This is a huge topic but the basic setup is pretty simple.
('Testing it out' describes in three short paragraphs setting up
two accounts and logging in to webmail to actually use them.)
Table of contents:
Also see MSA / Alternate port SMTP service (and SMTP AUTH)
Also see (OLD) "lightweight" VMail description
Also see SPF - fighting address forgery
Also see Reading E-mail headers
Also see Tuning the Spam Filter
E-Mail - Client Setup
To retrieve mail, you need to know the userid, password, and
POP/IMAP server name. If you want to send mail, you need the
SMTP server name. Those are the four basic parameters needed to
configure an e-mail client.
|Basic E-mail Configuration parameters |
using example: mailbox@yourdomain
|POP Server:|| yourdomain |
|SMTP Server:|| yourdomain |
|WEB Mail:|| http://yourdomain/cgi-bin/sm/ |
|userid:|| mailbox@yourdomain * |
|password:|| picked by you or your admin * |
* - The userid and password should have been chosen by you or your site administrator (see next section).
If your e-mail software does not want to use an at (@) symbol in the userid
field, you can use % instead (e.g. mailbox%yourdomain).
IP based accounts can simply use mailbox, but it is simpler to consistently use the generic format.
IMAP and POP accounts are "the same". The protocols are different, but
if you have built a POP account, you can access it via the IMAP service
(just subsitute "IMAP server" where it says "POP server" above).
Many ISPs are blocking the normal SMTP (outgoing mail) port.
If you are having trouble sending mail you may need to configure
your e-mail client to use the MSA / Alternate port SMTP service.
"Secure" (SSL/TLS) E-mail
This is not really secure email. To get real security, email should be
encrypted from end-to-end using something like Gnu Privacy Guard (
You can transfer mail to and from the baremetal servers using SSL encrypted
transfers. The pop3 and IMAP servers support starttls and have
SSL specific versions on the normal ports (993 and 995). The gotcha
is the SSL certificate (since we host LOTS of domains).
We're currently using a wildcard *.baremetal.com, which means that
to avoid warnings you will need to use a domain.baremetal.com name for
the POP/IMAP/SMTP server name. Many/most webhosting accounts we setup
have a 'temp name' that fits this pattern and works well. Contact support
for further details.
Creating E-mail Accounts
The main interface for configuring e-mail is the VMail link on the /sec-bin/ control
panel. It will be at http://yourdomain/sec-bin/vmail
The main VMail screen is a bit big and intimidating. We are working to change that, but it provides a nice overview and we are
reluctant to lose that.
There are two main account types: Forwards and POP accounts. Forwards just forward any e-mail they receive to another address. POP
accounts actually store mail until some comes and reads it.
A forward called "*" is special. It is called the "wildcard address" and it will match any address not otherwise specified. We used to
install the wildcard address by default, but since wildcards can catch insane amounts of spam, we now just install a forward for
webmaster. We also recommend that clients remove the wildcards if they are not using them.
Ok, so are you ready to create a new account? Click the 'Add an account' link at the upper left of the /sec-bin/vmail page. The next
page has the form for adding a new account.
Adding a account
You must specify a userid. This will form the part of the e-mail address that comes before the @ sign (e.g.
userid@yourdomain). The "Name" field is just a label, you can leave it blank. If you are creating a Forward account, you can
leave the password field blank (otherwise you must specify a password). If you are creating a Forward account, you must specify a
forwarding address. The quota field is only used for POP accounts and controls how much space is available to store messages.
Testing it out
For testing, I would suggest setting up a test POP account, and then using webmail to check it. So, go to the 'Add Account' page.
Specify a userid of test, and set a password. Hit the 'build it' button. That is all there is to creating an account!
You should be able to go to http://yourdomain/cgi-bin/sm and login to the webmail system using the userid 'test' and the
password you just picked. You can send e-mail to test@yourdomain, or to a friends address, and they should be able to reply back to
Go back to the 'Add Account' page. Specify a userid of taketwo and set a destination address of test@yourdomain, then hit 'build it'.
You should now be able to send mail to taketwo@yourdomain and see it show up in your test@yourdomain mailbox.
That really is all there is to creating e-mail accounts. It would probably be a good idea to delete the test and taketwo accounts when
you are finished with them. To delete an account, just take the 'delete' link next to the account you want to remove (and press 'delete
this' on the confirmation screen :-)
The Update link in the /sec-bin/vmail page will allow you to update the settings for an account (e.g. name, password, quota,
Currently, you can _not_ change a POP account to a forward or vice-versa. You have to delete it first.
The rest of the main /sec-bin/vmail page if for configuring the spam settings. Note that the "Display" link for the challenge/response
queue will shift to "DISPLAY" (all uppercase) if there are queued messages.
This is another huge topic. Unfortunately spam is basically a fact of life on the internet. With the right precautions and tools, it
can be be almost eliminated, but sooner or later it always seems to come through.
One tip we will pass on. Try to reduce the number of valid addresses you have. If you have ten public addressses, you are likely to
get ten times as much spam as someone with one public address. That is one of the reasons why we like to discourage use of the wildcard
address. Spammers occassionally make up thousands of addresses at a domain.... :-(
OK, what else can you do? The normal tips are valid. Don't follow the "unsubscribe" links/instructions. In my humble opinion
complaining to the sending ISPs about spam is usually a waste of time (if not yours, then sysadmin time). You'll get responses from
the nice people who can't help you and be ignored by the spammers.
Spam Filtering Tools
We provide two main types of spam filters: a content-filter and a challenge response system. Our challenge response system is described
here. The content filter is SpamAssassin. The definitive SpamAssassin site
Both SpamAssassin and Challenge/Response filtering can be turned on and configured from the main /sec-bin/vmail page. If your account
has a password set (this is why forwards can have passwords) you can also change the settings for your particular e-mail account from
WebMail is a system where you can use your web browser to read your e-mail instead of installing and configuring an e-mail client like
Eudora or Outlook. Alternatively, you can use it to "peek" at your e-mail while you are away from your main computer.
We have three systems you can use for webmail. SquirrelMail is the best system for actually reading and writing e-mail. It lives at
http://YOURDOMAIN/cgi-bin/sm . If all you want to do is delete a bunch of messages, then the Foodora program at
http://YOURDOMAIN/cgi-bin/foodora might be better, and in between those two is http://YOURDOMAIN/cgi-bin/webmail which is about as
simple as webmail can be (too simple really).
You can add "autoresponders" which will automatically send an e-mail back if someone e-mails the address of the autoresponder. The
Autoresponder can even be on the same address as another account. The simplest way to setup and maintain an autoresponder is via the
Mailing lists. There are several ways to do this.
The mail system supports "lists" in two ways. 1) A forwarding account can go to multiple addresses. This works well for short lists of
addresses, since there is a limit to the length of the list of forwarding addresses. 2) For longer lists, you can create a file
containing the addresses, (one address per line). The name of the file should be the name of the list. For example, if you want to
e-mail members@yourdomain, you would call the file "members" (without the quotes). Then you use your FTP program to upload that file
to the "lists" subdirectory of the "yourdomain.vmail" directory.
For lists which change a lot, you should probably consider using a mailing list manager. This is an "add-on" that BareMetal has to
configure. We support the Majordomo, and MailMan mail list manager programs. The advantage of these options is that the list
management programs allow people to subscribe and unsubscribe on their own. They can also implement archiving, security, and other
features. Talk to firstname.lastname@example.org to get more information or have one added to your account.
Administrators can change email passwords using the same /sec-bin/vmail
interface they use to create accounts. End users can change their
passwords at http://yourdomain/cgi-bin/password.