User Login      + Register  

Sme-Server Virtual Machine  SecureOffice  xoops  29-Nov-2020 17:30  0  176 reads

Table_of_Contents

1      About SME Server

1.1                Ease of Administration

1.2                File and Print Sharing

1.3                Internet Connection

1.4                Email

1.5                Antivirus and Antispam

1.6                Firewall

1.7                Remote Access

1.8                Directory Services

1.9                Web Hosting

1.10            Raid

1.11            Backup

1.12            Automatic Updates

1.13            Extensible

2      Install SME Server Virtual Machine

2.1                Pre-Configured Sme-Server Virtual Machine

2.2                Create SME Server Virtual Machine

3      Configure SME Server Virtual Machine

3.1                SME Server First Boot Configuration

3.2                Test Virtual Machine on PC

3.3                Further SME Server Configuration

3.4                Enable Secure Shell Access

4      Install SecureOffice VmWare Workstation

4.1                Link VM and SecureOffice SSL Certs

4.2                Configure Domain Email

4.3                Forward WAN Service Ports to VM

4.4                Forward http(s) Services to VM

5      Final SME Server Configuration

5.1                Access Domain Website

5.2                Access SME Server Administration GUI

5.3                Configure Email Services

5.4                Configure SME Server Users and Groups

5.5                Configure SME Email Server

5.6                Test Domain Email Using Webmail

5.7                Configure Email Client on PC

6      Troubleshooting SME Server

List of Figures

Figure 1:       VmWare Workstation Main Screen

Figure 2:       VmWare Workstation Select Installation Source

Figure 3:       VmWare Workstation Select Guest Operating System

Figure 4:       VmWare Workstation Select VM Name and Location

Figure 5:       VmWare Workstation Select Disk Characteristics

Figure 6:       VmWare Workstation Ready to Create VM

Figure 7:       VmWare Workstation Configure Hardware

Figure 8:       SME Server Command Prompt

Figure 9:       SME Server Default Website

Figure 10:       SME Server Administration Page

Figure 11:      SME Server Remote Access

Figure 12:       Nginx Configuration

Figure 13:       SME Server Email Configuration

Figure 14:       SME Server WebMail GUI

List of Tables

Table 1:       Email Port Forwards

Table 2:       Webserver Port Forwards

1      About SME Server

Koozali SME Server is a complete, secure, stable and versatile opensource Linux Server distribution for small to medium sized enterprises. It is based on the rock solid CentOS/RedHat sources and brought to you by a large, active and skilled community, providing development, contribs (plugins) and support, since 2007.

Koozali SME Server is free to use for any individual or (commercial) organization and is sponsored by individuals and companies solely through donations.

Koozali SME Server has some unique features that make it an especially secure, stable and easy to operate server platform which is designed to be:

  • Simple to setup and use; Installation and basic configuration takes less than 20 minutes, and most configuration options can be set via a web-based interface.
  • Secure and stable to operate; SME Server only includes what is necessary. Stability comes from using proven, supported CentOS/RedHat sources and from an update system that notifies you when updates are available.
  • Cross-platform and extendible to meet future needs; SME Server already has everything necessary to provide the core services most people need to network Linux and Windows systems. Dozens of contribs (Plugins) provide extra functionality.
  • Exceptionally reliable and easy to use, Koozali SME Server can be installed and configured in less than 20 minutes - yet it's powered by a secure and open Linux platform that's fully upgradeable and customizable. Simply install it on any standard PC and in minutes you'll have a robust Linux-based LAMP server capable of fully replacing those expensive Windows server licenses and providing a full range of services - including e-mail, firewall, file and print-sharing, web hosting, remote access and more.

Koozali SME Server integrates easily with Windows, Mac, and Unix/Linux clients within Linux and Windows network environments. It's as simple to use as a business server platform, but unlike a commercial solutions the entire system is modular and extensible, so it can be tailored to the needs of individual businesses.

And it's completely free!

Koozali SME Server download / install options are documented here. The netinstall method is used for installation.

1.1                Ease of Administration

Koozali SME Server software uses a web-based interface to enable easy administration from any web browser anywhere in the world, very securely protected and accessible remotely via SSH or a VPN, based on strict ACL's and firewall settings.

1.2                File and Print Sharing

The core of any network environment is easy and simple access to shared files and printers. Koozali SME Server software allows for the easy sharing of files and printers for Windows and Macintosh clients. The "Information Bay" (i-bay) feature provides easy and convenient information storage and retrieval by multiple groups via web, FTP, or file sharing.

1.3                Internet Connection

Small business customers are looking for a simple solution that works with different types of connections to the Internet. Koozali SME Server automates the process of connecting to the Internet. Just connect the server and supply your ISP account information. The server solution acts as a gateway for your entire network and requires no additional client software and minimal configuration. Users can immediately start browsing the Web, using email, and access other Internet services.

1.4                Email

With the pervasiveness of email, small businesses increasingly need to support email for all their employees. Koozali SME Server provides a secure reliable email server and allows easy creation of individual and group addresses. For greater versatility, it works with any mail client that uses the industry-standard IMAP, POP3, and SMTP protocols. Secure webmail allows users to access the server from a web browser anywhere on the Internet, to send and receive e-mail via an encrypted SSL link.

1.5                Antivirus and Antispam

Koozali SME Server comes default with Antivirus and Antispam mechanisms based on well known and industry standard ClamAV Antivirus and SpamAssassin products.to reduce the amount of possible unsolicited mail, Koozali SME Server fully automatically updates Antivirus signatures, and Antispam rules daily.

1.6                Firewall

Security is always a priority when a company starts using the Internet. Koozali SME Server offers a multi-layer architecture, protecting the external interface through packet-filtering and service restriction. It offers selective address or port binding, application-level access control lists, and protects the internal network from any intrusion. For SecureOffice, Sme Server is run in "server only" mode and has no internal network, since LAN functionality  is provided by SecureOffice..

1.7                Remote Access

Businesses with remote or branch sites or telecommuting employees require remote access to their email and to other resources on the local network. SME Server provides multiple tools such as webmail access to email using any browser, PPTP (for secure client-to-server VPNs) and open secure shell (SSH) to provide encrypted access to server resources for administrators.

1.8                Directory Services

Companies typically require a central directory of email addresses that all users can access. Koozali SME Server features a robust directory service that can be used by most email clients (including Outlook, Outlook Express, and Netscape Communicator). This feature is implemented using the industry-standard LDAP protocol.

1.9                Web Hosting

Small businesses also need a secure and reliable web presence and an intranet to communicate with employees. Koozali SME Server includes the Apache web server, the most commonly used web server of the Internet. The content can be easily edited and updated from desktop clients (including dynamic content). It also supports the use of Secure Sockets Layer (SSL) connections for e-commerce.

1.10            Raid

Koozli SME Server software supports software RAID 1, 5 and 6, for security and redundancy of Terabytes of data.

1.11            Backup

Koozali SME Server provides flexible backup methods such as USB Disk backup, tape backup or backup to a remote server. Backups can be fully automated and can include both full and incremental backups.

1.12            Automatic Updates

Almost all of the packages that Koozali SME Server includes from upstream vendors are included unmodified. The purpose of doing so is to take advantage of the stability that comes from the huge user base that uses these packages, for security, and to allow automatic updates as soon as an update is available from the upstream vendor.

1.13            Extensible

The Koozali SME Server architecture explicitly supports developers by making it easy to drop software into place and remove it without needing to modify existing files. Extensions can easily add new features and there are dozens of them freely available. A few popular examples are Owncloud, Asterisk VOIP PBX, Wordpress, Mediawiki, Zarafa, Pydio and OsCommerce.

2      Install SME Server Virtual Machine

Prior to installing any virtual machines on SecureOffice, it is recommended to first get the virtual machine working on your PC.

Download free VmWare Workstation.

Install VmWare workstation on your PC. Additional installation instructions are located here.

The following instructions can be used to create Virtual Machines (VMs) under Windows, Linux or SecureOffice / VmWare Workstation if the premium VmWare Workstation package is installed on SecureOffice.

2.1                Pre-Configured Sme-Server Virtual Machine

As a convenience, a pre-configured Sme-Server virtual machine (created using instructions in next section) is available for download by registered SecureOffice users.

The pre-configured virtual machine has the following configuration:

  • user: "root", password "admin_54321". Root password can be changed by entering "passwd" and following the prompts using a VM console session.
  • domain: "example.com". Change using "su admin" console session.
  • system name: "Sme-Server9". Change using "su admin" console session.
  • IPv4 address "192.168.10.250". Change using "su admin" console session.
  • netmask. "255.255.255.0". Change using "su admin" console session.
  • "Server Only" mode. Sme-Server is also capable of managing its own LAN which is redundant and requires an additional ethernet interface.
  • Gateway: "192.168.10.1". Change using "su admin" console session.

The default configuration settings (except root password) can be changed by entering "su admin" from a console session and following the prompts.

VmWare Tools are pre-installed on this VM.

Secure Shell Access is enabled on this VM.

Download Sme-Server Virtual Machine using a PC connected to the SecureOffice LAN only (otherwise, access will be denied due to wrong domain) from the SecureOffice custom repository. When prompted, enter your SecureOffice user ID and password (as previously entered in "/etc/opkg.conf") to download the virtual machine (SmeServer-9.2.tar.gz). "LAN only" means disable all network interfaces except the connection to the SecureOffice LAN (wired or WiFi).

Another (easier, no disabling network interfaces) download method is using a SecureOffice command prompt: "cd /home/data/Vmware; sget ../Files/SmeServer-9.2.tar.gz" which will place the file in "/home/data/Vmware" (which must have at least 40GB of free space. Use another directory if insufficient free space on "/home/data/Vmware" such as a mounted USB disk).

If using a Windows PC, open the file with 7-Zip and extract it to your virtual machine directory.

If using a Linux PC, extract the file by entering "cd <directory for virtual machine>; tar -zxvf <path to SmeServer-9.2.tar.gz>"

Copy or move the virtual machine directory to the server that will host it.

Once VmWare and the virtual machine is installed on the PC that will host it, start VmWare Workstation player, select "Open a Virtual Machine", navigate to "<your VM directory>/ SmeServer-9.2" and select SmeServer-9.2.vmx to start the virtual machine.

If asked whether you moved or copied the virtual machine, select "I Copied It". This will generate a new MAC address and make the VM unique. The virtual machine will boot and prompt for login.

If this VM is intended to provide network services, it must be assigned a fixed IP address (conforming to IP address numbering plan) and LAN DNS name for port forwarding (if necessary) and / or proxying by SecureOffice Nginx webserver.

Further VM configuration is dependent on the intended purpose and services to be provided. Continue to further Sme-Server configuration, skipping the VmWare Tools and Secure Shell Access sections.

2.2                Create SME Server Virtual Machine

Installation of SME Server 9.2, x86_64 is used as an example. An Overview of SME Server features is located here and here

Download SME Server 9.2 x86_64 netinstall ISO from here or, using Linux: "cd /home/data; wget http://mirror.contribs.org/releases/9.2/iso/x86_64/smeserver-9.2-x86_64-netinstall.iso"

Start VmWare Workstation on your PC. The main screen will appear, as shown below. Note that the version may not match the figures below, since VmWare Workstation is updated on a regular basis.

Figure 1: VmWare Workstation Main Screen

Select "Create New Virtual Machine". The select installation source window will appear, as shown below.

Figure 2: VmWare Workstation Select Installation Source

Select "Installer disc image file (iso)", browse to and select the SME Server ISO file downloaded above. Click "Next". The "Select Operating System" window will appear, as shown below.

Figure 3: VmWare Workstation Select Guest Operating System

VmWare Workstation did not detect the operating system (Figure 2). If the operating system is not detected, the operating system and version will have to be manually selected. Select "Linux", "CentOS 6 64-bit" for SME-Server. Press "Next". The "Select Name and Location" window will appear, as shown below.

Figure 4: VmWare Workstation Select VM Name and Location

Select a name (SmeServer-9.2) for your virtual machine. Browse to a location to create the virtual machine. Create a new directory if necessary.

Once the virtual machine is created and configured, if required, it (entire directory) can be copied to the SecureOffice file system, to be hosted by SecureOffice. The virtual machine created on your PC will not be needed after this, unless it is used to create the SecureOffice boot disk and can be deleted.

Press "Next". The "Specify Disk Capacity" window will appear, as shown below.

Figure 5: VmWare Workstation Select Disk Characteristics

The size of the disk and whether the disk is stored as single or multiple files are user preferences. Single file is recommended. The above disk size reasonable to start with and can be increased or decreased later, if desired. Click "Next". The VmWare Workstation "Ready to Create Virtual Machine" window will appear, as shown below.

Figure 6: VmWare Workstation Ready to Create VM

Press "Customize Hardware". The customize hardware window will appear, as shown below.

Figure 7: VmWare Workstation Configure Hardware

Choose the desired memory size and number of processors, a user preference. 2GB of memory and 2 processors are recommended. For the network, select "Bridged", "Replicate physical network connection state", "Connect at power on". Press "Close". This will return you to the "Create VM window" Figure 6). Press "Finish". The VmWare Workstation main window (Figure 1) will appear, with the new virtual machine selected. Select "Play Virtual Machine".

3      Configure SME Server Virtual Machine

3.1                SME Server First Boot Configuration

Immediately after entering "Play Virtual Machine", Sme-Server will boot for the first time.

From within the virtual machine console window, perform the following steps, selecting (cursor keys) the operation before pressing "enter":

  • Select whether to test the boot media or not, press enter
  • select "Install or Upgrade Existing System" (default).
  • Select installation language.
  • Select your keyboard type.
  • Select URL for install image type.
  • Leave IPV4/IPV6 at DHCP
  • Enter this URL for URL Setup: "http://mirror.contribs.org/releases/9.2/smeos/x86_64"
  • Select basic storage devices, next, discard any data, next.
  • Select your time zone.
  • Select, "Replace existing Linux Systems", next.
  • Select "write changes to disk". Some packages will install. Takes time. Be patient.
  • Select "reboot".
  • Select "no restore from backup"
  • Choose administrator password, confirm. The preconfigured VM uses "admin_54321".
  • Choose domain name (your SecureOffice domain) The preconfigured VM uses "example.com"
  • Choose system name. The preconfigured VM uses "Sme-Server9"
  • Choose "e1000" for Ethernet.
  • Choose a static IPv4 address on your LAN conforming to the IP address numbering plan. It is assumed the purpose of this virtual machine is to host internet services, which is why a static LAN address is required. This allows SecureOffice (Nginx or firewall) to be configured to forward services for Sme-Server. The preconfigured VM uses "192.168.10.250"
  • Choose netmask. The netmask must be the same as SecureOffice (default "255.255.255.0", as set for SecureOffice in "/etc/config/network", for LAN interface).
  • Choose "Server Only" mode.
  • Choose gateway. The Gateway must be the address of the SecureOffice LAN (default "192.168.10.1", as set for SecureOffice in "/etc/config/network", for LAN interface). The preconfigured VM uses "192.168.10.1".
  • Choose "No DHCP Server"
  • Leave DNS blank.
  • Choose "Activate Changes", SME Server will reboot. After this step, SME-Server has all the latest updates installed, ready to host websites, be an email and file server for your domain.

There is a wealth of free services and applications that can be installed on SME-Server. A list is here. General instructions for installing additional software is available here.

While within the VmWare guest operating system window, press "CTL+ALT" at any time to return mouse and keyboard control to your PC.

3.2                Test Virtual Machine on PC

Now that your virtual machine has been created and, optionally additional applications / services installed, it can be tested on the PC which was used to create it.

After the virtual machine was created, The VmWare Workstation window will be at a login command prompt. Enter "root" as the user name and the admin password chosen during first boot to login. The VmWare window will display the Sme-Server command prompt, as shown below.

Figure 8: SME Server Command Prompt

Hint: If console copy and paste is required, it is best to login to your virtual machine with PuTTY using the IP address and password chosen during VM creation.

Using a web browser, enter the IP address of your virtual machine. The browser will display the default (unconfigured) SME Server website, as shown below. Note the connection is not secure due to self-signed SSL certificates.

Figure 9: SME Server Default Website

Using a web browser, enter the IP address of your virtual machine plus "/server-manager", login with user "admin" and the password chosen during first boot of the virtual machine. The main administration page of Sme-Server will be displayed, as shown below.

Figure 10: SME Server Administration Page

Sme-Server is ready for configuration as an email server and to provide web hosting for your domain(s). Installation of additional services / applications, web site files and final configuration can be done using the VM on the installation PC, or after the VM has been copied to the SecureOffice file system, SecureOffice VmWare Workstation installed and configured. It is suggested to do and test as much as you can on the installation PC, to maximize usage time for trial licenses.

3.3                Further SME Server Configuration

It depends on individual user needs to determine requirements for their server / services. Sme-Server, in addition to being very stable, well maintained, easy to use and feature rich is well documented, which is why it is recommended.

HowTo's for basic SME Server administration tasks, including email setup are located here and here. If hosting an email server, insure that the DDNS provider pre-requisites pertaining to email have been met.

Your website, unless you are porting an existing one, or building one from scratch will require a CMS (Content Management System). Instructions for installing and configuring a WordPress web site is located here. Instructions for installing and configuring a Xoops web site (such as this one) are located here. There are many other CMS possibilities such as e-commerce (online stores) that can be found by searching the internet and research. Another option is hiring a consultant to create your website.

One crucial Sme-Server package that should be installed is PhpMyAdmin which provides a web based GUI for database management, required for installation and maintenance of any modern website CMS (Content Management System). To install, follow the PhpMyAdmin installation instructions.

It is possible to complete the following SME Server configuration using the VM on your local PC, rather than on SecureOffice after the VmWare Workstation premium package is installed. If you choose to do so, it is necessary to alter your PC and router firewalls to enable / forward the necessary service ports.

3.4                Enable Secure Shell Access

The VmWare console does not support copy / paste, which makes entering commands cumbersome. Secure shell access allow you to remotely administer Sme-Server using PuTTY (command line and WinSCP (secure file copy). To enable remote access, navigate (Sme-Server GUI) to "Remote Access". The page will contain the following:

Figure 11:SME Server Remote Access

Change "Secure Shell Settings" to "Allow access only from local networks", "allow command line access", allow "standard passwords" and "port 22". Press "Save".

You can now access the Sme-Server console using PuTTY or another SSH client at "<SME-Server LAN address>:22" (port 22). Subsequent configuration commands can now use copy / paste.

4      Install SecureOffice VmWare Workstation

After the virtual machine has been created, it can be copied over to SecureOffice and the SecureOffice / VmWare Workstation application installed by following the instructions starting at Create VM Directory on SecureOffice.

The following SME Server configuration takes place after your virtual machine is installed on SecureOffice or another host machine.

Install VmWare Tools on the VM to enable shared folder support and improve UI performance.

Configure shared folder support to allow transferring files between SecureOffice and the VM. This is also required for sharing SecureOffice SSL certificates with Sme-Server.

4.1                Link VM and SecureOffice SSL Certs

This step will be deferred until final "Securing Your Site" instructions. The following is informational.

SecureOffice SSL certificates are stored (and automatically updated) in directory "/etc/ssl/domains" with file names "<yourdomain>.crt" and "<yourdomain>.key". VmWare Workstation (shared directories) maps SecureOffice directory "/etc/ssl/domains" which, if shared folders have been configured as above, will appear as directory "/mnt/hgfs/domains" within your VM.

The certificate files "/mnt/hgfs/domains/<yourdomain>.crt" and "/mnt/hgfs/domains/<yourdomain>.key" must (within the VM) be linked to whatever directory your VM expects SSL certificates to reside, in addition to whatever configuration your VM requires for specifying the file names of SSL certificate files.

4.2                Configure Domain Email

If your ISP blocks port 25, you will need a service to forward (proxy) domain emails to an alternate port, configure the firewall to open this port and alter your domain MX records to point to the email reception proxy. If port 25 is not blocked by your ISP (may not be if you have a static IP address), an email proxy is not necessary.

An excellent and inexpensive (can be free) service / email proxy for your domain emails is MX GuardDog, which also provides MX backup (queue your emails when your site is offline), excellent spam filtering as a bonus. MacWorld has a review of MX GuardDog here. MX GuardDog can be evaluated, signed up for and configured here. MX GuardDog can be free at the cost of placing a link to them on your site. If MX GuardDog is not chosen, you will have to search the internet for alternatives. The ability to forward emails to an alternate port is crucial.

Once you have an email proxy account configured, your domain MX records must be altered to point to the email proxy, as opposed to your domain. The method depends on your DDNS provider, if SecureOffice pre-requisites in the area of Ability to Manage Domain MX Records was adhered to in selecting a DDNS provider. If not, another DDNS provider must be chosen.

4.3                Forward WAN Service Ports to VM

It is assumed that you will be running a website and email server using a virtual machine. Omit any settings for services that you are not running.

By following port forwarding instructions, add the following port forwards.

Regarding email reception. Your ISP may have blocked port 25 to prevent spamming. Most ISP`s provide an alternate port for email transmission. You may need an email relay / proxy service for email reception. This determines whether the "Allow-smtp" (ISP port 25 open) or "Allow-smtp-proxy" (ISP port 25 blocked) firewall entries are used.

If "Allow-smtp-proxy" alternate email reception proxy / relay service is required, since you are running a domain email server, it is required that your DDNS provider have the ability to alter MX records and redirect domain email to the proxy email receiver which forwards received emails to your email server using an alternate port. This is discussed in SecureOffice prerequisites, section Ability to Manage Domain MX Records. The alternate port must be forwarded to your email server, port 25 on the firewall:

Name

Protocol

Ext Zone

Ext port

Int Zone

Int IP Addr

Int port

Notes

 

 

 

 

 

 

 

 

Allow-smtp

tcp

wan

25

lan

Email Server (VM) LAN Address

25

Only if ISP does not block port 25 incoming

Allow-smtp-proxy

tcp

wan

Port that your proxy email receiver forwards email to

lan

Email Server (VM) LAN Address

25

Only if ISP blocks port 25 incoming

Allow-imaps

tcp

wan

993

lan

Email Server (VM) LAN Address

993

Secure IMAP

Table 1: Email Port Forwards

After these port forwards are entered and saved, from a SecureOffice console, enter "/etc/init.d/firewall restart".

4.4                Forward http(s) Services to VM

Two SecureOffices options exist for forwarding web services (http, https) traffic to other servers (including virtual machines): using the SecureOffice Nginx webserver (preferred, since can steer subdomains to various servers) or port forwarding (discouraged, since all requests must go to same server).

For port forwarding, follow port forwarding instructions, add the following port forwards. When done, enter "/etc/init.d/firewall restart"

 

Name

Protocol

Ext Zone

Ext port

Int Zone

Int IP Addr

Int port

Notes

 

 

 

 

 

 

 

 

Allow-http

tcp

wan

80

lan

Webserver (VM) LAN Address

80

Running Webserver on VM or other computer on LAN. Unnecessary if nginx used for domain web services.

Allow-https

tcp

wan

443

lan

Webserver (VM) LAN Address

443

Secure Website access. Unnecessary if nginx used for domain web services

Table 2: Webserver Port Forwards

To use Nginx, using nano editor, create a file "/etc/nginx/vhosts/<your site>.conf", and paste the contents below. Follow the instructions within, change "example.com" to "<yoursite URL>" (without www) and change the IP address to match the IP address of your VM.

# Change example.com to your_site DNS / domain name

# Change <IP address> to address of virtual machine server on LAN.

#

server {

        listen 80;

        listen [::]:80;

        server_name example.com;

        location /.well-known/acme-challenge/ {

                default_type "text/plain";

                alias /var/letsencrypt/;

                break;

        }

        location / {

                return 301 https://$host$request_uri;

        }

}

server {

        listen 443;

        listen [::]:443;

        server_name example.com www.example.com;

        location / {

                proxy_set_header Host www.example.com:$server_port;

                # Allow downstream sites to know who's connecting

                proxy_set_header X-Forwarded-For $remote_addr;

                proxy_pass $scheme://<IP address>:$server_port;

        }

}

Figure 12: Nginx Configuration

At a SecureOffice command prompt enter "/etc/init.d/nginx restart" to have the new settings take effect.

At this point, your virtual machine should be running and ready to configure services. If Sme-Server was chosen, complete the Final Sme-Server Configuration steps below.

5      Final SME Server Configuration

5.1                Access Domain Website

Enter "http://<yourSecureOfficedomain>" in a web browser address bar. If all is well, you should see the starter web page of your website from Sme-Server (Figure 9). Your website can also be accessed from the local LAN by entering "<your_server_LAN_address>", configured during Sme_server first boot.

5.2                Access SME Server Administration GUI

The Sme-Server administration web GUI can be accessed from your local LAN by entering "<your_VM_LAN_address>/server-manager", login with user "admin" and the password chosen during first boot of the virtual machine. The browser will display the main administration page of Sme-Server (Figure 10).

5.3                Configure Email Services

It is assumed that the Firewall and Configure Domain Email steps are complete. This means that email for your domain is forwarded to SME Server.

5.4                Configure SME Server Users and Groups

To add users and groups, using a browser on your local LAN, enter "<your_VM_LAN_address>/server-manager", login with user "admin" and the password chosen during first boot of the virtual machine. The browser will display the main administration page of Sme-Server (Figure 10). In the left pane, select "Users" for user administration and "Groups" for group administration.

A default installation of Sme-Server has one user: "admin" with the password chosen at first boot and no groups. Additional users must be created.

Each user is assigned an email address of the form "user@yourdomain". Each user account includes separate, password-protected email and file storage areas. Pseudonyms (aliases) of the form "FirstName.LastName" and "FirstName_LastName" are automatically created for each user. Each user can login with their userID or pseudonyms and receive emails at the following email addresses:

  • user@yourdomain
  • FirstName.LastName@yourdomain
  • FirstName_LastName@yourdomain

After users are created, passwords must be assigned to each user. After creating users, it is suggested to create two groups, to differentiate users between administrators with full access and clients with restricted access. It is suggested the groups be named "administrators" and "clients". Users can then be assigned to their corresponding group.

To create users and groups, read and follow the SME Server administration manual regarding users and groups.

5.5                Configure SME Email Server

Using the Sme-Server administration GUI, select "E-mail". The E-mail configuration page will display, as shown below.

Figure 13: SME Server Email Configuration

Enter the following for basic email settings:

  • POP3 server access: Allow access only from local networks
  • IMAP server access: Allow private and public (secure IMAPS)
  • Webmail access: Allow HTTPS (secure)
  • Virus scanning: Enabled
  • Spam filtering: Enabled
  • Executable content blocking: Enabled, need to select which types to block.
  • Email retrieval mode: Standard (SMTP)
  • SMTP authentication: Allow SSMTP (secure)
  • Email to unknown users: Reject
  • Address of internal mail server: leave blank
  • Address of internet providers mail server: If your ISP blocks port 25, this is the IP address and port of your ISP's outgoing email server of the form "aaa.bbb.ccc.ddd:port". If your ISP does not block port 25, leave blank.

If a more complex email service or other protocols are required, read and follow the SME Server administration manual regarding E-mail.

5.6                Test Domain Email Using Webmail

Users and group assignments must exist for each user of your domain. Email addresses will be of the form "user@yourdomain".

The Sme-Server webmail GUI can be accessed using a browser from your local LAN by entering "<your_VM_LAN_address>/webmail", or from the internet by entering "yourdomain/webmail" if remote webmail access has been enabled. Login with a valid email user ID (or, "admin" for admin emails) and the password assigned when the user was created. The Sme-Server webmail page will display, as shown below:

Figure 14: SME Server WebMail GUI

Create and sent a test email ("New Message") to another email address on a different domain, such as a Gmail account. The email should show up in the destination email account. If there are problems, use the troubleshooting steps outlined in the previous "regarding E-mail" link.

From another email account (such as Gmail), compose and send an email to "user@ yourdomain", where "user" is the user logged into webmail. The email should arrive and be displayed in the SmeServer webmail GUI.

Note that it may take some time for emails to be received due to network delays and server queues, sometimes as long as an hour.

Fix any problems before proceeding to the next step.

5.7                Configure Email Client on PC

Sme-Server has a Wiki article regarding configuring E-mail clients such as MS Outlook. Follow the guide and configure your email for a Sme-Server account to send and receive email using Sme-Server.

Using the Sme-Server account on your email account, compose a test email to another email address on a different domain, such as a Gmail account. The email should show up in the destination email account. If there are problems, use the troubleshooting steps outlined in the previous "regarding E-mail" link.

From another email account (such as Gmail), compose and send an email to "user@ yourdomain", where "user" is the user previously logged into webmail. The email should arrive and be displayed in your email client.

Fix any problems before proceeding.

6      Troubleshooting SME Server

If the issue is Sme-Server startup, or network connectivity issues, refer to Troubleshooting Virtual Machines.

Any other issues are Sme-Server specific and will require an internet search to narrow and resolve the problem.

Rating 0/5
Rating: 0/5 (0 votes)
Votes are disable!
Print article
The comments are owned by the author. We aren't responsible for their content.

Technologies Used:

Design by: XOOPS UI/UX Team