Newbie question about configuration

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
pdx99
New user
New user
Posts: 3
Joined: 2016-08-18 00:34

Newbie question about configuration

Post by pdx99 » 2016-08-18 01:10

I'm under a tight timeframe and would appreciate some pointers regarding my desired functionality with hMailServer. The desired functionality is as follows:

We have a variety of devices (printers/copiers, UPS, servers, etc) that send either internal or external email
These devices don't use authenticated smtp to send; they don't use credentials
Receive functionality isn't part of the plan

I've installed hMailServer and added a non-routable domain (e.g.: hserv1.local) and a user (test1@hserv1.local)

As testing, I set up a local POP3/SMTP mail profile to use the hmailServer as the POP3 and SMTP server and the test1@hserv1.local user/password. The profile set up ok and "test connection" functionality passed
Our email gw did block the messages with Domain of sender address test1@hserv.local does not exist but that's expected

Some questions:
How do I enable/configure hMailServer so the devices can send mail without a username/pwd?
If the above can be done, where does the domain in hMailServer come into play?
Also, based on devices needing to send without credentials what settings should be configured at Reguire SMTP authentication checkboxes for IP Ranges -> Internet or any other pertinent place?

Thanks

User avatar
mattg
Moderator
Moderator
Posts: 19460
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Newbie question about configuration

Post by mattg » 2016-08-18 01:52

IP ranges
Create an IP range for your LAN that doesn't require authentication

You don't need a domain / accounts in hMailserver for your purposes.


You will probably need to set up a SMTP relayer to your existing mail server or say a gmail account to get the messages delivered to the world.
No need to forward ports from router as this machine will not accept outside mail
Firewall rules should only allow LAN traffic as a precaution, or even just from specific IP addresses in your LAN is better still

You will need the internet IP range to communicate with the SMTP relayer, so don't delete / change that
You won't need POP3 or IMAP, just SMTP. No mail cleints will need to connect to your hmialsevrer, it will simply accept mail and then forward it on (authenticating as needed when forwarding)
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

pdx99
New user
New user
Posts: 3
Joined: 2016-08-18 00:34

Re: Newbie question about configuration

Post by pdx99 » 2016-08-18 02:33

Thanks for the quick and informative reply.

Since the hmailServer is an smtp server, why do you think we need a relayer? Our exchange server and third-party gateways are going away (mail to Office 365, gateways being removed) and the hMailServer is planned to replace the smtp function for the devices. We have a DNS A record that uses a public FQDN which ultimately will translate back to the ip address of the hmail server so I believe that'll clear up the Domain of sender address test1@hserv.local does not exist issue.

Am I missing (very possible) a reason why we need to relay the smtp?

Thanks

User avatar
mattg
Moderator
Moderator
Posts: 19460
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Newbie question about configuration

Post by mattg » 2016-08-18 02:50

If you plan for hmailserver to receive real mail from the internet as well, then you WILL NEED your FQDN domain name and accounts set up in hmailserver, and then you won't need the SMTP Relayer.

You will need ports forwarded from router, appropriate firewall rules and MX records that point to your public IP (like you currently do for exchange). All that is different than for exchange is that the router needs to send to your hmailserver instead...

You will need your real domain and real accounts setup though
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

pdx99
New user
New user
Posts: 3
Joined: 2016-08-18 00:34

Re: Newbie question about configuration

Post by pdx99 » 2016-08-18 18:48

Sorry I confused the matter. What I'm trying to setup:

Internal devices send internal and/or external emails using the hMailServer. These devices won't authenticate

To clarify, the hmailServer won't be reachable from the outside world and won't have an mx record, etc

Configuration to do:
I'll create an IP range for the LAN that doesn't require authentication. Should I clear all the Require SMTP authentication checkboxes for this IP range?
I'll remove any domains and POP3 and IMAP and leave the Internet IP range. What should the Require SMTP authentication settings be for the Internet IP range?

If the hMailserver can reach the internet (and find MX records) why is the SMTP relayer needed? Won't the hMailsevrer simply accept mail and then forward it on itself without a relay?

Thanks

^DooM^
Site Admin
Posts: 13862
Joined: 2005-07-29 16:18
Location: UK

Re: Newbie question about configuration

Post by ^DooM^ » 2016-08-18 23:38

You are correct PDX just make sure it has a higher priority than the internet range. If memory serves higher = lower number. check the docs though.
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

User avatar
mattg
Moderator
Moderator
Posts: 19460
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Newbie question about configuration

Post by mattg » 2016-08-19 00:51

^DooM^ wrote:You are correct PDX just make sure it has a higher priority than the internet range. If memory serves higher = lower number. check the docs though.
Great to see you back mate...

Other way around.
Higher priority is higher number

Priority of 25 trumps priority of 20 which trumps priority of 15
pdx99 wrote:To clarify, the hmailServer won't be reachable from the outside world and won't have an mx record, etc
OK
pdx99 wrote:I'll create an IP range for the LAN that doesn't require authentication. Should I clear all the Require SMTP authentication checkboxes for this IP range?
Yes
pdx99 wrote:I'll remove any domains and POP3 and IMAP and leave the Internet IP range. What should the Require SMTP authentication settings be for the Internet IP range?
Leave them enabled as default (There is a default button if in doubt). The require auth settings only affect incoming connections
pdx99 wrote:If the hMailserver can reach the internet (and find MX records) why is the SMTP relayer needed? Won't the hMailsevrer simply accept mail and then forward it on itself without a relay?
Yes, however your mail will likely end up marked as spam, and may not even get delivered at all. A SMTP relayer gives some better assurances (Still no guarantee) that mail will actually delivered.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

^DooM^
Site Admin
Posts: 13862
Joined: 2005-07-29 16:18
Location: UK

Re: Newbie question about configuration

Post by ^DooM^ » 2016-08-19 01:07

hah been a while mate :)

Matt is correct, if you are sending to external mailservers using a .local FQDN it will never get there. Accepting mails locally without auth and relaying to your exchange env will however work fine.

Thing is though if you are running exchange, why not setup an ip range on that to accept non authed emails from a set IP range (Local network) and keep the complexity down?
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

Post Reply