1

Topic: Configure Outlook to use iRedMail accounts

==== Required information ====
- iRedMail version: 0.8.3
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Ubuntu 12.04
- Related log if you're reporting an issue:
====

Hi.  Someone is trying to configure their Outlook to use an email account created with iredadmin.  The account works fine in roundcube.  I've never used Outlook before, so I'm not very familiar with is.

Apparently you need to give it the servername, smtp port, and pop3 port.  Which to use?

I'm guessing the servername is just the one I used when I installed iRedMail (e.g. mx.mydomain.com)

I did nmap on the VPS that's running the mailserver, and I see that
smtp is on port 25
pop is on port 110
pops is on port 995

He tried these ports, but said that outlook "Failed" (I'm not in the room with him, so I can't see exactly what he means).  I looked at this http://www.iredmail.org/wiki/index.php? … dMail/FAQ.

So do I need to open port 389 on the VPS to get Outlook to work at all?  Is there anything else I need to do serverside?  Anything I should know about Outlook (I remember when setting up postfix+dovecot from scratch one time there were configs that needed to be set in order for Outlook to work, but I'm not sure what the iRedMail default configs are like, i.e. if they are Outlook-friendly, though I should learn).

Thanks for any help.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Configure Outlook to use iRedMail accounts

Personally, i don't use Outlook myself, but here's config used in Thunderbird, hope it helps:
http://www.iredmail.org/wiki/index.php? … r.iRedMail

- You don't need to open port 389.
- iRedMail configures Dovecot to be Outlook friendly by default.

3 (edited by Pacopag 2012-12-18 02:39:58)

Re: Configure Outlook to use iRedMail accounts

Ok, thanks.  I've got it working with Outlook 2007.  But I need to be able to use it with Outlook 2003.  The problem is that Outlook 2003 doesn't support TLS.  So is there a way to get iredmail to accept SSL instead of TLS for sending from a client?

I guess even to disable tls altogether is an option if it will get Outlook 2003 to work.  I've tried modifying postfix's main.cf to have,

smtpd_use_tls=no
and
smtpd_tls_security_level = none

But this still doesn't work when I set the encryption method to "None" in Outlook.  Man, I hate Outlook.

4 (edited by Pacopag 2012-12-18 04:13:27)

Re: Configure Outlook to use iRedMail accounts

I've been looking around further, and it seems like it might work to use SSL over port 465, but this is deprecated and not supported by iRedMail out-of-the-box (I think).  Is there any workaround to get iRedMail to use SSL over port 465 for smtp?

The other option is to disable encryption altogether, but I can't seem to figure that out either.  I tried commenting out all the tls-related lines in /etc/postfix/main.cf and reloading postfix. Then in Outlook I tried smtp port 25 with No encryption, but it's still not working.  But I've found that even with this configuration, I can't connect via POP3 without using SSL in Outlook, so I don't think I'm disabling the encryption stuff in postfix correctly.

Here's my main.cf in an attempt to disable tls/ssl and use port 25 with no encryption.

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
#smtpd_tls_cert_file = /etc/ssl/certs/iRedMail_CA.pem
#smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
#smtpd_use_tls=no
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = mx.backsaba.com
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases
myorigin = mx.backsaba.com
mydestination = $myhostname, localhost, localhost.localdomain, localhost.$myhostname
relayhost = 
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4
virtual_alias_domains = 
mydomain = backsaba.com
mynetworks_style = subnet
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated
delay_warning_time = 0h
maximal_queue_lifetime = 1d
bounce_queue_lifetime = 1d
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions
smtp_data_init_timeout = 240s
smtp_data_xfer_timeout = 600s
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated, check_helo_access pcre:/etc/postfix/helo_access.pcre
queue_run_delay = 300s
minimal_backoff_time = 300s
maximal_backoff_time = 4000s
enable_original_recipient = no
disable_vrfy_command = yes
home_mailbox = Maildir/
allow_min_user = no
message_size_limit = 15728640
virtual_minimum_uid = 1002
virtual_uid_maps = static:1002
virtual_gid_maps = static:1002
virtual_mailbox_base = /var/vmail
transport_maps = proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf, proxy:mysql:/etc/postfix/mysql/transport_maps_domain.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf, proxy:mysql:/etc/postfix/mysql/domain_alias_maps.cf, proxy:mysql:/etc/postfix/mysql/catchall_maps.cf, proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf, proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf
recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf, proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_domain.cf
relay_domains = $mydestination, proxy:mysql:/etc/postfix/mysql/relay_domains.cf
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql/sender_login_maps.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = 
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = no
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, check_policy_service inet:127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
#smtpd_tls_security_level = may
#smtpd_tls_loglevel = 0
#smtpd_tls_CAfile = /etc/ssl/certs/iRedMail_CA.pem
####smtpd_tls_auth_only = no
#tls_random_source = dev:/dev/urandom
mailbox_command = /usr/lib/dovecot/deliver
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = ./dovecot-auth
#content_filter = smtp-amavis:[127.0.0.1]:10024
smtp-amavis_destination_recipient_limit = 1

5

Re: Configure Outlook to use iRedMail accounts

To enable smtps, please enable smtps in /etc/postfix/master.cf, and add necessary arguments like submission. for example:

smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

Don't forget to open port in iptables.

6

Re: Configure Outlook to use iRedMail accounts

Yup.  Got it.  Thanks a whole bunch.