Skip navigation

Simple question re mail servers?

399 Views 4 Replies Latest reply: Nov 30, 2012 2:25 AM by Budster RSS
Budster Calculating status...
Currently Being Moderated
Nov 29, 2012 5:16 AM

This may be an obvious question, but I wanted to ask before I began on setting things up.

 

While we currently run iCal & Address Book on our OSX server, I wanted to set up the mail server as well for our small office (5 people).  We currently use our ISP's mail service, collecting mail from each workstation individually using POP3.  It seems sensible to continue to use the ISP's service to relay mail to our server by SMTP, so that we avoid any problems if its not running all the time.  I noticed that the mail server has the facility to relay outgoing mail through an ISP's server, but presumably its also possible to collect mail from the ISP's server as well?

 

If so, does anyone know is this fairly straightforward and is there anything I should be aware of?

 

Any advice much appreciated?

 

Thanks

  • MrHoffman Level 6 Level 6 (11,695 points)
    Currently Being Moderated
    Nov 29, 2012 8:07 AM (in response to Budster)

    In no particular order....

     

    If you use relay for outbound mail from your server (which would be more common if you don't have static IP, or don't have proper external DNS configured for your server), then you can either have your inbound mail land on the ISP servers inbound (and pick up mail as you have), or you (assuming static IP) can have inbound mail land directly on your mail server. 

     

    Where the inbound mail goes depends on the DNS MX record for the domain, and whether that mail server is configured to accept that arriving mail.

     

    Whether outbound mail is received by remote servers depends on whether you're using authenticated relay (as you're discussing) and whether you have valid forward and reverse DNS for your mail server (if you're sending mail directly).  If your DNS is messed up, receiving mail servers will often interprete your mail server as a spam engine and drop the messages, and various servers won't even bother sending to a mail server with incorrect DNS.

     

    I'd use IMAP and not POP.

     

    If you run your own mail server, you own configuring and maintaining and running the anti-spam defenses and related hassles.

  • MrHoffman Level 6 Level 6 (11,695 points)
    Currently Being Moderated
    Nov 29, 2012 5:33 PM (in response to Budster)

    The easiest way for inbound mail is to have static IP on your firewall (or your server, if it's exposed), and set up the ISP as a lower-priority (higher-numbered) MX and your server as the higher-priority (lower-numbered) SMTP server.  Then mail is delivered directly.  If you're on a static IP, then proper external DNS means you can send mail directly outbound (and more importantly, have it received and accepted).  This is a full-on local mail server.

     

    If you go this way and deploy an externally-accessible mail server, then you'll need to lock down against forwarding and the plethora of attacks that are launched against mail servers, as well as dealing with the spam and related messes.

     

    My preference with VPNs is to use a firewall (firewall-gateway-router-etc) that implements a VPN server within the box.  Then you're not messing with NAT passthrough, and you can also maintain inbound VPN access even when the OS X Server box is offline.

     

    If you're running a private NAT'd network, OS X Server requires valid local DNS implemented on your LAN, or things tend to get wonky.  ISP DNS won't work for this, if there's NAT in play.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.