Administrator's Guide - Kerio Software Archive
Administrator's Guide - Kerio Software Archive Administrator's Guide - Kerio Software Archive
Chapter 15Sending and Receiving Mail15.1 Mail Delivery over the InternetUnderstanding the basic principles of mail delivery over the Internet will help you correctlyset your mailserver. This chapter gives a brief overview of the most important information onthis topic. Experienced network administrators can skip this chapter. JMX RecordsAppropriate records must be entered into the DNS (DNS is a world-wide distributed databaseof domain names) for each Internet domain. One of these records is called a MX record (MaileXchanger or the mailserver). An MX record for the domain company.com might look like this:company.com MX 10 mail.company.comMX 20 smtp.provider.commail.company.com A 215.75.128.33smtp.provider.com A 215.75.128.1These records indicate that the mailserver with a preference of 10 is a computernamed mail.company.com and the server with a preference of 20 is a computer namedsmtp.isp.com. Preference means value of the server. The lower the preference the higherthe priority of that server — this implies that the server mail.company.com is the highestpriority mail server for the domain company.com and the server smtp.isp.com is the secondhighest priority mail server for the domain. Arbitrary number of MX records can be definedfor the given domain. If two or more records have the same priority, then one of these serversis chosen randomly (load balancing).The other two records are A type (Address). These tell us which IP address is assigned toa given computer (a MX record can only be assigned to a DNS name, but not an IP address).Email DeliveryHow does an email travel from the sender to the addressee?The sender’s mail client sends the email to its SMTP server. The server checks the recipient’saddress and if the domain contained within the address is qualified as local the email is saveddirectly into the appropriate mailbox. If the domain is not local, the SMTP server finds thename of the primary mailserver (SMTP) for the target domain from the DNS (by sending a DNSrequest) and sends the email to this server. This saves it to a mailbox from which the recipientdownloads it using his/her email client.136
15.1 Mail Delivery over the InternetIf the primary mailserver for the target domain is not accessible, the sending SMTP server triesto contact the secondary server (the server with the next priority) and send the email there. Ifno server listed in the MX record for the target domain is accessible the SMTP server will try tosend the mail again repeatedly in defined intervals. If it does not succeed after a certain timethe email is returned to the sender as undeliverable.If, for example, only the secondary server is accessible the email is sent to this secondaryserver. In principle, any SMTP server can function as a secondary (tertiary, etc.) server fora domain.Sending Email via a Different SMTP Server (Relaying)There is also another way email can be delivered to addressees. The client sends the emailmessage to its SMTP server. This server forwards it to another SMTP server which delivers itto the target domain as described above. This method of delivering email is known as relaying(passing to the relay server).The advantage of this relaying is that sending email is an on-off action. Furthermore, emailcan be placed in a queue and sent in defined time intervals. The sending SMTP server doesnot need to ask the DNS about the target domains’ mailservers or try to send the email againif the target servers are inaccessible. This is important mainly for slow or dial-up Internetconnections and it can significantly decrease costs of such connections.Most SMTP servers on the Internet are protected against relaying to prevent misuse of serversfor sending spam email. If you wish to send email via a different SMTP server, you shouldcontact the server’s administrator and ask them that relaying be enabled for you (usuallybased on checking your IP address or using username/password authentication).ETRN CommandETRN is a command of SMTP protocol. It serves for requesting emails stored on another SMTPserver. Typically, it is used in the following situations:1. The client has its own domain (e.g. company.com) and his server is connected to theInternet via a dial-up line. Dial-up must have a fixed IP address. The primary MX recordfor the domain company.com is directed to the ISP’s SMTP server (e.g. smtp.isp.com).When it is connected to the Internet, the client’s SMTP server sends an ETRN commandthat informs that it is online and ready to receive mail. If the primary server has someemails for the given domain, then it sends them. If not, it can send a negative responseor it need not reply at all. That’s why the client’s server must have the timeout to specifyhow long it will wait for the response from the primary server.Note: The primary server will create a new connection to the client’s server after the ETRNcommand reception. This connection is used for mail transmission. If the client’s serveris protected by firewall, TCP port 25 must be accessible (open) to the Internet.2. Let’s suppose that the domain company.com has a primary server smtp.company.com anda secondary server smtp2.company.com. Both servers are permanently connected to the137
- Page 85 and 86: 10.1 Kerio MailServer CertificateFi
- Page 87 and 88: 10.1 Kerio MailServer Certificate
- Page 89 and 90: 10.2 Install certificates on client
- Page 91 and 92: 10.2 Install certificates on client
- Page 93 and 94: 10.2 Install certificates on client
- Page 95 and 96: 11.3 LanguageIf there is one of the
- Page 97 and 98: 11.3 LanguageFigure 11.1Dictionary
- Page 99 and 100: 12.2 Time IntervalsClick on Add to
- Page 101 and 102: 12.3 Setting Remote AdministrationF
- Page 103 and 104: 10312.3 Setting Remote Administrati
- Page 105 and 106: 13.2 Creating a user accountWarning
- Page 107 and 108: 13.2 Creating a user accountFigure
- Page 109 and 110: 13.2 Creating a user accountStore p
- Page 111 and 112: 13.2 Creating a user accountNote: T
- Page 113 and 114: 13.2 Creating a user accountFigure
- Page 115 and 116: 13.3 Editing User AccountNote: When
- Page 117 and 118: 13.5 Removing user accountsKerio Ma
- Page 119 and 120: 13.9 Administration of mobile devic
- Page 121 and 122: 13.9 Administration of mobile devic
- Page 123 and 124: 13.10 Import Users• MailAddress
- Page 125 and 126: 13.10 Import UsersFor detailed info
- Page 127 and 128: 13.10 Import UsersFigure 13.24Impor
- Page 129 and 130: 13.12 User Account TemplatesNote: C
- Page 131 and 132: Chapter 14User groupsUser accounts
- Page 133 and 134: 14.1 Creating a User GroupGroup add
- Page 135: 14.1 Creating a User GroupPublish t
- Page 139 and 140: 15.1 Mail Delivery over the Interne
- Page 141 and 142: 15.2 SMTP serverinterface originall
- Page 143 and 144: 15.2 SMTP serverAuthentication by I
- Page 145 and 146: 15.2 SMTP serverLimit maximum incom
- Page 147 and 148: 15.3 AliasesMaximum number of deliv
- Page 149 and 150: 15.3 AliasesCharacter typea-zA-ZDes
- Page 151 and 152: 15.4 remote POP3 mailboxesFigure 15
- Page 153 and 154: 15.4 remote POP3 mailboxesthe messa
- Page 155 and 156: 15.4 remote POP3 mailboxesFigure 15
- Page 157 and 158: 15.6 Advanced OptionsDescriptionA c
- Page 159 and 160: 15.6 Advanced Optionsnot have to wo
- Page 161 and 162: 15.6 Advanced OptionsPLAIN authenti
- Page 163 and 164: 15.6 Advanced OptionsWatchdog Hard
- Page 165 and 166: 15.6 Advanced OptionsFigure 15.22HT
- Page 167 and 168: 15.6 Advanced Optionsstartup of the
- Page 169 and 170: 15.6 Advanced OptionsKerio WebMail
- Page 171 and 172: 16.1 Spam Rating tab16.1 Spam Ratin
- Page 173 and 174: 16.2 Blacklists tabtration Console
- Page 175 and 176: 16.2 Blacklists tabInternet databas
- Page 177 and 178: 16.3 Custom RulesSORBSSpam and Open
- Page 179 and 180: 16.3 Custom RulesUse the Add button
- Page 181 and 182: 16.3 Custom RulesTypeType of condit
- Page 183 and 184: 16.4 SpamAssassinFigure 16.7SpamAss
- Page 185 and 186: 16.5 Email policy records checksend
15.1 Mail Delivery over the InternetIf the primary mailserver for the target domain is not accessible, the sending SMTP server triesto contact the secondary server (the server with the next priority) and send the email there. Ifno server listed in the MX record for the target domain is accessible the SMTP server will try tosend the mail again repeatedly in defined intervals. If it does not succeed after a certain timethe email is returned to the sender as undeliverable.If, for example, only the secondary server is accessible the email is sent to this secondaryserver. In principle, any SMTP server can function as a secondary (tertiary, etc.) server fora domain.Sending Email via a Different SMTP Server (Relaying)There is also another way email can be delivered to addressees. The client sends the emailmessage to its SMTP server. This server forwards it to another SMTP server which delivers itto the target domain as described above. This method of delivering email is known as relaying(passing to the relay server).The advantage of this relaying is that sending email is an on-off action. Furthermore, emailcan be placed in a queue and sent in defined time intervals. The sending SMTP server doesnot need to ask the DNS about the target domains’ mailservers or try to send the email againif the target servers are inaccessible. This is important mainly for slow or dial-up Internetconnections and it can significantly decrease costs of such connections.Most SMTP servers on the Internet are protected against relaying to prevent misuse of serversfor sending spam email. If you wish to send email via a different SMTP server, you shouldcontact the server’s administrator and ask them that relaying be enabled for you (usuallybased on checking your IP address or using username/password authentication).ETRN CommandETRN is a command of SMTP protocol. It serves for requesting emails stored on another SMTPserver. Typically, it is used in the following situations:1. The client has its own domain (e.g. company.com) and his server is connected to theInternet via a dial-up line. Dial-up must have a fixed IP address. The primary MX recordfor the domain company.com is directed to the ISP’s SMTP server (e.g. smtp.isp.com).When it is connected to the Internet, the client’s SMTP server sends an ETRN commandthat informs that it is online and ready to receive mail. If the primary server has someemails for the given domain, then it sends them. If not, it can send a negative responseor it need not reply at all. That’s why the client’s server must have the timeout to specifyhow long it will wait for the response from the primary server.Note: The primary server will create a new connection to the client’s server after the ETRNcommand reception. This connection is used for mail transmission. If the client’s serveris protected by firewall, TCP port 25 must be accessible (open) to the Internet.2. Let’s suppose that the domain company.com has a primary server smtp.company.com anda secondary server smtp2.company.com. Both servers are permanently connected to the137