R. Diez
2020-Oct-25 17:56 UTC
Looking for a guide to collect all e-mail from the ISP mail server
Hi all: I am evaluating mail server solutions for a small business. The trouble is, I am only a part-time admin and a newbie to mail servers. Most guides I have seen are rather unrealistic: they encourage you to expose your e-mail server to the Internet, and hope that you have the resources to keep it patched up. I would rather have an internal mail server that collects e-mails from a standard ISP mail server. It is like the old "POP3 Connector" that came with Microsoft Exchange. Sometimes, there is a mailbox per user on the ISP, and a corresponding one on the local server. Other times, there is a single "catch all" or "multidrop" mailbox on the ISP. Users can still access their internal mailboxes from outside through an OpenVPN connection. The goal is that only VPN, and perhaps SSH, are accessible from the outside. We do not need to arrange any special SMTP configuration with the ISP either. This kind of mail server setup is rather different to the standard configuration. You do not normally need you own antivirus and spam filter, and you do not need to configure SSL certificates, MX or SPF DNS records. Most ISP handle that correctly and economically. Internal e-mail does not leave your LAN, and your internal SMTP server is just a relay for the external ISP SMTP server. Furthermore, most guides do not explain how to setup an autoresponder ("I am on holiday until xxx") so that users can enable theirs with the mouse. Editing configuration files over SSH is not really an option for normal users. This detail is important because it could be the only thing I need above standard e-mail. Further groupware features can be seen as nice but ultimately unnecessary luxury, and a basic shared calendar can be accomplished with a separate server like https://radicale.org/ and a calendar client like one built into Thunderbird. Hopefully, that is all I would need for a small business. Can anyone point me to the kind of guide I need? Failing that, I would need information or examples about using fetchmail, getmail or similar software with Dovecot. Good or bad experiences from you guys would also help. Each of those tools has a detailed man page, but there are many options and ways with different advantages and disadvantages. I would need a simpler guide to get started. I am aware that there are pre-packaged mail server solutions that would perhaps bring an easy-to-use autoresponder, but I haven't seen one yet that where you could tick a box like "this server is only internal and collects mail from the ISP server" during installation. Nor have I seen instructions about reconfiguring the mail server for my ISP mail scenario. I am prepared to learn more and write my own Perl scripts and/or installation guide, but it would be stupid to waste time if something easy already exists. After all, the setup I am describing (external ISP mail server + internal mail server) is not so weird. Thanks in advance, rdiez
Marc Roos
2020-Oct-25 20:01 UTC
Looking for a guide to collect all e-mail from the ISP mail server
Maybe get something like Zimbra, such solutions also have support that you can buy when you need it or don't have time (I guess). -----Original Message----- From: R. Diez [mailto:rdiezmail-2006 at yahoo.de] Sent: Sunday, October 25, 2020 6:57 PM To: dovecot at dovecot.org Subject: Looking for a guide to collect all e-mail from the ISP mail server Hi all: I am evaluating mail server solutions for a small business. The trouble is, I am only a part-time admin and a newbie to mail servers. Most guides I have seen are rather unrealistic: they encourage you to expose your e-mail server to the Internet, and hope that you have the resources to keep it patched up. I would rather have an internal mail server that collects e-mails from a standard ISP mail server. It is like the old "POP3 Connector" that came with Microsoft Exchange. Sometimes, there is a mailbox per user on the ISP, and a corresponding one on the local server. Other times, there is a single "catch all" or "multidrop" mailbox on the ISP. Users can still access their internal mailboxes from outside through an OpenVPN connection. The goal is that only VPN, and perhaps SSH, are accessible from the outside. We do not need to arrange any special SMTP configuration with the ISP either. This kind of mail server setup is rather different to the standard configuration. You do not normally need you own antivirus and spam filter, and you do not need to configure SSL certificates, MX or SPF DNS records. Most ISP handle that correctly and economically. Internal e-mail does not leave your LAN, and your internal SMTP server is just a relay for the external ISP SMTP server. Furthermore, most guides do not explain how to setup an autoresponder ("I am on holiday until xxx") so that users can enable theirs with the mouse. Editing configuration files over SSH is not really an option for normal users. This detail is important because it could be the only thing I need above standard e-mail. Further groupware features can be seen as nice but ultimately unnecessary luxury, and a basic shared calendar can be accomplished with a separate server like https://radicale.org/ and a calendar client like one built into Thunderbird. Hopefully, that is all I would need for a small business. Can anyone point me to the kind of guide I need? Failing that, I would need information or examples about using fetchmail, getmail or similar software with Dovecot. Good or bad experiences from you guys would also help. Each of those tools has a detailed man page, but there are many options and ways with different advantages and disadvantages. I would need a simpler guide to get started. I am aware that there are pre-packaged mail server solutions that would perhaps bring an easy-to-use autoresponder, but I haven't seen one yet that where you could tick a box like "this server is only internal and collects mail from the ISP server" during installation. Nor have I seen instructions about reconfiguring the mail server for my ISP mail scenario. I am prepared to learn more and write my own Perl scripts and/or installation guide, but it would be stupid to waste time if something easy already exists. After all, the setup I am describing (external ISP mail server + internal mail server) is not so weird. Thanks in advance, rdiez
Peter
2020-Oct-25 20:37 UTC
Looking for a guide to collect all e-mail from the ISP mail server
Hello R, Your goal does not sound weird. The most painless way might be to fetch incoming messages from the ISP's IMAP and deliver them to your local dovecot. A shortened fetchmailrc would read: poll remote.server ? user ?, password ? folder 'INBOX' fetchall idle ssl mda "HOME=%T /usr/bin/sudo -u %T /usr/lib/dovecot/deliver" That way your users can create their vacancies with the ISP portal, the ISP will do availability, antivirus etc. You can even use sieve on delivery. Perhaps fetch "Spam" too, if your ISP files it away. Beware, you have to somehow keep tabs on remote and local usernames. Passwords will be different. Local updates should be no problem with a reasonable distro, e.g. the dovecot public repo. Happy becoming a mail server admin! Peter Am 25.10.20 um 18:56 schrieb R. Diez:> Hi all: > > I am evaluating mail server solutions for a small business. The trouble > is, I am only a part-time admin and a newbie to mail servers. > > Most guides I have seen are rather unrealistic: they encourage you to > expose your e-mail server to the Internet, and hope that you have the > resources to keep it patched up. > > I would rather have an internal mail server that collects e-mails from a > standard ISP mail server.? It is like the old "POP3 Connector" that came > with Microsoft Exchange.? Sometimes, there is a mailbox per user on the > ISP, and a corresponding one on the local server.? Other times, there is > a single "catch all" or "multidrop" mailbox on the ISP. > > Users can still access their internal mailboxes from outside through an > OpenVPN connection.? The goal is that only VPN, and perhaps SSH, are > accessible from the outside.? We do not need to arrange any special SMTP > configuration with the ISP either. > > This kind of mail server setup is rather different to the standard > configuration. You do not normally need you own antivirus and spam > filter, and you do not need to configure SSL certificates, MX or SPF DNS > records. Most ISP handle that correctly and economically.? Internal > e-mail does not leave your LAN, and your internal SMTP server is just a > relay for the external ISP SMTP server. > > Furthermore, most guides do not explain how to setup an autoresponder > ("I am on holiday until xxx") so that users can enable theirs with the > mouse. Editing configuration files over SSH is not really an option for > normal users. This detail is important because it could be the only > thing I need above standard e-mail. Further groupware features can be > seen as nice but ultimately unnecessary luxury, and a basic shared > calendar can be accomplished with a separate server like > https://radicale.org/ and a calendar client like one built into > Thunderbird. Hopefully, that is all I would need for a small business. > > Can anyone point me to the kind of guide I need? Failing that, I would > need information or examples about using fetchmail, getmail or similar > software with Dovecot.? Good or bad experiences from you guys would also > help. > > Each of those tools has a detailed man page, but there are many options > and ways with different advantages and disadvantages.? I would need a > simpler guide to get started. > > I am aware that there are pre-packaged mail server solutions that would > perhaps bring an easy-to-use autoresponder, but I haven't seen one yet > that where you could tick a box like "this server is only internal and > collects mail from the ISP server" during installation. Nor have I seen > instructions about reconfiguring the mail server for my ISP mail scenario. > > I am prepared to learn more and write my own Perl scripts and/or > installation guide, but it would be stupid to waste time if something > easy already exists.? After all, the setup I am describing (external ISP > mail server + internal mail server) is not so weird. > > Thanks in advance, > ? rdiez
lists
2020-Oct-25 21:17 UTC
Looking for a guide to collect all e-mail from the ISP mail server
You need SPF and DKIM for your outgoing email to be accepted. My idea of a secure email server is to use submission port 587. Expose port 25 to the world and aggressively filter all remaining email ports with a firewall. And I mean aggressive. Geographically filter so only countries where youe users reside can send and retrieve email. Block major hosting IP space. How many users will be on the system? If you can handle it, assign all the email passwords. This means you need to contact them out of band. I avoid cpanel or similar internet access to email settings. I use nothing but ssh to maintain my server. ? Original Message ? From: rdiezmail-2006 at yahoo.de Sent: October 25, 2020 10:57 AM To: dovecot at dovecot.org Subject: Looking for a guide to collect all e-mail from the ISP mail server Hi all: I am evaluating mail server solutions for a small business. The trouble is, I am only a part-time admin and a newbie to mail servers. Most guides I have seen are rather unrealistic: they encourage you to expose your e-mail server to the Internet, and hope that you have the resources to keep it patched up. I would rather have an internal mail server that collects e-mails from a standard ISP mail server.? It is like the old "POP3 Connector" that came with Microsoft Exchange.? Sometimes, there is a mailbox per user on the ISP, and a corresponding one on the local server.? Other times, there is a single "catch all" or "multidrop" mailbox on the ISP. Users can still access their internal mailboxes from outside through an OpenVPN connection.? The goal is that only VPN, and perhaps SSH, are accessible from the outside.? We do not need to arrange any special SMTP configuration with the ISP either. This kind of mail server setup is rather different to the standard configuration. You do not normally need you own antivirus and spam filter, and you do not need to configure SSL certificates, MX or SPF DNS records. Most ISP handle that correctly and economically.? Internal e-mail does not leave your LAN, and your internal SMTP server is just a relay for the external ISP SMTP server. Furthermore, most guides do not explain how to setup an autoresponder ("I am on holiday until xxx") so that users can enable theirs with the mouse. Editing configuration files over SSH is not really an option for normal users. This detail is important because it could be the only thing I need above standard e-mail. Further groupware features can be seen as nice but ultimately unnecessary luxury, and a basic shared calendar can be accomplished with a separate server like https://radicale.org/ and a calendar client like one built into Thunderbird. Hopefully, that is all I would need for a small business. Can anyone point me to the kind of guide I need? Failing that, I would need information or examples about using fetchmail, getmail or similar software with Dovecot.? Good or bad experiences from you guys would also help. Each of those tools has a detailed man page, but there are many options and ways with different advantages and disadvantages.? I would need a simpler guide to get started. I am aware that there are pre-packaged mail server solutions that would perhaps bring an easy-to-use autoresponder, but I haven't seen one yet that where you could tick a box like "this server is only internal and collects mail from the ISP server" during installation. Nor have I seen instructions about reconfiguring the mail server for my ISP mail scenario. I am prepared to learn more and write my own Perl scripts and/or installation guide, but it would be stupid to waste time if something easy already exists.? After all, the setup I am describing (external ISP mail server + internal mail server) is not so weird. Thanks in advance, ?? rdiez
R. Diez
2020-Oct-25 22:12 UTC
Looking for a guide to collect all e-mail from the ISP mail server
> Your goal does not sound weird.OK, thanks for the confirmation.> The most painless way might be to fetch incoming messages from > the ISP's IMAP and deliver them to your local dovecot. > A shortened fetchmailrc would read: > > poll remote.server ? > ? user ?, password ? > ? folder 'INBOX' > ? fetchall > ? idle > ? ssl > mda "HOME=%T /usr/bin/sudo -u %T /usr/lib/dovecot/deliver"Brilliant, thanks for the info.> That way your users can create their vacancies with the ISP portal,> [...] That's a good idea. But then internal e-mails need to go out to the ISP, don't they? Because, if internal e-mails get delivered locally, the vacation autoresponses on the ISP will not trigger, will they? The trouble is, with that configuration, if the Internet link goes down, internal e-mail stops working too. I was hoping that there would be a complete mail server setup guide somewhere for this kind of setup. But I guess I'll have to piece all these information snippets together. Regards, rdiez
R. Diez
2020-Oct-25 22:25 UTC
Looking for a guide to collect all e-mail from the ISP mail server
> You need SPF and DKIM for your outgoing email to be accepted.> [...] I don't understand why that is the case (but keep in mind that I am a newbie). Is it not possible to set up some internal SMTP server that only relies the e-mails to the external ISP SMTP server? The internal SMTP server would then act like a normal user's Thunderbird. At first I tought that the internal SMTP server would need to know the password for each mailbox user. But then I asked, and the ISP SMTP server allegedly accepts any source e-mail address, as long as you are using one e-mail account that is valid in the domain. I wonder if that is standard practice.> My idea of a secure email server is to use submission port 587. > Expose port 25 to the world and aggressively filter all remaining > email ports with a firewall. And I mean aggressive. Geographically filter > so only countries where youe users reside can send and retrieve email. > Block major hosting IP space.Geo blocking can be problematic. Depending on the small business, some customers and suppliers may sit in China or some other geographical area you would normally block. I am too afraid, I would not expose any such port on the Internet. Who knows if the mail server stays months without an update. If I am to recommend or implement any such mail server solution to a small business, I would insist that the e-mail server is not exposed at all on the Internet. A web interface etc. is not a problem: I just connect with a VPN and bypass most external security issues. If you are the admin, you can also forward the web interface over an SSH connection. Best regards, rdiez
Mihai Badici
2020-Oct-26 07:59 UTC
Looking for a guide to collect all e-mail from the ISP mail server
Why don't you configure all stuff internally and ask your provider to relay the e-mails from and to you via "smart relay"?? You will communicate only via smtp and only with your provider, and you can use a nice open-source bundle ( dovecot is mandatory because you wrote on that list :) ) in your LAN.> > > > > > > > > > ? Original Message > > > From: rdiezmail-2006 at yahoo.de > Sent: October 25, 2020 10:57 AM > To: dovecot at dovecot.org > Subject: Looking for a guide to collect all e-mail from the ISP mail server > > > Hi all: > > I am evaluating mail server solutions for a small business. The trouble is, I am only a part-time admin and a newbie to mail servers. > > Most guides I have seen are rather unrealistic: they encourage you to expose your e-mail server to the Internet, and hope that you have the resources > to keep it patched up. > > I would rather have an internal mail server that collects e-mails from a standard ISP mail server.? It is like the old "POP3 Connector" that came with > Microsoft Exchange.? Sometimes, there is a mailbox per user on the ISP, and a corresponding one on the local server.? Other times, there is a single > "catch all" or "multidrop" mailbox on the ISP. > > Users can still access their internal mailboxes from outside through an OpenVPN connection.? The goal is that only VPN, and perhaps SSH, are > accessible from the outside.? We do not need to arrange any special SMTP configuration with the ISP either. > > This kind of mail server setup is rather different to the standard configuration. You do not normally need you own antivirus and spam filter, and you > do not need to configure SSL certificates, MX or SPF DNS records. Most ISP handle that correctly and economically.? Internal e-mail does not leave > your LAN, and your internal SMTP server is just a relay for the external ISP SMTP server. > > Furthermore, most guides do not explain how to setup an autoresponder ("I am on holiday until xxx") so that users can enable theirs with the mouse. > Editing configuration files over SSH is not really an option for normal users. This detail is important because it could be the only thing I need > above standard e-mail. Further groupware features can be seen as nice but ultimately unnecessary luxury, and a basic shared calendar can be > accomplished with a separate server like https://radicale.org/ and a calendar client like one built into Thunderbird. Hopefully, that is all I would > need for a small business. > > Can anyone point me to the kind of guide I need? Failing that, I would need information or examples about using fetchmail, getmail or similar software > with Dovecot.? Good or bad experiences from you guys would also help. > > Each of those tools has a detailed man page, but there are many options and ways with different advantages and disadvantages.? I would need a simpler > guide to get started. > > I am aware that there are pre-packaged mail server solutions that would perhaps bring an easy-to-use autoresponder, but I haven't seen one yet that > where you could tick a box like "this server is only internal and collects mail from the ISP server" during installation. Nor have I seen instructions > about reconfiguring the mail server for my ISP mail scenario. > > I am prepared to learn more and write my own Perl scripts and/or installation guide, but it would be stupid to waste time if something easy already > exists.? After all, the setup I am describing (external ISP mail server + internal mail server) is not so weird. > > Thanks in advance, > ?? rdiez
Gregory Heytings
2020-Oct-26 14:26 UTC
Looking for a guide to collect all e-mail from the ISP mail server
Hi,> > I am evaluating mail server solutions for a small business. The trouble > is, I am only a part-time admin and a newbie to mail servers. >I too would strongly advise you to use Google Workspace (the recent new name for G Suite, previously known as Google Apps). It's cheap, very reliable, and has all features you can dream of, including an autoresponder. It's unrealistic to think that it's possible to beat a service that costs a mere USD 6 / user / month (and is free for nonprofits!). Gregory
Marc Roos
2020-Oct-26 14:34 UTC
Looking for a guide to collect all e-mail from the ISP mail server
> I too would strongly advise you to use Google Workspace (the recentnew name for G Suite, previously known as Google Apps). > It's cheap, very reliable, and has all features you can dream of, including an autoresponder. > It's unrealistic to think that it's possible to beat a service that costs a mere USD 6 / user / month (and is free for nonprofits!). I would not advice any company that is continuously being fined for breaking the law.
Dave McGuire
2020-Oct-26 14:58 UTC
Looking for a guide to collect all e-mail from the ISP mail server
On 10/26/20 10:26 AM, Gregory Heytings wrote:> I too would strongly advise you to use Google Workspace (the recent new > name for G Suite, previously known as Google Apps).? It's cheap, very > reliable, and has all features you can dream of, including an > autoresponder.? It's unrealistic to think that it's possible to beat a > service that costs a mere USD 6 / user / month (and is free for > nonprofits!).You're advocating storing confidential business or personal data on the servers of the world's largest data mining company, and one that is rapidly becoming quite evil. It's hard to imagine anyone being that dumb, but then this society has been surprising me a lot in recent years. -Dave -- Dave McGuire, AK4HZ New Kensington, PA
Robert Schetterer
2020-Oct-26 20:55 UTC
Looking for a guide to collect all e-mail from the ISP mail server
Am 25.10.20 um 21:01 schrieb Marc Roos:> > Maybe get something like Zimbra, such solutions also have support that > you can buy when you need it or don't have time (I guess). > > > > -----Original Message----- > From: R. Diez [mailto:rdiezmail-2006 at yahoo.de] > Sent: Sunday, October 25, 2020 6:57 PM > To: dovecot at dovecot.org > Subject: Looking for a guide to collect all e-mail from the ISP mail > server > > Hi all: > > I am evaluating mail server solutions for a small business. The trouble > is, I am only a part-time admin and a newbie to mail servers. > > Most guides I have seen are rather unrealistic: they encourage you to > expose your e-mail server to the Internet, and hope that you have the > resources > to keep it patched up. > > I would rather have an internal mail server that collects e-mails from a > standard ISP mail server. It is like the old "POP3 Connector" that came > with > Microsoft Exchange. Sometimes, there is a mailbox per user on the ISP, > and a corresponding one on the local server. Other times, there is a > single > "catch all" or "multidrop" mailbox on the ISP. > > Users can still access their internal mailboxes from outside through an > OpenVPN connection. The goal is that only VPN, and perhaps SSH, are > accessible from the outside. We do not need to arrange any special SMTP > configuration with the ISP either. > > This kind of mail server setup is rather different to the standard > configuration. You do not normally need you own antivirus and spam > filter, and you > do not need to configure SSL certificates, MX or SPF DNS records. Most > ISP handle that correctly and economically. Internal e-mail does not > leave > your LAN, and your internal SMTP server is just a relay for the external > ISP SMTP server. > > Furthermore, most guides do not explain how to setup an autoresponder > ("I am on holiday until xxx") so that users can enable theirs with the > mouse. > Editing configuration files over SSH is not really an option for normal > users. This detail is important because it could be the only thing I > need > above standard e-mail. Further groupware features can be seen as nice > but ultimately unnecessary luxury, and a basic shared calendar can be > accomplished with a separate server like https://radicale.org/ and a > calendar client like one built into Thunderbird. Hopefully, that is all > I would > need for a small business. > > Can anyone point me to the kind of guide I need? Failing that, I would > need information or examples about using fetchmail, getmail or similar > software > with Dovecot. Good or bad experiences from you guys would also help. > > Each of those tools has a detailed man page, but there are many options > and ways with different advantages and disadvantages. I would need a > simpler > guide to get started. > > I am aware that there are pre-packaged mail server solutions that would > perhaps bring an easy-to-use autoresponder, but I haven't seen one yet > that > where you could tick a box like "this server is only internal and > collects mail from the ISP server" during installation. Nor have I seen > instructions > about reconfiguring the mail server for my ISP mail scenario. > > I am prepared to learn more and write my own Perl scripts and/or > installation guide, but it would be stupid to waste time if something > easy already > exists. After all, the setup I am describing (external ISP mail server > + internal mail server) is not so weird. > > Thanks in advance, > rdiez > >see https://blog.sys4.de/abholdienst-fur-mail-de.html -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Schlei?heimer Stra?e 26/MG, 80333 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein