dGUgU2VydmVyIENB

MSYwJAYJKoZIhvcNAQkBFhdzZXJ2ZXItY2VydHNAdGhhd3RlLmNvbTAeFw0wMDEw

MzExMzU2MDBaFw0wMTExMTQxMzU2MDBaMIGZMQswCQYDVQQGEwJHQjEWMBQGA1UE

CBMNU3RhZmZvcmRzaGlyZTESMBAGA1UEBxMJTGljaGZpZWxkMSYwJAYDVQQKEx1H

bG9iYWwgUGVyZm9ybWFuY2UgQ2VudHJlIEx0ZDEcMBoGA1UECxMTU2FsZXMgYW5k

IE1hcmtldGluZzEYMBYGA1UEAxMPc2VjdXJlLmdwYzEuY29tMFwwDQYJKoZIhvcN


VisNetic MailServer Administrator Guide                                   220
AQEBBQADSwAwSAJBAM+aEQRnZbhWjfRqsrSWh8UWlSIeeiWQCcKzaGnMaTbfsGfy

lATBILP4Z/JrIS8UyIxls+qjzp0ycTCEk2/JnqUCAwEAAaMlMCMwEwYDVR0lBAww

CgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQAP4RW7

XzSg2Y8/rIN06RhS4WfQR/KYrhLaaf31oYIQ44WYF5r6ggxXGW6ZuWsuNXj9thC+

/rwtIMpJb3wZaFUAzGaqLyj45YlrlGRAwZgiwDUDpF6aAg2iMyprMn1pC9GIwlve

nPv///UgXHaASucvE0/pz70/v2CG++oAbP5Jgw==

-----END CERTIFICATE-----

All that is needed now is to remove the extra information from the file and you have the
required cert.pem for VisNetic MailServer.



18.2.3 Creating your own Certificate Conversion for IIS 5.0

1. Go into IIS - Secured Directory - Server Certificate and request a certificate for your
domain. This gives you c:\certreq.txt.

2. Go into mmc.exe and under REQUESTS export the request including private key as

PKCS12. Take off strong encryption. Enter a passphrase twice. This will create
c:\yourfile.pfx

3. Run openssl against yourfile.pfx:

openssl pkcs12 -info -in yourfile.pfx -nodes

This will give you your private key, cut n paste it into a new file priv.txt

openssl req -x509 -key priv.txt -in certreq.txt > cert.txt

4. Go back into IIS and finish off the cert request using cert.txt. Turn on port 443 for the
site...

18.3 If you cannot Send or Receive Email

This article provides the basics of how DNS works and how to check if is properly
configured to send and receive email from/to the Internet using your VisNetic
MailServer.

Introduction



VisNetic MailServer Administrator Guide                                                  221
Most all computers on the Internet communicate via the TCP/IP protocol. Each user
connected to the Internet has assigned the unique identification - IP (Internet Pointer)
address. But searching users based on IP addresses would be very hard (imagine
remember for each WWW site a 12 digit number...) and so the IP addresses are getting
assigned the symbolic names.

Type into your Browser: http://216.32.74.55/ and you will get to YAHOO!

The IP address 216.32.74.55 is translated to the WWW site WWW.YAHOO.COM.

This IP to symbolic name translations are done by DNS servers.

DNS server is an abbreviation for Domain Name System server. Basically all host names
on the Internet are converted to IP addresses by querying the DNS. DNS has many
purposes. The most important one is that without a properly configured DNS server your
Internet connection cannot work because you do not know the real IP addresses of the
desired servers. DNS runs on a UDP protocol port 53. If you want to be able SEND and
RECEIVE email from your server you must have properly configured DNS.

If you installed VisNetic MailServer on your office LAN – and it works – and you are not able
to receive mails from the Internet, it is almost always problem with incorrectly configured DNS
server or your firewall.

What to do, if you have problems RECEIVING mails from the Internet

There are several record types on DNS. With regards to email the two most important
are: A and MX records.

A (Address) records convert a host names into IP addresses.

Example:

www.deerfield.com.com A 207.89.233.203

MX records are mail exchange records.

They are used for delivery of email to its destination mail sever. Basically email
addresses are constructed by an alias and a domain: alias@domain. Example:
info@deerfield.com. Each domain should have at least 1 MX record.

If there is none MX record for domain - mail delivery will not work. (There are some
issues when it might work but generally all domains should have MX records.) Usually
there is only 1 MX record for a domain.

Each MX record for a domain has a preference number and a host name of the server to
deliver messages to. When there are more MX records for a domain the lowest preference


VisNetic MailServer Administrator Guide                                                222
number has the highest priority and should be tried first to deliver the message to. If that
does not work a lower priority should be tried. Usually there is only 1 MX record for a
domain.

Example: deerfield.com MX mail.deerfield.com 10

The above is an MX record for the domain deerfield.com with a preference 10.

How to check, that your DNS is configured correctly for RECEIVING from the
Internet

You really do not need to be a computer GURU for that. There is a tool called DNS
Query Tool, which is a utility included in VisNetic MailServer. The utility is available in
the Deerfield.com/VisNetic MailServer program group.

Let’s assume that your domain name is: vmsdemo.com and you want to receive mail for
users of this domain. This domain you already established in the VisNetic MailServer and
your Account folder looks like that:




Then check the System setting. If everything is O.K, all three services of VisNetic
MailServer are running (see 3 green lights in the middle of the screen) and you have
checked DNS Query Lookup. Notice, that DNS field contains values: ns1.dn.net;
ns2.dn.net




VisNetic MailServer Administrator Guide                                                  223
You do not need to change these values to your ISP DNS names. All DNS servers are
replicated. VisNetic MailServer will work with ANY DNS server.

The Mail Server Hostname can be anything, it is just identification of your server when
is speaking with the other servers.

Now we can finally start testing, to see if our DNS server is configured correctly. We
need to check three items:

   1. DNS server is working
   2. Find if there is a MX Record for your domain and where points
   3. Find if the IP address where the MX Record points can be reached from the
      Internet

1. DNS server is working.

Run DNS Query Tool and type in the DNS server name or IP address you want to
approve. The good idea is to test the same DNS server as is in your System configuration.
If everything is O.K., you can read a message in the left corner of the DNS Query Tool:
DNS Server Response 0 " OK




VisNetic MailServer Administrator Guide                                                  224
2. Find if there is MX Record for your domain and where points.

We are checking domain vmsdemo.com. Put the domain name as a Query and select type
Mail Exchange (MX). You would see that MX record for domain vmsdemo.com points
to the symbolic name: mail.vmsdemo.com. All we need to find is, whether IP address of
the computer, where is installed VisNetic MailServer is the same as an IP address for
symbolic name mail.vmsdemo.com.

3. Find if the IP address where MX Record points can be reached from the Internet.

DNS servers are primarily maintained by your ISP. You should make sure they setup
your DNS records correctly. If you need proper DNS records for your mail server you
should do this:

Find out the IP of your mail server machine

Require an A DNS record such as: mail.yourdomain.com to point to that IP

Require an MX DNS record for your domain to point to mail.yourdomain.com with some
preference (10).

Put in as a query the symbolic name from previous test (mail.vmsdemo.com) and select
Type Host Address (A). The resulting screen should point to some IP address. This is IP
address, where your VisNetic MailServer is supposed to be installed.

And last, final test, is to find that your VisNetic MailServer is running at this IP address.
The computer GURUs will use probably TELNET, but there is more simple ways to
determine this. Each VMS can be remotely configured via TCP/IP. If your VMS
Control/HTTP service is running open your browser and type in:

http://your IP address:32000 e.g. http://194.108.176.130:32000

It will bring you to the WEB Log-On screen of the VisNetic MailServer.

That is really all you need for your mail server to receive messages from the Internet. In
VisNetic MailServer there is a special tool that you can use to verify your DNS records.
The is the DNS Query tool. Run that tool. The DNS field should contain a proper
working DNS server IP or host name. Query should contain the value you want to query.
Type, select the DNS record type. Now verify all your DNS records. For deerfield.com it
would be:

Query:deerfield.com, Type: MX, Result = mail.deerfield.com

Query: mail.deerfield.com, Type: A, Result = {some IP address}




VisNetic MailServer Administrator Guide                                                   225
If your queries do not work either your specified DNS server is not working properly or
your DNS records are not configured right. You should call your ISP on the phone and
ask them for their DNS server IP address and tell them to verify your records.

What to do, it you have problems SENDING mails to the Internet

Receiving messages should be fine by now.

Sometimes there might be problems with sending messages. They might get stuck in the
Outgoing queue. - it is the VisNetic MailServer\Mail\Forward\Retry\ directory.

99% of the time it is a DNS server problem.

Not a DNS record problem but your DNS specification in the VMS configuration
program the system section DNS field. Try to specify another DNS server there
(assuming you are using DNS Lookup option). If it still does not work switch on
VisNetic MailServer SMTP logging and analyze the logs. This LOG can be accessed
locally or by using WEB based access. Select Debug and Summary Logging for the
SMTP and send some messages if you want to analyze the content of your SMTP LOG
file.

Click the Open Log Directory and locate latest SMTP Log File (starts with the s followed
by date).

Look for Client Session records and MX queries. It should look like this:

Client session MX - Issuing query 194.213.224.2 for "vmsdemo.com"

The line above tells there is going to be a query to the DNS server 194.213.224.2 for the
domain vmsdemo.com

The most important record is the following line:

Client session MX - Query response: 0 (1)

That line means DNS server responded with 0 (OK) and returned 1 result. If you have a
different line such as Could not connect. Your DNS server is not working and you should
use a different one. If your line looks like this:

Client session MX - Query response: 0 (0)

It is the same problem as above. Use a different DNS server.

Final lines of interest:

Client session Connecting to "mail.vmsdemo.com"


VisNetic MailServer Administrator Guide                                               226
Client session Connected

The result of the DNS query returned host mail.vmsdemo.com and VMS is trying to
connect to it. It was successful. Sometimes you might get Could not connect. That means
the remote server is either down or your machine cannot connect to it for some reason
(firewall or incorrectly set up Internet connection etc.).

Try using this from the command line:

telnet mail.vmsdemo.com 25

If that works all your Internet settings are correct.

18.4 Variables
The Variables can be used in the Content Filters, Executable Accounts, Header/Footer
Files, Expiration notification mail, etc.
%%From%% - From field
%%From_Alias%%
%%From_Domain%%
%%From_Name%%
%%To%% - To field
%%To_Alias%%
%%To_Domain%%
%%To_Name%%
%%Sender%%
%%Sender_Alias%%
%%Sender_Domain%%
%%Recipient%%
%%Recipient_Alias%%
%%Recipient_Domain%%
%%Subject%% - Subject of the message
%%Header%% - The whole Header
%%Body%% - The text part of the message body
%%Message-ID%% - Message ID
%%Size%% - Size of the message
%%Date%% - Date of the message received
%%Time%% - Time of the message received


VisNetic MailServer Administrator Guide                                                227
%%IP%% - IP of the remote server
%%Header HeaderItem%%
Any header item from the message. eg: %%Header Cc%%
%%Include FileName%%




VisNetic MailServer Administrator Guide               228
Appendix A


Technical Support


Technical Support Options

Technical Support for VisNetic MailServer is offered on several different levels. Please
review the support options and select whichever is appropriate for your needs.

http://www.deerfield.com/support/VisNetic_MailServer


Reseller Purchase
Users who purchased VisNetic MailServer from an Official Deerfield.com Reseller will
be referred back to them for support. For information about Official Deerfield.com
Resellers, or to locate a reseller near you visit:

http://www.deerfield.com/corporate/resellers/

Sales and Reseller Inquiries
Sales questions (of a non-technical nature) relative to VisNetic MailServer software
should be directed to sales@deerfield.com. Alternatively, you can call Deerfield.com at
(989) 732-8856.




VisNetic MailServer Administrator Guide                                               229

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:155
posted:1/8/2012
language:Latin
pages:229
jianghongl jianghongl http://
About