PDA

View Full Version : I need help understanding Mail service




iphong
Jun 21, 2009, 02:53 AM
I just started learning about Mac OS Server want to setup my own server, so I can do what ever I want with it. Having my website hosted somewhere else is really easy and convenient, but most of the time is very limited.

My intention is to have my own server running 24/7 serving me and few of my friends as a web, file and mail server. And i'm a little confused about the mail service and not sure how it works.

First, I have a domain name (e.g. mydomain.com) registered with Network Solutions. I want to set up a mail server that will handle IMAP mail server so that for example when people (at different server) send email to phong@mydomain.com, it will come to my server and i can download it to mail client software such as Apple Mail.

My current setup is I have a Mac Mini running Leopard server connect to internet through a router. And a few other Macs also connect to that router as well.

My server is current hosting websites, and have AFP and FTP enabled. My domain name is current pointing to my internet IP address, then I port forwarded my router to my server's local IP address in port 80 and 21, so my website can be displayed. My DNS service is currently configured for local use only as i have mycomputer.private address for my server. Now I just don't know how incoming mail works.

Can someone please explain or point me some direction which I can learn more about this. I would love to have my own mail server for my own email addresses. I probably don't need SMTP though, but if you can teach me how to make my server sending mail too, I would greatly appreciated.

Thanks.



mathcolo
Jun 21, 2009, 11:39 AM
You're very close to having this working... the first thing you should do is make sure the email stuff on your Server Mini is working. That part should be fairly straightforward; just go into Server Admin and edit the settings there.

Once you've done that, you can port forward the right ports for a variety of protocols; POP on 113 and IMAP on 143.

Then, make sure your network has a hostname that is being constantly updated to allow outside access (DynDNS.com (http://DynDNS.com) for example). Then, in your domain settings, set the MX records to that hostname. You should then have a very basic, but usable mail server!

Edit: Also, if you're using DynDNS, make sure to install the DynDNS Updater on the mini so that it is updating its IP to the DynDNS web site.

iphong
Jun 21, 2009, 10:30 PM
Then, in your domain settings, set the MX records to that hostname.

OK, now that's the part that i'm missing. Before this, I thought just set the domain A and CNAME record pointing to my server is enough. I didn't know I need to set MX records too. Wonder why mail didn't arrive to my server.

Thank you much for your help.

iphong
Jun 22, 2009, 09:06 AM
Awesome, I can receive mail in my server now. My ISP doesn't let my server send email, so I have to relay my SMTP through my ISP, any way I can send and receive mail now.

:D

mathcolo
Jun 22, 2009, 11:23 AM
Good! Glad I could help.

The one thing about home servers you should know is that some ISPs get mad. If you have Comcast Cable, you're the most vulnerable :p. Basically just be alert for any messages your ISP sends you.

Good luck and have fun! :D

iphong
Jun 22, 2009, 11:49 AM
The one thing about home servers you should know is that some ISPs get mad. If you have Comcast Cable, you're the most vulnerable :p. Basically just be alert for any messages your ISP sends you.

Can you be more specific? I'm using Comcast currently.

mathcolo
Jun 22, 2009, 11:58 AM
Can you be more specific? I'm using Comcast currently.

Sure thing...

All I'm noting is that Comcast's Acceptable Use Policy limits you from running a server on their network:

"Prohibited uses include, but are not limited to, using the Service, Customer Equipment, or the Comcast Equipment to: . . . run programs, equipment, or servers from the Premises that provide network content or any other services to anyone outside of your Premises LAN (Local Area Network), also commonly referred to as public services or servers. Examples of prohibited services and servers include, but are not limited to, e-mail, Web hosting, file sharing, and proxy services and servers;"

However, I just did a quick search and found this also:

"The Federal Communications Commission has declared that Americans are entitled to:

* Access Internet content of their choice;

* Run online applications and services of their choice;

* Connect their choice of devices; and

* Have fair competition among network, application, service and content providers."

So if that's the case, you can run it. I guess you'll have to decide for yourself. On the plus side, I think that Comcast really just doesn't want you to kill their network by using tons of bandwidth due to the way Cable works. But if all you're doing is casual/personal email and web hosting then you should have no problem.

Also, consider using Activity Monitor to see how much bandwidth you're using.

belvdr
Jun 22, 2009, 12:03 PM
FCC's rules are generally speaking. They don't say Americans have the choice to run online services over any connection they have.

There are limits in the design of the network, as it was not designed for servers at the consumer's premises, so Comcast's rules apply. Americans still have the choice to provide online services, but you need to use an acceptable provider to do so.

mathcolo
Jun 22, 2009, 12:04 PM
FCC's rules are generally speaking. They don't say Americans have the choice to run online services over any connection they have.

There are limits in the design of the network, as it was not designed for servers at the consumer's premises, so Comcast's rules apply. Americans still have the choice to provide online services, but you need to use an acceptable provider to do so.

Oh, that's a very good point. iphong: It's your call; I do agree that running a server is a very fun and interesting experience, but not if your Internet connection is at stake :(

uberamd
Jun 22, 2009, 12:11 PM
Don't do it. Really, its not worth it. You are MUCH better off buying a dedicated server for ~$50 in a datacenter and using that. If you just want to tinker, do it locally. Comcast does portscans on their network and they will see IMAP/POP3 services listening, which is bad news. They already block port 80 in some places to prevent running web servers. It simply isn't worth the risk.

And one reason ISP's are so stringent on servers has to do with SPAM. A non-properly configured SMTP server can easily be used to act as a spam relay. Bad news. All day at work I configure servers for mail, web, sql, and what not. It is best kept at places like that, and not at home.

Also, I saw that you use FTP. I cannot stand FTP, and the thing you should be using is SFTP. Based on that fact alone it seems like there may be other weak points in your setup.

Also note that web hosting uses your connections UPLOAD speed, which is significantly slower than your download speed in most cases. So a single file download (if a friend downloads from your server for example) will probably cripple your connection. And if your IP ever changes, have fun with that.

mathcolo
Jun 22, 2009, 12:22 PM
uberamd does have a very good point, incorrectly configured servers can act as security holes for malicious activities.

However, servers in data centers are very expensive. For the average user, that doesn't quite work...

iphong: On the contrary, you could get a Virtual Private Server. It feels, acts like and practically is a dedicated server, but it shares resources with other users through a virtualization environment. They cost somewhere between $10 and $30 a month depending on the provider and specs. Unfortunately they usually come with a form of Linux and not Mac OS X Server which I think you now understand.

uberamd
Jun 22, 2009, 12:29 PM
uberamd does have a very good point, incorrectly configured servers can act as security holes for malicious activities.

However, servers in data centers are very expensive. For the average user, that doesn't quite work...

iphong: On the contrary, you could get a Virtual Private Server. It feels, acts like and practically is a dedicated server, but it shares resources with other users through a virtualization environment. They cost somewhere between $10 and $30 a month depending on the provider and specs. Unfortunately they usually come with a form of Linux and not Mac OS X Server which I think you now understand.

Its very true that datacenter servers are expensive. And honestly, running your own SMTP/IMAP/Web server is a relatively pointless activity outside of learning unless you really have a set purpose. Its great for learning, but the risks you open yourself up to my making it visible from the outside, especially when you are new, can be very bad. Servers for mail and web belong either locally, or in datacenters, not in basements.

Most (but not all) VPS (virtual private server's) will come with everything pre-configured for you. And yes, they will use Linux. However I feel learning the text/terminal based setup for servers is much more beneficial in comparison to using the point-click methods. If you are going to run a server, you should take the ample time to understand exactly what does what.

My suggestion? If you really want to run a dedicated server, don't do it at home. Get a VPS or dedicated system for $10-50/mo and go that route. Read up linux tutorials, do it the text way, and in time you will understand everything from network security to what each daemon does. Servers just don't belong on cable modems.

iphong
Jun 22, 2009, 02:36 PM
And one reason ISP's are so stringent on servers has to do with SPAM. A non-properly configured SMTP server can easily be used to act as a spam relay. Bad news. All day at work I configure servers for mail, web, sql, and what not. It is best kept at places like that, and not at home.

I am aware of this and my SMTP server requires Kerberos or CRAM-MD5 Authentication to prevent spammers.

Also, I saw that you use FTP. I cannot stand FTP, and the thing you should be using is SFTP. Based on that fact alone it seems like there may be other weak points in your setup.

Yes, I did mention it, but in fact, i barely turn it on. I'm very cautious about security, and I do many many researches before turn on anything. I only run what I need.

What I'm doing now is only for learning purpose. I'm still a student but soon, I will go back to my country and open my own Business. My work is nothing related to IT or Network Administration. I do 3D and Design. But then I have always had a huge interest in technology and always want to explore things, and do anything I love to do. It not about convenient or money, if so I can just get a VPS or a dedicated server. I really want to run my own server and face problems so I can learn from it. I've spent over a thousand dollar on this server (hardware + software) and you are telling me to throw all that away?


Is there any other ISP provides business internet connection that allows servers?

milk242
Jun 23, 2009, 12:36 AM
There are many isps that provide connection for businesses, but they are more expensive.