DynDNS.com - Support -- Knowledge Base -- Mail Servers And MailHop Outbound

Need Help? Visit the forum for DynDNS.com topics.

Mail Servers And MailHop Outbound

MailHop® Outbound can be used both via e-mail "clients" (Mailsmith, Outlook, Eudora, etc) as well as mail "servers". In both cases the underlying protocol is the same (SMTP/ESMTP).

However, unlike with most mail clients, which have fairly consistent interfaces at this point for setting up an outgoing SMTP server, each mail server generally has its own unique interface for configuring a "smart host" or "relay".

It is generally best to configure individual e-mail clients to send mail directly via out outbound server, but this may not always be convenient. With this in mind we are providing the following information to assist in configuring various of the more common mail servers to use MailHop Outbound service.

Warning: Mail servers are complex beasts. They do a lot of work "under the hood" and out of the sight of users. If you do configure a mail server to use our MailHop Outbound service you will be responsible for any messages your mail server sends out through this service.

In particular, if your mail server generates "bounces" after a message is received and the original SMTP connection is closed, your mail server may well use MailHop Outbound to send these bounces. Keep this in mind when configuring your mail server as you probably don't want to route such bounces out via our server, as they will count against your daily relay limit. Microsoft Exchange is a particularly common offender in this regard. Unfortunately, configuring your server to avoid this is outside the scope of the support we can offer.

Communigate Pro
Exim
Microsoft Exchange 2000
Microsoft Exchange 2003
Microsoft Exchange 2007
Postfix
qmail
Sendmail

Exim

These instructions assume Exim 4.x and have been vetted by our support staff running Exim version 4.20 on FreeBSD 4.8:

In the "MAIN CONFIGURATION SETTINGS" make sure that your primary_hostname and local_domains variables are configured correctly. Otherwise you'll likely generate nasty loops. Unfortunately we can't tell you precisely how to configure these as they depend on too many local variables. Consult the Exim documentation for more details on configuring these items.

In the "ROUTERS CONFIGURATION" section, before any other routers, add the following:

  send_to_gateway:
      driver = manualroute
      domains = !+local_domains
      transport = remote_smtp
      route_list = * outbound.mailhop.org

In the "TRANSPORTS CONFIGURATION" section, locate the remote_smtp directive and edit it to include:
```
  remote_smtp:
      driver = smtp
      hosts_require_auth = outbound.mailhop.org
```
If you have Exim compiled to use SSL, add the following line as well:
```
      hosts_require_tls = outbound.mailhop.org
```

Near the bottom of your configure file, in the "AUTHENTICATION CONFIGURATION", enter:

  login:
      driver = plaintext
      public_name = LOGIN
      client_send = ": username : password"

The username and password should of course be your DynDNS.com credentials.

Postfix

These instructions have been tried out and verified to work by our support staff, using Mac OS X 10.3 running postfix 2.0.10. It is expected that other versions of postfix running on various flavors of UNIX/Linux should be similarly configured.

These instructions assume the postfix config files live in /etc/postfix.

In /etc/postfix/main.cf add the lines:
```
  relayhost = outbound.mailhop.org:2525
  smtp_sasl_auth_enable=yes
  smtp_sasl_password_maps=hash:/etc/postfix/sasl_passwd
  smtp_sasl_security_options=
```
Optionally, also add the lines:
```
  smtp_use_tls = yes
  smtp_tls_CAfile = /etc/postfix/cert.pem
  smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session_cache
```
to enable SSL/TLS when sending outgoing mail. Note that the path info in the second command may be different depending on your system and where you have installed your certificates. The last line may be omitted, but should help reduce CPU cycles verifying the certificate chain when sending outgoing E-mail.
Create a file /etc/postfix/sasl_passwd with the contents:
```
  outbound.mailhop.org:2525 userid:password
```
where userid and password are your DynDNS.com username and password.
Next, change the ownership and permissions on the sasl_passwd file to protect it from unauthorized access.
```
 chown root:root /etc/postfix/sasl_passwd && chmod 600
 /etc/postfix/sasl_passwd
```
Finally, create a database file from the contents of the sasl_passwd file:
```
  postmap hash:/etc/postfix/sasl_passwd
```
OPTIONAL: If you wish to relay only specific domains via Mailhop Outbound, You will need to do the following:

Remove the relayhost = outbound.mailhop.org entry in main.cf, if one exists.

Add the following line to your main.cf file: transport_maps = hash:/etc/postfix/transport

Edit /etc/postfix/transport and update it with something similar to the following:
```
 # Syntax: .domain transport:relay_host
 # Specifies specific domains for local delivery
 my.domain.com :
	
 # Specify all subdomains for local delivery
 .my.domain :

 # Specify domains that need to be relayed through outbound.mailhop.org
 aol.com relay:outbound.mailhop.org
 hotmail.com relay:outbound.mailhop.org
```
Create a database file from the contents of the transport file: postmap hash:/etc/postfix/transport
Lastly, reload postfix: postfix reload

Note: Patrick Koetter has put together a very nice guide to Postfix in general and has more detailed instructions on setting up a smart host relay with SMTP Authentication.

If you want to change the port that Postfix uses to send outgoing mail, we have been told that you may need to change the definition of the SMTP port in /etc/services. We do not have comprehensive instructions for making this change, but some reasonable searching should get you the information you need - when changing /etc/services, though, you should be very careful, as this file controls a large part of the UNIX system's TCP/IP interactions.

Communigate Pro

These instructions have been vetted by our support staff running Communigate Pro version 4.1.7 on Mac OS X 10.3. However, the basic interface for this in Communigate Pro hasn't changed since 3.0 or earlier. As such, these instructions should work with most versions of Communigate Pro currently in service.

Using the basic Web interface to administer Communigate Pro, access the SMTP section and select the option "Forward to". Enter outbound.mailhop.org in the text field to the right of this option.
In the "Send AUTH" field enter your DynDNS.com username.
In the "Password" field enter your DynDNS.com password.
- http://www.stalker.com/CommuniGatePro/SMTP.html#Foreign
Optionally, in the "Send Encrypted (SSL/TLS)" enter outbound.mailhop.org in the "To Domains" field to engage SSL based encryption for communications between you and our relay server.
- http://www.stalker.com/CommuniGatePro/SMTP.html#Secure

qmail

Please see SMTP authentication for Qmail.

Sendmail

Sendmail configuration is not for the faint of heart. Debugging and diagnosis can be even harder, at times. We provide the instructions below, but they gloss over some of the major configuration management issues inherent to Sendmail, and we cannot assist you with those issues. We strongly recommend Exim as an alternative UNIX SMTP server.

These instructions assume that you already have an appropriate .mc file prepared for your Sendmail configuration, and have the appropriate commands/tools prepared to compile that into a sendmail.cf file and install it in the appropriate location. On some BSD-based systems, this is as simple as typing "make" in /etc/mail and editing $hostname.mc. On other systems, it can be considerably more difficult. Consult the manual for your system or Sendmail for more information.

Add the following lines to your .mc file:
```
FEATURE(authinfo, `hash -o /etc/mail/authinfo')
define(`SMART_HOST', `outbound.mailhop.org')
```
If you need to use an alternate port (other than 25) for MailHop Outbound, also add the following line:
```
define(RELAY_MAILER_ARGS, `TCP $h 2525')
```
You may also use port 10025 or any other standard SMTP port that we offer for the MailHop Outbound service in the above line, in place of "2525". You should NOT use the SMTPS port(s) we offer.
Create or edit the file /etc/mail/authinfo, and add a line that looks like this:
```
AuthInfo:outbound.mailhop.org "U:username" "P:password" "M:LOGIN"
```
Replacing "username" and "password" with your DynDNS.com username and password, respectively. Be sure to include the rest of the line exactly as it is shown above, quotes and all. You should make sure that this file is not readable by unpriviledged users, as it contains your login information.
Build the authinfo file into the Sendmail hash database format with the following command:
```
makemap hash /etc/mail/authinfo < /etc/mail/authinfo
```
This will create an /etc/mail/authinfo.db file, which Sendmail will use to read the authentication information. You will need to re-run the above command any time you change /etc/mail/authinfo.
Finally, compile your .mc file to a .cf file, install it as sendmail.cf, and re-start Sendmail. Your server should now send all mail via the MailHop Outbound server!

Microsoft Exchange 2003

These instructions were submitted by one of our customers who managed to get their Exchange 2003 server working with MailHop Outbound. We have not vetted these and don't have an Exchange server of our own to test these with. Consequently we can take no responsibility for these instructions.

Important: If you are using Exchange with MailHop Outbound, you must configure your server to reject invalid recipients during the SMTP session, rather than generating NDRs and sending them out later. In the Message Delivery Properties dialog box in Global Settings, find the Recipient Filtering tab. Make sure that "Filter recipients who are not in the Directory" is checked, and Apply the settings. For more details on this and other powerful filtering options available in Exchange, see The Hidden Power of Sender and Recipient Filtering, a helpful tutorial on the subject.

Go to "Start/All Programs/Microsoft Exchange" and click on "System Manager".
Expand the "Connectors" item.
By default, Exchange uses SMTP for outbound connections, so you should find an "Internet Mail SMTP Connector" already there. Right click on it and select "Properties".
On the "General" tab, select "Forward all mail through this connector to the following smart hosts" and enter "outbound.mailhop.org" in the field below.
On the "Advanced" tab, click on the "Outbound Security" button to get to "Outbound Security" dialog box.
By default, exchange sets up security to use "Anonymous Access". Change this to "Basic authentication (password is sent in clear text)" then click the "Modify" button, enter your DynDNS.com username and password, and click "OK".
Back at the "Outbound Security" dialog box, enable "TLS Encryption" and click "OK".

If your provider blocks port 25, you will need to configure your mail server to use port 2525 or 10025 to circumvent the block. To change the outgoing SMTP port:

In Exchange, go into first administrative group/servers/server/Protocols/SMTP.
Open Properties for Default SMTP Virtual Server.
Go to the Delivery tab and click Outbound Connections. In the dialog box, change the TCP port to 2525 or 10025.
Restart the Simple Mail Transfer Protocol (SMTP) service in Windows Services.

Microsoft Exchange 2000

These instructions were submitted by one of our customers who managed to get their Exchange 2000 server working with MailHop Outbound. We have not vetted these and don't have an Exchange server of our own to test these with. Consequently we can take no responsibility for these instructions.

Exchange's SMTP virtual server does not support authentication. In order to use MailHop Outbound, you must add an SMTP connector.

Click on Routing Groups -> First routing group -> Connectors.
Add an SMTP connector by right clicking on Connectors.
In the properties, select "Forward all mail through this connector to the following smart hosts" and enter outbound.mailhop.org in the field below.
Add a local bridgehead. If you have only one server, this is your server. If you have more than one, you'll have to figure this out yourself. (no, we don't know what this means)
Select Properties: Deactivate "Send HELO instead of EHLO".
Activate "Do not send ETRN/TURN".
On the Delivery Options page, select "Specify when messages are sent through this connector" and specify "Always Run" (or whatever you desire).
Under the Advanced tab, click "Outbound Security..." then "Basic authentication" then click Modify. Enter your DynDNS.com username and password here.
Under Address Space, click Add then SMTP. Domain should be * and cost 1.
Connector Scope is probably "Entire organization".
It is not necessary to click "Allow messages to be relayed through this domain" (and this option probably should not be selected).

Microsoft Exchange 2007

Configuration for Microsoft Exchange 2007 is similar to the procedures for 2000 and 2003. For a guide on changing the inbound and outbound SMTP ports in Exchange 2007, please view this entry on Exchange Technical bLog.

DynDNS

Search