Setup guide

Mail clients must be set up to use SSL

connections. Configuring an active mail

server in the manner described will

cause a loss of service until the clients

are reconfigured. Setting the “Use”

option for a small period of time to allow

clients to switch before "Require" is set

may help them avoid a denial of service.

4.7.3 Configure Authentication Support

Authentication support will protect users’ passwords as they travel across the

network. Although a proper SSL setup will already encrypt the mail client-server

communications, using a secure authentication method is also recommended.

1. Open Server Admin.

2. Click on the Mail server button.

3. Click on Settings.

4. Click on the “Advanced” tab.

5. Uncheck all the boxes in the Authentication: section (in the SMTP, IMAP,

and POP columns).

6. Select an authentication method. If your system is integrated into a

Kerberos realm, place a check in the Kerberos boxes for whichever services

(SMTP, IMAP, or POP) your system offers. If your system is not

integrated into a Kerberos realm, select CRAM-MD5 in the SMTP and

IMAP columns, and APOP in the POP column.

7. Click the “Save” button to apply the changes

4.7.4 Set Account to Receive Problem Reports

An account should be set to receive reports of e-mail problems from Postfix. The

Postfix configuration files located in /etc/postfix refer to this address or one of its

aliases.

1. Open /etc/aliases as root.

2. Change the line reading

#root: you

root: adminaccount

where adminaccount is the name of an administrator account that should

receive reports of e-mail problems. It may be desirable to create an

account specifically for this purpose. Any of Postfix’s configuration files

that are set to send mail to root or postmaster should now send mail to the

adminaccount specified.

UNCLASSIFIED