Gateway Editor
The Gateway Editor includes the following tabbed dialogs:
Gateway
This dialog contains the domain name of the particular domain that you are working with, as well as the path to the directory used for storing messages and file attachments addressed to this domain. Here you will also assign an MBF file to be used when MDaemon delivers mail to this domain's mailbox.
ETRN
Use the controls on this dialog to choose whether MDaemon will respond to ETRN requests made on behalf of the domain in order to dequeue its messages. To aid in security, this dialog also contains controls that make it possible to assign specific IP addresses that MDaemon will honor these requests from, or you can designate IP addresses that will be ignored.
ATRN
Use the controls on this tab if you want MDaemon to respond to ATRN commands from the domain for which MDaemon is acting as an email gateway. The tab also contains controls for specifying the domain's shared secret necessary for authentication and for designating whether or not authenticated requests should be considered valid regardless of IP address.
Options
With this dialog you can declare a host to which the domain's mail will be forwarded as soon as it arrives. There is also a control for stating whether a copy of these messages will be kept locally.
POP/IMAP
Here you can create a POP account that will have access to this domain's stored mail. Using the name and password that are assigned here, an ordinary mail client or another MDaemon installation can access the domain's mailbox and collect its mail.
Quotas
This dialog is used for assigning a limit to the amount of disk space that the domain may use and the maximum number of messages that may be stored.
LDAP
If the gateway's remote domain is keeping an LDAP server up to date with all of its mailboxes, aliases, and mailing lists, you can use this tab to specify that server and thus verify recipient addresses of incoming messages. When a recipient address is found to be invalid the message will be rejected. With this method you can avoid having to accept all messages bound for the gateway's domain regardless of their validity.
Automatic Gateways Creation
The controls on this dialog (Gateways Automatic Gateway Creation…) are used to configure MDaemon to automatically create a Domain Gateway for a previously unknown domain when another source attempts to deliver that domain's messages to MDaemon, and a DNS query lists MDaemon's location as a valid MX record.
Domain Name
Enter the name of the domain for which you wish MDaemon to act as an email gateway.
Mail Directory
Place message files for all users of this domain here
Enter the directory where you want to store incoming mail for the domain.
Automatically extract embedded attachments
Some mail systems require attached files be extracted before submission of mail messages to the mail stream. To facilitate this, MDaemon can auto-extract incoming MIME attachments and place them in the \Files\ subdirectory underneath the domain's message directory. This directory will only be used if the "Auto-Extract" switch is selected.
Deliver messages at each scheduled remote mail processing interval
Ordinarily, when MDaemon receives mail that is intended for one of its Domain Gateways it will store the messages until in that domain connects to MDaemon to collect it. In some situations you may want MDaemon to attempt to deliver the mail directly via SMTP rather than waiting for the domain to collect it. When this control is enabled, MDaemon will attempt to deliver the domain's messages at each remote mail processing interval. The gateway's mailbox will temporarily act as a remote queue and delivery will be attempted. Any messages that cannot be delivered will simply remain in the gateway's mailbox until they are collected by the domain or are successfully delivered later; they will not be moved into the remote queue or retry system.
Apply this MBF File to Incoming Messages
The MBF file specified here will be applied to all incoming messages that arrive for the domain. This allows for any special reformatting that may be required.
ETRN
Respond to ESMTP ETRN requests made for this domain
When this switch is enabled MDaemon will respond to ESMTP ETRN requests made by qualified hosts on behalf of the domain for which MDaemon is acting as an email gateway. The ETRN command is an SMTP extension that signals a server storing mail for a particular domain that it is time to begin spooling the mail. When MDaemon receives an ETRN request for a domain, it will immediately begin spooling the stored mail for delivery using subsequent SMTP transactions. Please note that the SMTP session that issues an ETRN request will not be the one that receives any stored mail. MDaemon will use subsequent independent SMTP transactions to send any mail it has stored for the domain. This preserves the message envelope and is more secure. Also note that the host to which MDaemon will spool any stored mail may not immediately begin reception of these messages. ETRN only guarantees that any stored mail is spooled for delivery. The actual process of delivery is subject to other administrator-imposed restrictions and may have to wait in the outbound mail queue for the next scheduled remote mail processing event to take place. Because of these limitations we recommend using On-Demand Mail Relay (ODMR) and its ATRN command rather than ETRN. This method is not supported by all clients and servers, however, and will therefore only be available to client domains using a server that does so. MDaemon fully supports ODMR on both the client and server side.
Spool all mail to this host
This is the host name or IP address to which any stored mail will be sent when an ETRN request is received and honored. This machine must be running an SMTP server to receive these messages.
If the domain listed above is local treat it as if it were foreign
Activate this control if the domain is local but you want its mail to be spooled as if it is remote.
Spool all mail to IP of machine making ETRN request
Selecting this option will cause MDaemon to send any stored mail to the IP address of the machine that made the ETRN request. The requesting machine must be running an SMTP server to receive these messages.
Use this port when spooling mail
Use this control to specify the port on which the domain's mail will be spooled.
IP Access
Honor ETRN/ATRN requests from these IPs
Select this switch and MDaemon will honor ETRN/ATRN requests made from any IP listed in the associated address list.
Ignore ETRN/ATRN requests from these IPs
Select this switch and MDaemon will ignore ETRN/ATRN requests that are made from any IP listed in the associated address list.
Add new IP
To add a New IP to the current list simply enter the IP into this text box and click the ADD button.
Remove
Click this button to remove a selected entry from the list of IP addresses.
ATRN
Respond to ESMTP ATRN commands for this domain (requires AUTH)
Activate this control if you want MDaemon to respond to ATRN commands from the domain for which MDaemon is acting as a gateway. ATRN is a new ESMTP command used in On-Demand Mail Relay (ODMR), which is currently the best relay method available for mail hosting. It is superior to ETRN and other methods in that in requires authentication before mail is dequeued and does not require a static IP address. A static IP address isn't required because the flow of data between MDaemon and the client domain is immediately reversed and the messages are despooled without having to make a new connection-unlike ETRN, which uses a separate connection after the ETRN command is sent. This enables client domains using a dynamic (non-static) dialup account to collect their messages without having to use POP or DomainPOP to distribute them to their users because the original SMTP envelope is preserved.
AUTH shared secret
Enter the client domain's "Shared Secret" or password here that will be used during authentication.
Dequeuing mail requires authentication
When you have configured the settings for this domain to accept ESMTP ETRN requests, you may use this tab's controls to require the connecting host to first authenticate itself using the ESMTP AUTH command. Since ATRN requires authentication, this control must be enabled before MDaemon will respond to ATRN requests.
Authenticated requests are valid regardless of connecting IP
Enable this checkbox if you want to honor authenticated requests regardless of the IP address from which they are coming. If this control is not enabled then only requests from those IP addresses specified in the IP Access section of the ESMTP ETRN tab will be honored.
Options
Enable AntiVirus scanning for this gateway
Click this option if you have installed AntiVirus for MDaemon and want this domain gateway's messages to be scanned. If you clear this option then AntiVirus will not scan this gateway's messages.
Enable AntiSpam scanning for this gateway
Click this option if you want to apply the Spam Filter settings to this domain gateway's messages. Otherwise, they will be excluded from Spam Filter scanning.
Forwarding
Forward mail to this host
Sometimes it is advantageous to simply forward a copy of all messages for a domain as they arrive. If you wish to configure MDaemon to do this then enter the name or IP address of the SMTP server to which copies of incoming mail for this domain should be sent.
Forward mail to this address
Use this feature if you wish to forward to a specific email address all email messages destined for this client domain.
Use this address in SMTP envelope
MDaemon will use this address in the SMTP "Mail From" transaction.
Forward mail using this TCP port
MDaemon will forward this mail using this TCP port.
Retain a local copy of all forwarded messages
Select this option if you wish MDaemon to retain a copy of a message locally once it has been forwarded.
Early versions of MDaemon pioneered a method of mail collection known as DomainPOP. Besides using MDaemon to collect mail via DomainPOP it can also be used to act as a DomainPOP host for other domains for which your MDaemon is acting as an email gateway. In other words, all messages for the domain can be collected in a single mailbox on your server. Then, the domain can connect to you and collect them by using their own MDaemon, or by using a regular POP client instead of an MDaemon, although in that case DomainPOP parsing would not be available to them. The controls on this dialog are used to create the account that MDaemon will use for storing the Domain Gateway's mail.
Because MDaemon Pro supports the IMAP email protocol, accounts created in MDaemon Pro can also be accessed by clients using that protocol instead of just the POP protocol.
Mailbox Name (logon)
Enter the POP USER name that the client domain will use to access the messages stored in its mailbox.
Password or shared secret
Enter the password or shared secret that the client's domain will use to access the messages stored in its mailbox.
Create/update account
Click here to create an account or to update the Mailbox name and Password values if the account already exists.
Quota Options
This gateway must observe these quota settings
Here you can specify the domain's maximum number of allowable messages and the maximum amount of disk space (in kilobytes) that it can consume. This includes any decoded file attachments in its Files directory.
Place a warning message in gateway mail directory when over quota
If this control is enabled and a mail delivery to the domain is attempted that would exceed the maximum message or disk space limitations, the message will be forwarded to the designated address along with an appropriate warning.
Address warning message to
Specify the address to whom the over quota warning message should be sent.
Address warning message from
Specify the address from whom the over quota warning message should appear to have been sent.
One common problem with domain gateways and backup servers is that they don't usually have a method for determining whether or not the recipient of an incoming message is valid. For instance, if a message comes to example.com's backup server for frank@example.com then the backup server has no way of knowing whether or not there is actually a mailbox, alias, or mailing list at example.com for "frank". Thus the backup server has no choice but to accept all of the messages. MDaemon contains a method for verifying these addresses and solving this problem. The remote domain's MDaemon can be configured to keep an LDAP server up to date with all of its mailboxes, aliases, and mailing lists. Then, you can use the options on the Verification tab of the Domain Gateway editor on the backup server to specify the LDAP server on which this information is stored. Now, when a message arrives for example.com the backup server can look up the recipient's address on the LDAP server and discover whether or not it is valid. If it isn't then the message will be rejected.
LDAP Options
Verify accounts using an LDAP server
Click this check box to activate remote address verification. Whenever a message arrives for the remote domain its LDAP server will be queried to determine whether or not the recipient is valid. If it isn't valid the message will be rejected.
Host name or IP
Enter the host name or IP address of the domain's LDAP server. This is the LDAP server to which MDaemon will connect in order to verify the domain gateway's address information.
Port
Specify the port that the domain's LDAP server is monitoring. MDaemon will use this port when verifying the account information.
Test
Click this button to test whether or not you have the remote address verification settings configured properly. MDaemon will simply attempt to connect to the designated LDAP server and verify that it responds to the specified information.
Bind password
This password will be passed to the domain's LDAP server along with the Bind DN value for authentication.
Object class
Specify the object class to which each MDaemon user's LDAP address book entry belongs. Each entry will contain the objectclass= attribute with this as its value.
Bind DN
Enter the DN of the account that has administrative access to the domain's LDAP server so that MDaemon can verify the gateway's address information. This is the DN used for authentication in the bind operation.
Base entry DN
This is the base entry (root DN) that will be used in all of the domain gateway's address information used for remote verification.
Attribute(s) containing email address (separate each with a comma)
You can use this text box to specify multiple mail attributes when using LDAP servers to verify domain gateway mail recipients. This is sometimes needed when the LDAP server contains one attribute to store the mail address and a different attribute to store aliases. Separate each attribute with a comma.
Using multiple configurations for LDAP verification queries
You can specify multiple LDAP configurations for your gateway domains. To specify extra sets of LDAP parameters, setup your first set normally and then manually edit the GATEWAYS.DAT file using notepad.
Your new set of parameters should be created using the following format:
LDAPHost1=<host name>
LDAPPort1=<port>
LDAPBaseEntry1=<base entry DN>
LDAPRootDN1=<root DN>
LDAPObjectClass1=MDaemonContact
LDAPRootPass1=<password>
LDAPMailAttribute1=mail
For each new set of parameters, increase the numeral in each parameter's name by 1. For example, in the sample set above, each parameter's name ends with "1". To create an additional set each name would end with "2". In another set, each would end "3", and so on.
When the LDAP queries take place, MDaemon will perform multiple LDAP queries in sequence to find a match. If an error or a match is found no further checks are performed.
Automatic Gateway Creation (PRO only)
The controls on this tab are used to configure MDaemon to automatically create a Domain Gateway for a previously unknown domain when another source attempts to deliver that domain's messages to MDaemon, and a DNS query lists MDaemon's location as a valid MX record.
For example:
With automatic gateway creation enabled, if MDaemon's primary domain IP address is 1.2.3.4 and a message is delivered via SMTP for an unknown domain example.com, MDaemon will perform MX and A-record queries on example.com to see if 1.2.3.4 is a known mail relay host for it. If the results of the DNS queries state that MDaemon's IP address is a valid MX host for example.com then MDaemon will automatically create a new Domain Gateway for it and accept its email. Messages for example.com will then be stored in a special folder and, if you so choose, spooled to higher level MX hosts at each remote mail processing interval. This feature effectively enables you to become a backup server for another domain by simply configuring the DNS system to use your IP as an alternate MX host.
To help secure this feature, MDaemon can be configured to send a confirmation request to an email address of your choice. While MDaemon is waiting for the confirmation response, messages for the domain will be accepted and stored but not delivered. Confirmation requests must be replied to within an amount of time that you designate or the automatically created gateway will be removed and all stored messages deleted. If confirmation is received before the time has expired then the stored messages will be delivered normally.
Automatically create domain gateways based on DNS lookup results
Click this checkbox if you want MDaemon to automatically create Domain Gateways based upon the results of DNS queries.
Don't create domain gateways when sender of message is a local user
Enable this control if you do not want messages originating from local users to trigger automatic gateway creation.
Require confirmation before rendering the gateway active
When this control is enabled, MDaemon will send a confirmation message to the email address of your choice in order to determine whether the automatically created gateway is valid. MDaemon will continue to accept messages for the domain in question but will not deliver them until confirmation is received.
Send creation confirmation message to
Use this textbox to list the address to which you wish confirmation messages to go.
Confirmation must be received within XX minutes
This control is for designating the number of minutes that MDaemon will wait for a response to any given confirmation message. If this time limit expires then the Domain Gateway in question will be deleted.
Deliver gateway's mail to higher MX hosts at each queue run
If you want MDaemon to attempt to deliver this gateway's messages to higher level MX hosts each time that the remote queue is processed then enable this control.
Use this gateway as a pattern
Choose a Domain Gateway from this drop-down list and MDaemon will use its settings as a template for all future automatically created gateways.
New
Clicking the New button will open the Gateway Editor, which can be used to create a new Domain Gateway.
