Newbie question about configuration

[pdx99]

I'm under a tight timeframe and would appreciate some pointers regarding my desired functionality with hMailServer. The desired functionality is as follows:

We have a variety of devices (printers/copiers, UPS, servers, etc) that send either internal or external email
These devices don't use authenticated smtp to send; they don't use credentials
Receive functionality isn't part of the plan

I've installed hMailServer and added a non-routable domain (e.g.: hserv1.local) and a user (test1@hserv1.local)

As testing, I set up a local POP3/SMTP mail profile to use the hmailServer as the POP3 and SMTP server and the test1@hserv1.local user/password. The profile set up ok and "test connection" functionality passed
Our email gw did block the messages with Domain of sender address test1@hserv.local does not exist but that's expected

Some questions:
How do I enable/configure hMailServer so the devices can send mail without a username/pwd?
If the above can be done, where does the domain in hMailServer come into play?
Also, based on devices needing to send without credentials what settings should be configured at Reguire SMTP authentication checkboxes for IP Ranges -> Internet or any other pertinent place?

Thanks

[mattg]

IP ranges
Create an IP range for your LAN that doesn't require authentication

You don't need a domain / accounts in hMailserver for your purposes.


You will probably need to set up a SMTP relayer to your existing mail server or say a gmail account to get the messages delivered to the world.
No need to forward ports from router as this machine will not accept outside mail
Firewall rules should only allow LAN traffic as a precaution, or even just from specific IP addresses in your LAN is better still

You will need the internet IP range to communicate with the SMTP relayer, so don't delete / change that
You won't need POP3 or IMAP, just SMTP. No mail cleints will need to connect to your hmialsevrer, it will simply accept mail and then forward it on (authenticating as needed when forwarding)

[pdx99]

Thanks for the quick and informative reply.

Since the hmailServer is an smtp server, why do you think we need a relayer? Our exchange server and third-party gateways are going away (mail to Office 365, gateways being removed) and the hMailServer is planned to replace the smtp function for the devices. We have a DNS A record that uses a public FQDN which ultimately will translate back to the ip address of the hmail server so I believe that'll clear up the Domain of sender address test1@hserv.local does not exist issue.

Am I missing (very possible) a reason why we need to relay the smtp?

Thanks

[mattg]

If you plan for hmailserver to receive real mail from the internet as well, then you WILL NEED your FQDN domain name and accounts set up in hmailserver, and then you won't need the SMTP Relayer.

You will need ports forwarded from router, appropriate firewall rules and MX records that point to your public IP (like you currently do for exchange). All that is different than for exchange is that the router needs to send to your hmailserver instead...

You will need your real domain and real accounts setup though

[pdx99]

Sorry I confused the matter. What I'm trying to setup:

Internal devices send internal and/or external emails using the hMailServer. These devices won't authenticate

To clarify, the hmailServer won't be reachable from the outside world and won't have an mx record, etc

Configuration to do:
I'll create an IP range for the LAN that doesn't require authentication. Should I clear all the Require SMTP authentication checkboxes for this IP range?
I'll remove any domains and POP3 and IMAP and leave the Internet IP range. What should the Require SMTP authentication settings be for the Internet IP range?

If the hMailserver can reach the internet (and find MX records) why is the SMTP relayer needed? Won't the hMailsevrer simply accept mail and then forward it on itself without a relay?

Thanks

[^DooM^]

You are correct PDX just make sure it has a higher priority than the internet range. If memory serves higher = lower number. check the docs though.

[mattg]

You are correct PDX just make sure it has a higher priority than the internet range. If memory serves higher = lower number. check the docs though.

Great to see you back mate...

Other way around.
Higher priority is higher number

Priority of 25 trumps priority of 20 which trumps priority of 15

To clarify, the hmailServer won't be reachable from the outside world and won't have an mx record, etc

OK

I'll create an IP range for the LAN that doesn't require authentication. Should I clear all the Require SMTP authentication checkboxes for this IP range?

Yes

I'll remove any domains and POP3 and IMAP and leave the Internet IP range. What should the Require SMTP authentication settings be for the Internet IP range?

Leave them enabled as default (There is a default button if in doubt). The require auth settings only affect incoming connections

If the hMailserver can reach the internet (and find MX records) why is the SMTP relayer needed? Won't the hMailsevrer simply accept mail and then forward it on itself without a relay?

Yes, however your mail will likely end up marked as spam, and may not even get delivered at all. A SMTP relayer gives some better assurances (Still no guarantee) that mail will actually delivered.

[^DooM^]

hah been a while mate

Matt is correct, if you are sending to external mailservers using a .local FQDN it will never get there. Accepting mails locally without auth and relaying to your exchange env will however work fine.

Thing is though if you are running exchange, why not setup an ip range on that to accept non authed emails from a set IP range (Local network) and keep the complexity down?