Configuring Email for a New Domain
Introduction
This document gives instructions for Ourshack members on configuring email for a new domain hosted at Ourshack.
The job splits into 4 parts:
- Set up the DNS
- Register the domain
- Configure the domain in the mail system
- Create accounts in the domain
DNS
The first two stages are covered on the DNS page and can be done in parallel with the rest of the work. Note that if mail is to be hosted at Ourshack the domain should have it's lowest-numbered (or only) MX record set to
smtp.ourshack.com
For most purposes, a single MX record is best:
@ MX 10 smtp.ourshack.com.
NOTE THE TRAILING DOT: it is essential!
Secondary MX
DNS provides a facility to nominate a backup (secondary) mail exchanger host. We recommend that you do not do this: mail hosts run by other people cannot know the complete set of valid addresses for your domain, and they are very unlikely to apply the same anti-spam rules that we do. This gives the spammers an excellent back-door to bypass our defences.
Configuration
Mail domains and accounts are configured using VDM (Virtual Domain Manager) which is a web application. VDM uses HTTPS so you should install the Ourshack Master CA certificate in your browser to avoid complaints about invalid site certs: http://www.ourshack.com/x509/ourshack-ca.crt
VDM is here:
You will need a username and password to access VDM. Any username already registered for IMAP/POP mail access can be used to inspect the data, but to modify it you need the admin username and password. Contact Gaffer or Andrew Findlay for this information if you need it. Mail system config data is now stored in an LDAP database so there are no text files to edit and all changes should be made through VDM.
Creating a domain in VDM
- Start your web browser and connect to VDM
- Login with the admin username and password
- Click on Create new domain
- Fill in the domain name and the name of the organisation it represents, and provide contact details for whoever will be managing it. In most cases you should leave the Substitute domain field blank (this is only used where there are a group of similar domains that should all share the same mail config).
- Click Submit changes
- Check that your domain was created correctly by using the Search for domain box on the VDM homepage. Click on the domain name to go to the main page for your new domain.
Creating mail accounts in VDM
- Connect to VDM and login as above.
- Decide whether the account should be a Person or Role account. The only significant difference is that a Person account requires a surname to be entered, so use these for real people and roles for everything else.
- Click on the appropriate Create link.
- See the VDM help page on creating new accounts for details of which boxes to fill in. Some common recipies are included on that page and one or two are shown here for reference:
| Field | Example value |
|---|---|
| Name | John Smith |
| Surname | Smith |
| Advertised mail address | j.smith@example.org |
| User ID | corp271 |
| New Password | m6cJ<h2Z& |
| Left-hand side of mail address | j.smith |
| Mail routed to |
| Field | Example value |
|---|---|
| Name | Postmaster |
| Advertised mail address | postmaster@example.org |
| User ID | |
| New Password | |
| Left-hand side of mail address | postmaster |
| Mail routed to | j.smith@example.org |
More information on VDM
VDM has its own help pages giving more detail on how to use it. See in particular the pages on creating new domains and creating new accounts
Components
We use Exim as our Mail Transfer Agent (MTA). According to the Exim home page at http://www.exim.org/:
"Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more extensive, and in particular it has some defences against mail bombs and unsolicited junk mail in the form of options for refusing messages from particular hosts, networks, or senders. It can be installed in place of sendmail, although the configuration of exim is quite different to that of sendmail."
Data on hosted domains and accounts is held in an LDAP database, using the OpenLDAP slapd server
Mail for IMAP and POP users is stored in a Cyrus mailstore.
The VDM domain manager was written by Andrew Findlay. It runs under Apache (currently as a CGI script, though it was originally intended to use mod_perl).
$Id: email.html,v 1.7 2009/07/07 19:58:59 shackweb Exp $