DynDNS.com - Support -- Knowledge Base -- Mail Servers And MailHop Outbound

• Support
• Contact Support
• Update Clients
• Service Level Agreement
• Premier Support
• Knowledge Base
• All Articles
• DynDNS.com Services
• Update Clients
• DVRs/CCTVs/Cameras
• Webservers
• Mail Servers
• Remote Access & FTP
• Tools

These instructions assume Exim 4.x and have been vetted by our support staff running Exim version 4.20 on FreeBSD 4.8:

0. In the "MAIN CONFIGURATION SETTINGS" make sure that your primary_hostname and local_domains variables are configured correctly. Otherwise you'll likely generate nasty loops. Unfortunately we can't tell you precisely how to configure these as they depend on too many local variables. Consult the Exim documentation for more details on configuring these items.

1. In the "ROUTERS CONFIGURATION" section, before any other routers, add the following:

   send_to_gateway:
   driver = manualroute
   domains = !+local_domains
   transport = remote_smtp
   route_list = * outbound.mailhop.org
   

2. In the "TRANSPORTS CONFIGURATION" section, locate the remote_smtp directive and edit it to include:

   remote_smtp:
   driver = smtp
   hosts_require_auth = outbound.mailhop.org
   

   If you have Exim compiled to use SSL, add the following line as well:

   hosts_require_tls = outbound.mailhop.org
   

3. Near the bottom of your configure file, in the "AUTHENTICATION CONFIGURATION", enter:

   login:
   driver = plaintext
   public_name = LOGIN
   client_send = ": username : password"
   

The username and password should of course be your DynDNS.com credentials.

These instructions have been tried out and verified to work by our support staff, using Mac OS X 10.3 running postfix 2.0.10. It is expected that other versions of postfix running on various flavors of UNIX/Linux should be similarly configured.

These instructions assume the postfix config files live in /etc/postfix.

1. In /etc/postfix/main.cf add the lines:

   relayhost = outbound.mailhop.org:2525
   smtp_sasl_auth_enable=yes
   smtp_sasl_password_maps=hash:/etc/postfix/sasl_passwd
   smtp_sasl_security_options=
   

   Optionally, also add the lines:

   smtp_use_tls = yes
   smtp_tls_CAfile = /etc/postfix/cert.pem
   smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session_cache
   

   to enable SSL/TLS when sending outgoing mail. Note that the path info in the second command may be different depending on your system and where you have installed your certificates. The last line may be omitted, but should help reduce CPU cycles verifying the certificate chain when sending outgoing E-mail.

2. Create a file /etc/postfix/sasl_passwd with the contents:

   outbound.mailhop.org:2525 userid:password
   

   where userid and password are your DynDNS.com username and password.

3. Next, change the ownership and permissions on the sasl_passwd file to protect it from unauthorized access.

   chown root:root /etc/postfix/sasl_passwd && chmod 600
   /etc/postfix/sasl_passwd
   

4. Finally, create a database file from the contents of the sasl_passwd file:

   postmap hash:/etc/postfix/sasl_passwd
   

5. OPTIONAL: If you wish to relay only specific domains via Mailhop Outbound, You will need to do the following:

   Remove the relayhost = outbound.mailhop.org entry in main.cf, if one exists.

   Add the following line to your main.cf file: transport_maps = hash:/etc/postfix/transport

   Edit /etc/postfix/transport and update it with something similar to the following:

   # Syntax: .domain transport:relay_host
   # Specifies specific domains for local delivery
   my.domain.com :
   # Specify all subdomains for local delivery
   .my.domain :
   # Specify domains that need to be relayed through outbound.mailhop.org
   aol.com relay:outbound.mailhop.org
   hotmail.com relay:outbound.mailhop.org
   

   Create a database file from the contents of the transport file: postmap hash:/etc/postfix/transport
6. Lastly, reload postfix: postfix reload

Note: Patrick Koetter has put together a very nice guide to Postfix in general and has more detailed instructions on setting up a smart host relay with SMTP Authentication.

If you want to change the port that Postfix uses to send outgoing mail, we have been told that you may need to change the definition of the SMTP port in /etc/services. We do not have comprehensive instructions for making this change, but some reasonable searching should get you the information you need - when changing /etc/services, though, you should be very careful, as this file controls a large part of the UNIX system's TCP/IP interactions.

These instructions have been vetted by our support staff running Communigate Pro version 4.1.7 on Mac OS X 10.3. However, the basic interface for this in Communigate Pro hasn't changed since 3.0 or earlier. As such, these instructions should work with most versions of Communigate Pro currently in service.

1. Using the basic Web interface to administer Communigate Pro, access the SMTP section and select the option "Forward to". Enter outbound.mailhop.org in the text field to the right of this option.

2. In the "Send AUTH" field enter your DynDNS.com username.

3. In the "Password" field enter your DynDNS.com password.

   • http://www.stalker.com/CommuniGatePro/SMTP.html#Foreign

4. Optionally, in the "Send Encrypted (SSL/TLS)" enter outbound.mailhop.org in the "To Domains" field to engage SSL based encryption for communications between you and our relay server.

   • http://www.stalker.com/CommuniGatePro/SMTP.html#Secure

Please see SMTP authentication for Qmail.

Sendmail configuration is not for the faint of heart. Debugging and diagnosis can be even harder, at times. We provide the instructions below, but they gloss over some of the major configuration management issues inherent to Sendmail, and we cannot assist you with those issues. We strongly recommend Exim as an alternative UNIX SMTP server.

These instructions assume that you already have an appropriate .mc file prepared for your Sendmail configuration, and have the appropriate commands/tools prepared to compile that into a sendmail.cf file and install it in the appropriate location. On some BSD-based systems, this is as simple as typing "make" in /etc/mail and editing $hostname.mc. On other systems, it can be considerably more difficult. Consult the manual for your system or Sendmail for more information.

1. Add the following lines to your .mc file:

   FEATURE(authinfo, `hash -o /etc/mail/authinfo')
   define(`SMART_HOST', `outbound.mailhop.org')
   

   If you need to use an alternate port (other than 25) for MailHop Outbound, also add the following line:

   define(RELAY_MAILER_ARGS, `TCP $h 2525')
   

   You may also use port 10025 or any other standard SMTP port that we offer for the MailHop Outbound service in the above line, in place of "2525". You should NOT use the SMTPS port(s) we offer.

2. Create or edit the file /etc/mail/authinfo, and add a line that looks like this:

   AuthInfo:outbound.mailhop.org "U:username" "P:password" "M:LOGIN"
   

   Replacing "username" and "password" with your DynDNS.com username and password, respectively. Be sure to include the rest of the line exactly as it is shown above, quotes and all. You should make sure that this file is not readable by unpriviledged users, as it contains your login information.

3. Build the authinfo file into the Sendmail hash database format with the following command:

   makemap hash /etc/mail/authinfo < /etc/mail/authinfo

   This will create an /etc/mail/authinfo.db file, which Sendmail will use to read the authentication information. You will need to re-run the above command any time you change /etc/mail/authinfo.

4. Finally, compile your .mc file to a .cf file, install it as sendmail.cf, and re-start Sendmail. Your server should now send all mail via the MailHop Outbound server!

These instructions were submitted by one of our customers who managed to get their Exchange 2003 server working with MailHop Outbound. We have not vetted these and don't have an Exchange server of our own to test these with. Consequently we can take no responsibility for these instructions.

Important: If you are using Exchange with MailHop Outbound, please read this information about recipient filtering here.

1. Go to "Start/All Programs/Microsoft Exchange" and click on "System Manager".

2. Expand the "Connectors" item.

3. By default, Exchange uses SMTP for outbound connections, so you should find an "Internet Mail SMTP Connector" already there. Right click on it and select "Properties".

4. On the "General" tab, select "Forward all mail through this connector to the following smart hosts" and enter "outbound.mailhop.org" in the field below.

5. On the "Advanced" tab, click on the "Outbound Security" button to get to "Outbound Security" dialog box.

6. By default, exchange sets up security to use "Anonymous Access". Change this to "Basic authentication (password is sent in clear text)" then click the "Modify" button, enter your DynDNS.com username and password, and click "OK".

7. Back at the "Outbound Security" dialog box, enable "TLS Encryption" and click "OK".

If your provider blocks port 25, you will need to configure your mail server to use port 2525 or 10025 to circumvent the block. To change the outgoing SMTP port:

1. In Exchange, go into first administrative group/servers/server/Protocols/SMTP.

2. Open Properties for Default SMTP Virtual Server.

3. Go to the Delivery tab and click Outbound Connections. In the dialog box, change the TCP port to 2525 or 10025.

4. Restart the Simple Mail Transfer Protocol (SMTP) service in Windows Services.

These instructions were submitted by one of our customers who managed to get their Exchange 2000 server working with MailHop Outbound. We have not vetted these and don't have an Exchange server of our own to test these with. Consequently we can take no responsibility for these instructions.

Exchange's SMTP virtual server does not support authentication. In order to use MailHop Outbound, you must add an SMTP connector.

Important: If you are using Exchange with MailHop Outbound, please read this information about recipient filtering here.

1. Click on Routing Groups -> First routing group -> Connectors.

2. Add an SMTP connector by right clicking on Connectors.

3. In the properties, select "Forward all mail through this connector to the following smart hosts" and enter outbound.mailhop.org in the field below.

4. Add a local bridgehead. If you have only one server, this is your server. If you have more than one, you'll have to figure this out yourself. (no, we don't know what this means)

5. Select Properties: Deactivate "Send HELO instead of EHLO".

6. Activate "Do not send ETRN/TURN".

7. On the Delivery Options page, select "Specify when messages are sent through this connector" and specify "Always Run" (or whatever you desire).

8. Under the Advanced tab, click "Outbound Security..." then "Basic authentication" then click Modify. Enter your DynDNS.com username and password here.

9. Under Address Space, click Add then SMTP. Domain should be * and cost 1.

10. Connector Scope is probably "Entire organization".

11. It is not necessary to click "Allow messages to be relayed through this domain" (and this option probably should not be selected).

Configuration for Microsoft Exchange 2007 is similar to the procedures for 2000 and 2003. For a guide on changing the inbound and outbound SMTP ports in Exchange 2007, please view this entry on Exchange Technical Blog.

Note: A customer helpfully provided the following additional instructions for configuring Exchange 2007 to use an alternate outgoing SMTP port:

By default, Exchange Server 2007 uses port 25 to send SMTP email using Send Connectors. On occasion you may be required to configure an Exchange Send Connector to use a different port - For example, TCP port 465 is commonly used for SMTP over SSL for secure SMTP communication using the SSL protocol. Configuring the port is not exposed through the Exchange Management Console (EMC), it must be configured from the Exchange Management Shell (EMS).

To get a list of the Send Connector names configured in your organization, run:

Get-SendConnector

Here's the one-liner that configures a Send Connector to use port 465:

Set-SendConnector "Your SMTP Send Connector" -Port 465

If you're using a Microsoft Edge server, you will need to configure this from any server that is not running the Edge role. You will also need to wait for an EdgeSync operation or force it manually:

Start-EdgeSynchronization

No services need to be restarted for this change to go into effect.