Planning Your Installation

---

If you have a working knowledge of Windows-based applications and operating systems, you will find that installing IMail Server is as quick and easy as installing some of our other popular software products. However, we recommend that you plan the installation to ensure an IMail Server configuration that works for your organization.

This section describes what you need to know about the primary host (the system on which you install IMail Server) and what decisions you need to make before running the installation.

Step 1: What Do You Need?

To get the best performance and the ability to expand your mail service, we recommend that you designate a computer to function as your email server and that you do not run other servers on the computer.

System Requirements

• An Intel Pentium III 500 MHz or higher (multiple processors recommended for high mail traffic rates).
• 256 MB RAM minimum.
• Microsoft Windows 2000 Server, Windows 2003 Server, or Windows XP (with Standard AntiVirus version only) .
• For best performance we recommend that the updated server versions of the operating systems be employed. Additionally, NTFS (rather than FAT) file system is recommended for increased operability and security.
• Network interface card installed and configured to use Microsoft's TCP/IP for the Windows operating system OR a dial-up TCP/IP connection.
• A full-time or dial-up connection to the Internet.
• Modem (optional, but required for mail-to-pager, mail-to-fax, and notifications).
• A static IP address.

Hardware Environment

IMail Server runs properly on the minimum hardware requirements recommended by the installed operating system. Performance and capacity increases are based on processor speed, RAM, and drive space. As with all server applications, it is recommended that you install IMail Server on the fastest and most powerful server that your budget allows.

Step 2: Create DNS Entries for Your Mail Server

Determine the Domain Name System (DNS) settings required for the system on which you will install IMail Server. Before you create DNS entries, plan the following for your Windows TCP/IP settings:

• Primary Host. The primary host is the system on which you install IMail Server.
• Host Name (of Primary Host). The host name for your email server, for example,
  imailbox.
• IP Address (of Primary Host). The IP Address is a numerical address for the email server host (i.e. 156.21.50.15).
• Domain Name. The domain name identifies the network that the host is on
  (for example, domain.com).

To identify your mail host in the DNS, use the Host Name plus the Domain name. For example, imailbox.domain.com. This is also known as the Fully Qualified Domain Name (FQDN).

To get the DNS information on a Windows 2000 system, click the System icon in the Control Panel, select the Network Identification tab, then click Properties. The Identification Changes dialog box shows the domain information.

To get the DNS information on a Windows 2003 or Windows XP system, click the System icon in the Control Panel, click Network Connections > Local Area Connections > Properties. Select Internet Protocol (TCP/IP) from the list, then click Properties > Advanced > DNS tab.

The Host Name and Domain must be registered in the DNS (Domain Name System) in order for your remote hosts (not on your local network) to communicate with your system.

To properly send and receive email, add the following records to your DNS server. If an Internet Service Provider (ISP) is hosting your DNS server, contact your ISP to have the appropriate records added to the DNS server.

• MX Records. A Mail eXchanger (MX) record is used to identify the computer that processes mail for a domain. If you plan to host multiple domains, you'll need an MX record for each domain. The MX record points to the (fully qualified) host name of the IMail Server (the Primary Host). For example: domain.com IN MX 10 imailbox.domain.com
• A Records. Create an Address (A) record for the IMail Server that has the IP address of the IMail Server (the Primary Host). Ex: imailbox.domain.com IN A 156.21.50.15
• PTR Records. Create an A pointer (PTR) record for reverse lookups. You need a PTR record that resolves the IP address of your IMail Server (the Primary Host) to the Official Host Name of your IMail domain. Ex: 156.21.50.15 in-addr.arpa. host=imailbox.domain.com.
• SPF Records. SPF record lets other email servers use SPF filtering (if the feature is available on the mail server) to protect against incoming email from forged (spoofed) email addresses that may be associated with your mail server. As SPF records are implemented more widely, SPF filtering will become more effective at identifying spoofed email messages. For more information about SPF records, see the IMail User Guide.

For more information about setting up the DNS entries, see:

• A primer with examples in "Mail Servers and DNS".
• DNS tutorials on the IMail\ICS Support Center at:

  /Support/IMail/dns.html

• Our Knowledge Base on the IMail\ICS Support Center at:

  /Support/ICS/index.asp.

  Note: You can use Ipswitch WS_Ping ProPack to look up DNS information. For more information about looking up DNS information using WS_Ping ProPack, see "Step 1: Confirm your DNS Settings".

Step 3: Choose the Type of User Database

Identify the database used by the Primary Host to register and authenticate users. The Primary Host can use one of the following databases for registration and authentication: (Registration is the process by which user mail accounts are created. Authentication is the process by which user IDs and passwords are verified.)

• IMail Database. All user IDs and passwords for mail accounts are stored separately, from either the Windows NT or Windows 2000 user database or any external database, in a proprietary database in the Windows registry.

You can also import Windows NT or Windows 2000 users into an IMail user database without having them linked to the Windows NT or Windows 2000 user database. For details on importing Windows NT or 2000 users, refer to the IMail Server User Guide "Importing NT Users" section in Chapter 4.

• Windows NT Database. This database provides automatic creation of user mail accounts for any user listed in the Windows NT or Windows 2000 user database on your host machine.

Please note that the Primary Mail Host needs access to the Windows NT or 2000 user database for your network.

To view a current list of users, add users, or delete users in your Windows NT or 2000 user database, use the appropriate administrative tool as described in your Windows documentation (Windows NT and Windows 2000 use different tools). You cannot view, add, or delete users with IMail Administrator.

A mailbox and other user files are created for a user when the mail server receives a message for that user or when a user first accesses the IMail Server through a mail client.

• External Database. IMail Server can use an external database to register and authenticate users. This option lets you specify an existing ODBC-compliant user database and lets you add and delete users either from the IMail Administrator or the external database. IMail Server supports Microsoft SQL Server or Microsoft Access.

If you use an external database, make sure you have set up the database connection in the Windows ODBC Data Source Administrator. Before you start the IMail Server installation, you will need the ODBC System DSN name for the database and the User ID and password for logging on to the database.

Notes: If you want to use a different ODBC database, you can modify IMail Server's ODBCUser.dll file to support it. For more information, read the ODBC topics in our Knowledge Base at: http://support.ipswitch.com/kb To display the topics, enter ODBC in the Search for box, select IMail Server from the product list, then click Search.

Step 4: What E-Mail Services Do You Want to Provide?

In addition to the basic SMTP service, identify the other services you would like your email server to provide. For example:

• Service Monitoring (IMail Monitor Service) lets the mail administrator monitor the status of all IMail Services (SMTP, POP3, IMAP, Web Messaging).
• Web Messaging lets users read mail from the server and send mail using a web browser.
• POP3 service lets users retrieve mail and send mail using clients like Qualcomm Eudora and Microsoft Outlook. With POP3, user mail is usually stored on the user's PC.
• IMAP4 service lets users read mail from the server and send mail using clients like Qualcomm Eudora and Microsoft Outlook. With IMAP4, mail is usually stored on the mail server.
• LDAP service uses a client/server architecture to publish user information (called "attributes") on the server and provide access to the information from LDAP-enabled clients.

  Note: You can specify these services and other services during the installation.

Step 5: Determine Security Levels and Access Control

Identify the levels of security and access control needed to ensure the integrity of your mail server. IMail Server provides several ways to secure your email server; for example:

SMTP Mail Relay options

Mail relay occurs when IMail Server (or any SMTP server) accepts mail destined for another host and redelivers it to that host. A message that originates on a computer other than the IMail Server host and destined for another host must pass through the IMail Server (i.e., IMail Server must relay the message). If your users use a POP3 or IMAP mail client to send mail, then IMail Server needs to relay mail for them. IMail Server allows for the following mail relay options (listed in order from most secure to least secure):

• No mail relay
• Relay mail for (Addresses)
• Relay mail for local hosts only
• Relay mail for local users only
• Relay mail for anyone

Local mail (destined for the IMail Server host or originating from the IMail Server host) does not use the relay function.

Note: During installation, you can select from four options: Relay for select addresses, No mail relay, Relay mail for anyone, and when upgrading: Do not change my existing local mail relay settings. After installation, you can change the relay setting in the SMTP Security tab in IMail Administrator.

• No mail relay (recommended)

  The SMTP server will not accept mail destined for other hosts (any host not on the IMail Server machine). If all of your users send and receive mail from the same host that IMail Server is on or if they use Web Messaging to access mail, you can select this option. If you select this option, make sure all mail clients are set up to SMTP Authenticate; otherwise, the client cannot send mail to non-local email addresses.

• Relay mail for anyone (not recommended)

  The SMTP server accepts mail from any host that is destined for any other host, and redeliver that mail (i.e. become a mail gateway). This option is the least secure because it allows your server to be used by anyone to send mail to anyone. Some bulk mailers may take advantage of this capability to not only relay mail through your server, but to make it appear as if mail is originating from your server.

  If you select this option your server may be blacklisted for running an open relay. To prevent this you should select Relay mail for (Addresses).

• There are several other mail relay options available after installation including Relay mail for (Addresses), Relay for local hosts only, and Relay for local users only.

  No mail relay is the best option if you are unable to use Relay mail for (Addresses) because your users dial up using dynamic IP addresses.

For more information on Mail Relay options and other security features, see the IMail Server User Guide.

SMTP Authentication

SMTP Authentication lets you verify each user who attempts to send mail through your mail server. SMTP Authentication is always enabled on the IMail Server. Users need to set their mail clients to do an SMTP login; for example, in Microsoft Outlook, select the option My outgoing mail server requires authentication.

SMTP Authentication is used in the following cases:

• If you use the No mail relay option for SMTP relay.
• If you use the Relay mail for (Addresses) option, SMTP Authentication enables users who send from IP addresses that you do not list; for example, users who are travelling and do not have a static IP address.

Secure Sockets Layer (SSL)

SSL provides user authentication and encryption Web Messaging and Web Calendaring communications and provides network traffic encryption and decryption for POP3, IMAP4, and SMTP protocols. You can also use the SSL Configuration Utility to create private keys and certificates to use during SSL connection negotiations.

For information about using the SSL Configuration Utility, in IMail Administrator, click Tools > Launch SSL Configuration Utility > Help.

Step 6: One Mail Host or Multiple Hosts?

You can have multiple hosts on one IMail Server system, with each host handling the mail for a single domain. This feature lets you provide separate mail services for separate organizations. Hosts can be added to the IMail Server after you have completed the installation of the primary host.

For information about setting up additional hosts and information about other advanced configuration options, see the IMail Server User Guide.

Ipswitch, Inc. http://www.ipswitch.com

©Ipswitch 2005