Email

From WebarchDocs
Revision as of 13:22, 12 January 2019 by Chris (talk | contribs)
Jump to: navigation, search

All the email accounts on the old mail.webarch.net and mail1.ecohost.email have now been migrated to webarch.email.

Webarch.email

This is our newest mailserver, it is running Mailcow. This server has two web interfaces, #Mailcow and #SOGo.

The Mailcow documentation includes instructions for configuring clients which you can use with the details below.

Mailcow

The Mailcow interface has two modes depending if you login as a domain administrator (for these accounts the username is a single word with no punctuation) or as a email account holder (for these accounts the username is your email address):

Mailcow domain administration

You need to login as a Mailcow domain administrator if you want to create email accounts, create aliases or reset mailbox password.

To change the password on a mailbox, login using the administration account (this will have a username as a login not a email address) and click Configuration, Mailboxes as shown below:

Screenshot 2018-11-27 mailcow UI.png

Then click Edit to update the mailbox account password:

Screenshot 2018-11-27 mailcow UI 2.png

Mailcow mailbox

A Mailcow mailbox can have multiple aliases and for Thunderbird all you should need to configure is your username, which is your email address, and your password (thanks to the #DNS_Settings), if you have a client that needs manual configuration these are the details you need:

Webarch.email IMAP
  • Username: example@example.org (your email address)
  • Password: XXX (the password you have been provided with)
  • Server: mail.webarch.email
  • Port: 993
  • Security: SSL/TLS
  • Authentication: username and plain text unencrypted password (there is SSL/TLS encryption at the transport level)
Webarch.email POP3
  • Username: example@example.org (your email address)
  • Password: XXX (the password you have been provided with)
  • Server: mail.webarch.email
  • Port: 995
  • Security: SSL/TLS
  • Authentication: username and plain text unencrypted password (there is SSL/TLS encryption at the transport level)
Webarch.email SMTP
  • Username: example@example.org (your email address)
  • Password: XXX (the password you have been provided with)
  • Server: mail.webarch.email
  • Port: 587 or 465
  • Security: SSL/TLS
  • Authentication: username and plain text unencrypted password (there is SSL/TLS encryption at the transport level)

Mailcow Alias

In Mailcow two types of aliases can be created:

  • Domain aliases, this is where anyone@example.org.uk and anyone-else@example.org.uk email is forwarded to anyone@example.org and anyone-else@example.org, just one alias is created for the domain name.
  • Aliases, this is where someone@example.org.uk is forwarded to someoneelse@example.org.uk

SOGo

SOGo is the web based IMAP client on webarch.email and it can be accessed via the "SOGo" link at the bottom of the front page or directly via https://webarch.email/SOGo.

There is a SOGO usage FAQ list on the SOGO.nu site, documentation will be added here when we have a chance.

SOGo Autoresponder / Vacation Message

You can set a out of office / vacation / holiday / automatic reply / autoresponder if you login to the SOGo interface and select Preferences, Mail, Vacation.

SOGo Forwarding

You can set a email account to also forward email to another account with the option for keeping a copy locally via SOGo, select Preferences, Mail, Forwarding.

Spam Settings

You can change the anti-spam settings by logging it at webarch.email with your email address and scrolling down the page and clicking "Spam filter", then you can adjust the thresholds, if too many things are being classed as spam you need to increase the values from the default of 5:15, for example, move the left hand slider to the right to increase the length of the green bar to cause less email to be moved to the junk folder and decrease the size of the red bar to cause less email to be thrown away — email with a green score goes to your INBOX, email with a yellow score goes to your Junk folder and email with a red score is thrown away, you will never see it.

Spam Settings

There is also the option below this to whitelist and blacklist email addresses, this is useful if an email address is sending you spam or if someones emails are classed as spam when they are not.

DNS Settings

If the DNS servers for your domain are provided by Webarchitects then we should have set the DNS up correctly for you, if you manage your own DNS then these are the settings you need for your Bind configuration file to ensure that clients such as the Thunderbird Autoconfiguration finds the webarch.email auto-configuration XML file and so forth:

                      IN MX    10        mail.webarch.email.
autodiscover          IN CNAME           config.webarch.email.
autoconfig            IN CNAME           config.webarch.email.
_imap._tcp            IN SRV   0 1 143   mail.webarch.email.
_imaps._tcp           IN SRV   0 1 993   mail.webarch.email.
_pop3._tcp            IN SRV   0 1 110   mail.webarch.email.
_pop3s._tcp           IN SRV   0 1 995   mail.webarch.email.
_submission._tcp      IN SRV   0 1 587   mail.webarch.email.
_smtps._tcp           IN SRV   0 1 465   mail.webarch.email.
_sieve._tcp           IN SRV   0 1 4190  mail.webarch.email.
_autodiscover._tcp    IN SRV   0 1 443   config.webarch.email.
_carddavs._tcp        IN SRV   0 1 443   mail.webarch.email.
_caldavs._tcp         IN SRV   0 1 443   mail.webarch.email.
_carddavs._tcp        IN TXT   "path=/SOGo/dav/"
_caldavs._tcp         IN TXT   "path=/SOGo/dav/"

See also the Mailcow DNS configuration guide.

Mailcow Netfilter

Because email is generally used as the method for resetting all other online accounts there is a lot of potential harm that can come from your account being compromised, as it can be used as a key to get into other online services, including ones that might have saved your debit and or credit card details.

It is therefore very important to have very strong passwords on your email accounts — there are constant attacks from botnets trying to brute force access to accounts through weak passwords.

The Mailcow server at webarch.email will block the subnet of your IP address for 10 minutes if you have 10 failed logins in a 5 minute period.

You can tell that your IP address has been blocked if you can't visit https://webarch.email/ using a web browser.

If this happens to you it can indicate that you have a misconfigured client which is attempting to login using incorrect details, regrettably false positives do sometimes happen.

In the case of a false positive please check what your IP address is and contact us to request that we check the logs.

If you have a static IP address it can be whitelisted, however this isn't generally a solution as most people have dynamic IP addresses that change on a regular basis, but there are circumstances, like an office with a fixed IP address where this makes sense.

Thunderbird

Mozilla Thunderbird is a cross platform email client which is free.

The account configuration wizard in Thunderbird should be able to automatically get all the setting correct apart from the username — you will need to manually correct this for the Webarchitects servers, it’s in the form user.example.org — Thunderbird doesn’t guess the .example.org part.

If you don’t like the behaviour of IMAP then Thunderbird can be configured to work like a POP3 client to delete and download emails or you can connect using POP3 over SSL on port 995, if you do this be sure to select SSL/TLS for connection security and untick “Use secure authentication”.

K-9

K-9 is a free Android email client available from F-Droid and the Google Play Store, please see the K-9 Mail page for screen shots documenting how to configure it to work with webarch.email.

Email Issues

If there are problems with email we will often ask you to forward the problematic email with all the headers, please see this guide for displaying headers for a variety of email clients.