Configuring an Internet E-mail Server

If your machine is connected to the Internet, you can use it to send e-mail from the command line. If your machine is connected all the time ("24/7," as they say), then you can use it as a server to receive incoming e-mail and store messages in mailboxes for each user on your system.

Mac OS X comes with a common open -source e-mail server called Postfix. (Mac OS X 10.2 used another, even more common server called Sendmail.) In this section we will show how to configure the Postfix mail server to receive incoming e-mail and save messages to the appropriate mailbox for each user.

Postfix actually provides two kinds of e-mail services: It is a Mail Transport Agent ( MTA ) and a Mail Delivery Agent ( MDA ). MTAs handle the exchange of e-mail between MTAs across the Internet. That is, MTAs talk to other MTAs across networks. MDAs handle incoming messages and store them in the appropriate mailbox for each user. (In more complex configurations, a mail server may also forward incoming mail to other machines for further processing.)

Before proceeding with the following task, make sure your machine has an FQDN that has a DNS entry associating the FQDN of your machine's IP address. See "Setting Your Machine's Hostname," at the beginning of this chapter, for more details. The Postfix configuration will automatically read what the hostname command returns and use that as the FQDN for which it expects to be receiving e-mail (although you can override that behavior).

To configure Postfix to receive e-mail addressed to your FQDN:

1.	`hostname` You will need to know the FQDN that you machine thinks it has. Running the `hostname` command shows this to you. Make a note of the result.
2.	Become root, entering your password if prompted: `sudo -s` You are going to perform several commands as root in this task, so we have you start a root shell rather than run `sudo` for each command line. Your shell prompt will change. Now you are going to back up the `launchd` configuration file that controls Postfix.
3.	`cd /etc/postfix` This changes your working directory to where the Postfix configuration files are kept.
4.	`cp main.cf main.cf.` `YYYYMMDD` You are making a backup of the file. Replace `YYYYMMDD` with the year, month, and day of the current datefor example: `cp main.cf main.cf.20050921`
5.	Edit `main.cf` . Here's where you make some changes: If the return value from the `hostname` command is not the FQDN you want to use, then find the `INTERNET HOST AND DOMAIN NAMES` section and add the line `myhostname =` `fqdn` where `fqdn` is the one you want to use. For example: `myhostname = susie.example.com` The FQDN you use must be one that maps to your machine's IP address. Otherwise , people will not be able to use it to send e-mail to your machine. If the return value from `hostname` is the FQDN you want to use, Postfix will figure it out and automatically use it, so you do not need to change the `myhostname` setting.
6.	Change the line near the end of `main.cf` in the section beginning with the comment `THE FOLLOWING DEFAULTS ARE SET BY APPLE` from `inet_interfaces = localhost` to inet_interfaces = localhost, $myhostname This tells Postfix to listen on the IP address associated with the hostname. You should also add a comment (lines starting with `#` ) explaining what you did.
7.	`launchctl stop org.postfix.master` This stops the Postfix master daemon, if it happens to be running.
8.	`cd /System/Library/LaunchDaemons` Change your working directory so that the pathnames you type next won't be so long.
9.	`launchctl unload -w org.postfix.` `master. plist` This sets the Disabled key in the `launchd` configuration file and writes it back to disk. (See Chapter 11 for more on `launchctl` and `launchd` .)
10.	`cp org.postfix.master.plist org.` `postfix.master.` `YYYYMMDD` Here you are making a backup copy of the plist file. Change `YYYYMMDD` to be the current year, month, and day.
11.	Edit the file `org.postfix.master.plist` . Using `vi` or another text editor, edit the file and make the following changes: Add a new key, `OnDemand` , set to `false` . Remove the second and third strings from the `ProgramArguments` array (the `-e` and `60` strings). Remove the entire `QueueDirectories` section. Figure 14.3 shows before-and-after examples. Make sure to save the file before exiting your editor. Figure 14.3. Before-and-after examples of the file. The file before editing (text to be removed shown in strikethough ): <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Disabled</key> <true/> <key>Label</key> <string>org.postfix.master</string> <key>Program</key> <string>/usr/libexec/postfix/master</string> <key>ProgramArguments</key> <array> <string>master</string> <string>-e</string> <string>60</string> </array> <key>QueueDirectories</key> <array> <string>/var/spool/postfix/maildrop</string> </array> </dict> </plist> The file after editing (new text shown in italics ): <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Disabled</key> <true/> <key>OnDemand</key> <false> <key>Label</key> <string>org.postfix.master</string> <key>Program</key> <string>/usr/libexec/postfix/master</string> <key>ProgramArguments</key> <array> <string>master</string> </array> </dict> </plist>
12.	`launchctl load -w org.postfix.` `master.plist` This loads the new plist file into `launchd` . The `-w` flag changes the Disabled key to `false` and writes the file back to disk.
13.	`launchctl start org.postfix.master` This tells `launchd` to start the Postfix daemon.
14.	Stop being root: `exit` You should be back at your regular shell prompt.
15.	Check firewall settings. Look in the Sharing pane of System Preferences and click the Firewall tab. If you have the firewall on, open up port 25. See Chapter 12, and in particular the section "About ports and sockets," for more on the firewall.
16.	Test the setup. Send yourself e-mail from another system (or ask a friend to do it), using the FQDN for your Mac OS X machine.

Tips

Watch the mail-server log file while testing. Type

sudo tail -f /var/log/mail.log

to see the mail server accept each incoming message.
The central source for information about Postfix is Postfix.org (http://postfix.org/). There you can find documentation, how-tos and FAQs, mailing lists, and more.

Sending Mail Addressed to an IP Address

It is perfectly valid to send e-mail that is addressed to an IP address rather than a domain name . To do so, you must enclose the IP address in square brackets:

puffball@[198.137.241.43]

If you are doing this from the command line, make sure to escape the brackets:

puffball@\[198.137.241.43\]

because they would otherwise be interpreted by the shell as the test command. See man test : Looking carefully at the NAME line in the manual, see the [ character? It's another name for the test command.

Forwarding e-mail to different addresses

Sometimes you want e-mail that arrives for one address to be automatically forwarded to another address. There are a couple of ways to do this. What we describe here works when you want to forward e-mail to an account that already exists on your system. It is also possible to set up virtual userse-mail addresses on your system that do not correspond to actual user accounts but rather to things like roles or departments (for example, sales@bigthree.com). Setting up virtual users in Postfix is beyond the scope of this book, but you can find instructions for doing it at the Postfix Virtual Domain Hosting Howto (www.postfix.org/VIRTUAL_README.html).

To forward e-mail for an existing user account:

Create a file called .forward in the home directory of the user whose e-mail is to be forwarded.

The file should contain a single line: the e-mail address you want to forward to. For example,

 sudo echo  "user@newaddress.net"  >  ~  user  /.forward

where user is the user name of the user on your system and the address is whatever address you want to forward the mail to.

Enter your password if prompted for it.

If you want a copy of the forwarded e-mail to stay on your system, use this format:

\ user , user@newaddress.net

Set the ownership on the file:

sudo chown user .forward

Spam Sucks

Spam e-mail is unsolicited material, usually asking for money or selling products, sent to multiple e-mail addresses (the name comes from the Monty Python sketch involving the seemingly endless repetition of the word spam ).

Spam wastes bandwidth, and, more important, it wastes the one thing none of us can ever get more of: time.

If you are running a mail server that is being hit with spam, you should look into anti-spam features. (The Mac OS X GUI e-mail client, Mail, has anti-spam features you can use to help with your personal e-mail account.)

Probably the premier anti-spam software for mail servers is SpamAssassin (http://spamassassin.org).

There is a Mac OS X how-to for Spam- Assassin at www.stupidfool.org/docs/sa.html.

Providing Remote Access to Users' E-mail: IMAP and POP

Another kind of mail server allows users to connect and download or read their e-mail from other machines. These servers provide remote access to users' mailboxes (kept in /var/mail on Mac OS X) and utilize either the complex and powerful IMAP ( Internet Mail Access Protocol ) or the simpler but less capable POP ( Post Office Protocol ).

For information on IMAP, go to the IMAP Connection (www.imap.org). It has a searchable database of IMAP software, such as clients and servers (www.imap.org/products/database.php).

If you are considering setting up your Mac OS X machine to provide remote access to users' e-mail, we suggest that you use an IMAP server. This will allow your users to read their mail from multiple remote machines (such as from home or the office), as well as provide better security, since IMAP servers can be configured to use encryption.

Two no-cost open-source IMAP servers:

The University of Washington's IMAPd (IMAP daemon), available at the IMAP Information Center (www.washington.edu/imap).
The Cyrus IMAP server, which is designed for use on "e-mail-only" servers where regular users are not permitted to log in (http://asg.web.cmu.edu/cyrus/imapd).

Here are three commercial IMAP servers (which also handle POP):

CommuniGate Pro (www.stalker.com/CommuniGatePro). A free version is available, but it adds a line of advertising to each message.
The Kerio Mailserver. Offers support for Microsoft's Entourage e-mail client (www. kerio .com/kms_home.html).
Post.Office, from Tenon Intersystems (www.tenon.com/products/post_office).

Figure 14.3. Before-and-after examples of the file.

Sending Mail Addressed to an IP Address

Forwarding e-mail to different addresses

Spam Sucks

Providing Remote Access to Users' E-mail: IMAP and POP