This tutorial quickly explains how to setup the Apple Mail Service on Snow Leopard Server version 10.6.3. It also steps through the process of connecting to your mail server from a Wiki Site, Apple client computer and the iPod touch.
This tutorial quickly explains how to setup the Apple Mail Service on Snow Leopard Server version 10.6.3. It also steps through the process of connecting to your mail server from a Wiki Site, Apple client computer and the iPod touch.
This tutorial quickly explains how to setup the Apple Mail Service on Snow Leopard Server version 10.6.3. It also steps through the process of connecting to your mail server from a Wiki Site, Apple client computer and the iPod touch.
This tutorial quickly explains how to setup the Apple Mail Service on Snow Leopard Server version 10.6.3. In addition it steps through the process of connecting to your mail server from a Wiki Site, Apple client computer and the iPod Touch.
Dwayne D. Trouille 4/22/2010
2
Table of Contents Pre-Installation information. 3 Enable Mail Server Service 4 Configure Mail Server S 4 Enable Mail Access for Open Directory Users 9 M M A SACL 10 Enable the Mail Link on a Wiki Site. 11 A M C C 12 1 M C 15 8 17
3
Pre-Installation information Host and Domain Name: Before you begin to setup a mail server some processes must have already been considered and completed. The most import is to ensure you have a properly configured DNS mail exchange (MX), record for your server; otherwise email sent to and from your server may not make it to its destination. This will also require that you decide on and establish a host domain name for your email server. Required TCP Ports: If the server is located behind a firewall or within a NAT environment, you will need to open the appropriate ports and possibly forward public addressed email traffic to your private address. While this will not be covered in this tutorial, the ports required for proper email transmitting and receiving are: TCP 110 (POP), 25 (SMTP), and 143 (IMAP). x Mail Exchange (MX) Record is the Fully Qualified Domain Name (FQDN), of your server to the public and/or the private network. x Post Office Protocol (POP), is the protocol used for downloading messages from your email server to the client application. POP is a simple protocol with limited capabilities and security. x Internet Message Access Protocol (IMAP), is another protocol used for downloading messages but has more robust capabilities and a wider range of authentication options than POP; however IMAP requires the use of more server resources than POP. x Simple Mail Transfer Protocol (SMTP), is used for sending messages to email servers either from the client or from other email servers. The SMTP service on Snow Leopard is handled by the Postfix Daemon. Authentication: x Kerberos v5 Provides secure authentication through the use of cytological algorithms. x CRAM-MD5 - Challenge Response Authentication Mechanism is used for authentication security. Secure Access: If you intend on setting up secure access to your email using SSL, you will need to purchase a signed certificate using the same hostname information to be used for your server. Active Directory Integration: Allowing Active Directory users mail access on your server may be a challenging process. One such process is explained in this tutorial on page 9, but it does not seem to be a guarantee that Active Directory users can be given email access. Other methods for making the email service allow AD users access include extending the Active Directory schema which is typically not recommended. So, if you wish to have AD integration this tutorial will not be of much assistance. Clarification: This tutorial is geared to get a mail server up and running quickly; therefore the hope is once your server is running, you will test various configurations and security options using the Mail Service Settings. 4
Enable Mail Server Service On the Apple server, launch Server Admin, select your local server, choose settings > Services, place a check in the Mail service check box and click Save. This will cause the mail service to load but will not start.
Configure Mail Server Service 1. Select the Mail service from the services list, select Overview, and then click Configure Mail Service to start the setup wizard. Using the Configure Mail Service wizard is not required but may be easier for some administrators.
5
2. Select Continue when the introduction page displays.
3. Choose the services you wish to enable such as POP, IMAP and SMTP. In the Domain name field enter the local domain name and in the Host name enter the public internet domain name if one has been assigned. It does not seem to matter if you set the Domain name to your public or private domain name. If you are not sure about what services to enable, just go with the default option of all checked and you may disable any you find are not going to be used later. If you already have an SMTP server in place you may choose the Relay outgoing mail through host and supply your SMTP host server URL or IP Address. If choosing this option you will need to uncheck the Enable SMTP box so the Apple server does not attempt to process SMTP traffic.
6
4. Assigning filters is fine, however, you may find it better to disable these until you have worked out all the bugs in your setup and ensured your email service is working properly. Keep in mind these filters will slow the delivery of email. My recommendation is to disable or uncheck these for now and enable them later under the email service settings.
5. The security required for email authentication through an Apple Server Wiki Site is CRAM-MD5. At this time it is easier and my recommendation to just leave the default settings in place and test the other security options later.
7
6. The mail store location may be modified if you wish to place email on a separate volume due to space restraints. If the defaults are acceptable just click continue.
7. The confirm Setup screen provides a summary of your choices. Ensure the choices are correct and if so, click continue to finish the configuration.
8
8. Once completed the following screen will display. Click the Close button and you should see the Mail Service is now running.
9. As stated in the previous step the mail service should be running but if not, go ahead and start your mail service.
10. Further modifications to the email service configuration may be made by choosing settings and any of the options found on that screen. A be General and Advanced.
9
Enable Mail Access for Open Directory Users
The C u 1 manage what users may have an email account is really as simple as going to Workgroup manager, creating a user account and enabling mail. See below for a better explanation: 1. On the server open the Workgroup Manager. 2. Authenticate to Open Directory, select users, click New, and in the basic screen provide the username and password information.
3. Select the Mail tab, enable mail for this user, provide the mail server name, quota, and determine if the user may connect using POP, IMAP or both. Remember to save your settings.
The user may now connect to the Apple email server; however, all other accounts that do not have mail enabled will not be allowed to connect with your Apple email server. Fortunately, there is a way to override this setting by using the Services Access Control List or SACL, and this process will be explained in the next section. Note: At this point of the setup do not expect the user to check email through a wiki site. Before users may check email through a wiki you will first have to enable mail access using the Web service and Sites which is covered a little later. 10
Manage Mail Access using the SACL To manage which users may use the email service, select your local server (1), Access (2), Services (3), Select l 4), choose the Mail service (5 A 6), click the + icon at bottom (7), select a user/s or group/s (8 & 9), and drag into the Allow list (10). This setting not only allows specific users and/or groups but also disables mail access by all users not explicitly listed. Note for AD Integrated servers: According to Apple KB Article TA24154, you should be able to give Active Directory users or groups mail account access by placing their account in the Access list as demonstrated on this step, but so far I have not been successful in making this happen. It works fine for OD users and groups. Reference link : http://support.apple.com/kb/TA24154
11
Enable the Mail link on a Wiki Site 1. To allow users web based email access you will need to enable that feature for your website. Go to Server Admin > choose the Web Service > select Sites > select the site you wish to enable email access on > choose Web Services > place a check in the Mail box. This will enable the Mail link on your web site wiki so users may check email online when necessary.
2. Open a web browser, go to your Apple Wiki Site, log in as a user given mail access, select the mail link which should now be active, log in to the email page and start testing email functionality. Notice a users wiki login does not automatically provide email access, so the user will be required to authenticate again to get their email. User Authentication window to left and email interface below.
12
Apple Mail client configuration 1. On Apple client find and select the Mail icon on the Dock Bar. The mail icon looks like a stamp.
2. Provide a user email address and password. Email address is the username@your.mail.server.
3. Assuming POP is enabled; provide the incoming mail server address. The username and password should be pre-populated using the credentials provided in the previous screen.
13
4. Provide the outgoing email server address and any authentication information if required. This may be the same server or some other SMTP server used in your network.
5. If the outgoing mail server uses SSL with a specific authentication type, choose that from the list.
14
6. The Account lists your options before choosing the Create button.
7. If the account information was correct the email application will open. By choosing Mail > Preferences, you may check and or modify the mail account settings for this user.
8. Start testing email functionality by sending and receiving messages between other user accounts.
15
iPod Touch Mail Configuration 1. Select Settings and then choose Mail, Contacts, Calendars.
2. Choose Add Account Other.
3. Select Add Mail Account and notice you are given New Account fields to fill in your information.
16
4. Provide all the requested information regarding your user and email server, including the incoming and outgoing server information, and then save. Note: Your outgoing server may not work outside of your work network.
5. When saving and attempting to connect, the iPod Touch will attempt to use SSL. If your server is not configured to use SSL simply click the Yes button to setup without SSL. This may occur twice and is normal.
6. Select the Email icon and test your email applications ability to send and receive.
17
References
Apple Knowledge Base Article TA24154 http://support.apple.com/kb/TA24154 Mac OSX Server Mail Service Administration Version 10.6 Snow Leopard: http://images.apple.com/server/macosx/docs/Mail_Service_Admin_v10.6.pdf Mac OSX Server Mail Service Boot Camp, Part 1: The Basics http://www.peachpit.com/articles/article.aspx?p=653382 RFC2195 POP/IMAP Challenge and Response http://www.faqs.org/rfcs/rfc2195.html Sun Systems CRAM-MD5 Authentication http://java.sun.com/products/jndi/tutorial/ldap/security/crammd5.html MIT Kerberos http://web.mit.edu/kerberos/