Server mail os X
description
Transcript of Server mail os X
Mac OS X Server as an Advanced
Mail Server
André Aulich
Freelance Apple Consultant
www.andre-aulich.de
insecure Internet
SSL/VPN
SSL
VPN
secure local area network
WebMail
Mail application
Market needs
© 2004 www.andre-aulich.de
user experience additional administrative demands
• secure mail transfer
• virus and spam filter
• auto-replies (vacation notices)
• group mail accounts
• shared IMAP folders
• internal and external access using mail application or Webmail
• ease of use
• stable overall service
• backup and disaster recovery strategy
• support for email addresses like [email protected]
• server shouldn’t need much support after first setup
• redundancy
Standard Mac OS X Mail
Server Setup
- using internal tools -
© 2004 www.andre-aulich.de
DEMO
Standard mail setup
© 2004 www.andre-aulich.de
Postfix
Cyrus
SMTP IN
external SMTP server
recipient local userrecipient external user
local Mac OS X Server
Standard mail setup
© 2004 www.andre-aulich.de
incoming SMTP mail
sender IP address accepted
sender IP address not accepted
SSL encrypted not SSL encrypted
message size accepted
message size not accepted
sender has local user account
sender has no local user account
recipient is local user
recipient is external user
sender IP address accepted
sender IP address not accepted
Cyrus stores mails for local usersin users' inboxes
Mail delivery using POP or
IMAP SSL, and/or VPN tunnel
Mail client using mail applicationor Webmail interface
SMTP server of external user
any kind of delivery
external mail recipient
Postfix
Advanced Mac OS X Mail Server
Setup
- using internal and external tools -
© 2004 www.andre-aulich.de
DEMO
Advanced mail setup
© 2004 www.andre-aulich.de
Postfix
Cyrus
SMTP IN
external SMTP server
recipient local user
recipient external user
local Mac OS X Server
Procmail
Sanitizer
Virex or Sophos
Spam Assassin
Razor
Advanced mail setup - feature list
© 2004 www.andre-aulich.de
• secure mail transfer using SSL and/or VPN
• state-of-the-art virus and mail filters
• easy-to-use webmail interface
• flexible mail addresses like [email protected]
• powerful backup and disaster recovery strategies
• vacation notices controlled by users
• powerful mailing list management
• group mail accounts and shared IMAP folders
Advanced mail setup - Alternative
© 2004 www.andre-aulich.de
Postfix
Cyrus
SMTP IN
external SMTP server
recipientlocal user
local Mac OS X Server
amavisd-new
Spam Assassin
Razor
ClamAV
Finetuning
© 2004 www.andre-aulich.de
• add log rolling
• SpamAssassin can be trained
• add support for multiple domains
• server-based rules (using CLI)
• encrypt mails to external recipients using sender certificates
Tiger announcements
© 2004 www.andre-aulich.de
• see http://www.apple.com/uk/server/macosx/tiger/
• SpamAssassin will be included with Mac OS X Server
• Support for mail server clustering
• added support for virtual hosts
Commercial alternatives
• Kerio MailServer, www.kerio.com
• CommuniGate Pro, www.stalker.com
• 4D Mail, www.4D.com
• PostOffice, www.tenon.com
© 2004 www.andre-aulich.de
General security advisory
• security on mobile client computers
• security on other people’s computers
• Limiting server access to VPN and SSL ports
• Secure other services using SSL
© 2004 www.andre-aulich.de
Summary
• Mac OS X Server is a powerful, enterprise-level mail server
• many functions are available via the GUI
• more functions can be added using industry-standard, free-of-charge Open Source tools
• The complete system is easy to use for the clients
• Mac OS X Server offers secure and flexible mail solutions
© 2004 www.andre-aulich.de
Tools you need
• Mac OS X Server
• (optional) Anomy Sanitizer: http://
mailtools.anomy.net/
• Virus scanner
• Virex (http://www.mac.com),
Sophos-Antivirus, ClamAV, etc.
• SpamAssassin: http://
spamassassin.apache.org/
• Razor: http://razor.sourceforge.net/
• (optional) amavisd-new: http://ijs.si/
software/amavisd/
© 2004 www.andre-aulich.de
Resources
• Copy of this presentation and basic configuration guide for the described setup: http://www.andre-aulich.de/
mailserveren1.html
• 'Sanitizing Mail on Panther Server' by Jason Deraleau: http://www.macdevcenter.com/pub/a/mac/2004/01/27/
sanitize_mail.html
• 'Fighting Spam on Mac OS X Server': http://developer.apple.com/server/fighting_spam.html
• 'Using Open Source Tools to Filter Email on Mac OS X Server': http://developer.apple.com/server/virusfiltering.html
• test of commercial mail servers: http://www.macworld.com/2004/03/reviews/emailservers
• 'Spam/Virus controls with OS X Server': http://www.afp548.com/article.php?story=20041104095414942
• 'Use Cyradm to Manage your Cyrus Mailboxes': http://www.afp548.com/article.php?story=20040814204411280
• 'OS X Server 10.3 Mail Backup': http://www.afp548.com/article.php?story=2004092303182960
• 'Log Rolling made easy': http://www.afp548.com/article.php?story=20040916181619888
• 'Sieve Installer': http://www.afp548.com/article.php?story=20040721014726822
• 'Cyrus IMAP Mailbox Recovery': http://www.afp548.com/article.php?story=20040824063737872
• 'The great big Panther SSL article': http://www.afp548.com/article.php?story=20040722080720854
• Squirrelmail-Plugins: http://www.squirrelmail.
• ‘ How to Set Up Encrypted Mail on Mac OS X’: http://www.macdevcenter.com/pub/a/mac/2003/01/20/mail.html
© 2004 www.andre-aulich.de
Q&A