Mail Services
Easy-to-manage Internet mail solutions featuring best-in-class
open source technologies.
Features
Enterprise-class mail server
• High-performance Postfix SMTP services
• Scalable Cyrus IMAP and POP services
• Support for over 100,000 mail accounts
with no per-user licensing fees
• Virtual host support for multiple domains
• Flexible mail storage and per-user quotas
Strong authentication and security
• SSL/TLS encryption for secure transport of
SMTP, POP, and IMAP mail
• Flexible authentication methods, including
Kerberos, CRAM-MD5, and APOP
• Support for secure single sign-on for Mac
and Windows clients
Protection against junk mail and viruses
• Junk mail filtering using SpamAssassin
• Virus detection and quarantine using ClamAV
• Host- and network-based SMTP relay
management
• Message refusal from real-time blacklists
and specified hosts
Mailing list support
• Python-based Mailman list manager
• Support for electronic mail discussion and
newsletter lists
Flexible webmail
• PHP-based SquirrelMail service
• Pure HTML 4.0 for maximum compatibility
across browsers
Administration and monitoring
• Easy-to-use Server Admin utility for
configuring and managing mail services
• Real-time monitoring of mail connections,
service logs, and messages
Technology Brief
Mac OS X: Mail Services
Mac OS X Server combines the most robust technologies from the open source
community to deliver comprehensive, easy-to-use mail server solutions. Full
support for Internet mail protocols—Internet Message Access Protocol (IMAP),
Post Office Protocol (POP), and Simple Mail Transfer Protocol (SMTP)—ensures
compatibility with standards-based mail clients on Mac, Windows, and Linux
systems. With support for thousands of users per server and no per-user licensing
fees, these high-performance mail services offer significant cost savings for small
organizations and large enterprises alike.
Core mail services in Mac OS X Server use the high-speed Postfix server for SMTP
messaging and the scalable Cyrus mailbox server for accessing mail accounts via
POP and IMAP. Flexible mail storage makes it easy to scale the mail server to meet
growing needs, and high-performance indexing ensures continued responsiveness
to client actions. To guard your network mail services against unauthorized access
or abuse, Mac OS X Server version 10.4 builds in strong authentication, SSL/TLS
encryption, adaptive junk mail filtering using SpamAssassin, and virus detection
using ClamAV. Completing its suite of robust mail solutions, Mac OS X Server includes
Mailman, one of the most widely deployed listserve solutions in the world, and
webmail services using the popular open source SquirrelMail project.
High-performance mail server sends messages over Internet standard SMTP, POP,
and IMAP protocols.
The built-in Mailman listserve solution makes it easy to create and maintain
mailing lists.
SMTP, POP, and IMAP mail messages are encrypted using SSL/TLS, ensuring privacy
on your network.
Webmail services allow users anywhere on the Internet to access and send email
from their web browser.
1
3
4
2
Mail Services at a Glance
1
3
4
2
2
Technology Brief
Mac OS X: Mail Services
Standards-Based Mail Services
Mail services in Mac OS X Server are based entirely on open standards, providing
compatibility with your existing network infrastructure, as well as with email clients
on Mac, Windows, and Linux platforms. And because there are no per-user licensing
fees, Mac OS X Server can scale to support hundreds of thousands of mail accounts—
without draining your software licensing budget.
Robust Postfix and Cyrus mail services
Mac OS X Server uses Postfix, a highly secure, high-performance mail server, as its
SMTP mail transfer agent and Cyrus for scalable, enterprise-class IMAP and POP mail
services. These powerful open source mail services are easy to configure and manage
using the Server Admin utility built into Mac OS X Server.
Flexible mail storage and high-speed indexing
Flexible storage options allow you to store mail on any volume connected to the
server. Each message is stored as a separate file in a mail folder for each user.
Regardless of where mail is stored or how large the storage volume, the integrated
Berkeley DB database provides high-speed indexing of messages—ensuring quick
response when clients access their mail, delete messages, and move files on the
mail server.
Mailman mailing list server
Mac OS X Server provides a graphical user interface for Mailman, one of the most
widely deployed listserve solutions in the world. This enables you and the users on
your network to distribute a single email message to multiple recipients. Mac OS X
Server provides a web-based interface for end users, making it easy to create and
maintain lists. In addition, you get robust features such as list archiving, content
filtering, and digest delivery options.
Email encryption using SSL
With SSL/TLS encryption for SMTP, POP, and IMAP, Mac OS X Server can encrypt the
data sent between the server and the mail client. This allows secure and confidential
transport of mail messages and attachments within a network. For maximum security,
SSL can be required for communication on any protocol, including SMTP, POP,
and IMAP.
Strong authentication to prevent unauthorized access
Mac OS X Server simplifies administrative control of authentication levels. You can
choose from Kerberos, CRAM-MD5, and APOP, depending on the needs of your
organization. Fully integrated into Open Directory, Kerberos provides the added
benefit of single sign-on—for both Mac and Windows users—to all “Kerberized”
services across the network.
Webmail using SquirrelMail
Webmail allows you to extend your mail services, enabling users to access their email
from any standards-based browser. Apples webmail is based on SquirrelMail, an open
source webmail package written in PHP 4, and provides all the functionality you would
want from an email client—including support for MIME, address books, and folders for
organizing stored messages. Since PHP is fully integrated with the Apache web server,
webmail pages render in pure HTML 4.0—with no JavaScript required—for maximum
compatibility across browsers. SquirrelMail is very easy to configure and works with
any IMAP server.
SendMail compatibility
Postfix in Mac OS X Server is a more secure,
compatible alternative to the widely used
SendMail program. With support for existing
SendMail infrastructures and scripts, in-place
migration to the new mail server is easy.
3
Technology Brief
Mac OS X: Mail Services
Setting Up Mail Services
The Server Admin application in Mac OS X Server provides all the tools for configuring
and delivering secure, authenticated mail services to users across your organization.
Enabling services
Server Admin features an easy-to-use interface for setting up SMTP, POP, and IMAP
services and managing mail settings. Simply select the protocols you want to enable
and click the Start Service button. You can also define general postmaster settings,
including the copying of undeliverable messages to a specified email address and
archiving of incoming and outgoing messages.
Advanced settings for mail services
Server Admin also makes it easy to configure more advanced mail server options. For
example, you can define multiple mail server host names, or virtual domains, for the
local server, and you can choose authentication methods and security settings for each
mail protocol. You can also designate any storage volume connected to the server as
the default location for storing mail messages. Organizations handling high volumes of
email or requiring data protection may choose to use a high-availability RAID solution,
such as Xserve RAID, for mail storage.
Directory-based account management
Workgroup Manager integrates seamlessly
with Mac OS X Server mail services for
simplified directory-based management
of mail settings and policies. It allows you
to create IMAP/POP accounts, enable mail
services, set individual quotas, specify mail
storage location, and define authentication
methods. User account information is stored
in Open Directory, Apple’s standards-based
directory services architecture that works
with any LDAP server.
4
Technology Brief
Mac OS X: Mail Services
Protection Against Junk Mail and Viruses
To protect your organization from unwanted mail and destructive viruses, Mac OS X
Server v10.4 integrates two popular open source projects: SpamAssassin for adaptive
junk mail filtering and ClamAV for virus detection and quarantine.
With SpamAssassin, Mac OS X Server analyzes the text of each mail message. Using
a wide variety of local and network tests, it assigns a probability rating that the mail
is spam. If the probability is high, it classifies the mail as potential junk mail and allows
the user to decide how to handle it. The SpamAssassin junk mail filter is adaptive, which
means you can train it to recognize which marginal mail messages are spam and which
are not. Training can be automatic: SpamAssassin can analyze the content of user inboxes
every night and adapt its filters accordingly. Or for greater control, postmasters and
users may prefer to train SpamAssassin manually.
Mac OS X Server uses ClamAV to scan mail messages and attachments for viruses.
Administrators can choose how to handle a suspected virus: The mail server can bounce
the message back to the sender, delete the message immediately, or quarantine the
message to a specific directory for further analysis. The server can also generate an auto-
matic email notifying a postmaster or sender that the message has been quarantined.
In addition to these new capabilities, Mac OS X Server works with real-time blacklists
and allows you to register your own junk mail blacklists, refusing incoming email
traffic from these hosts. Its also easy to prevent unauthorized outsiders from using your
server to send email, and you can choose to refuse email messages that exceed
a specified file size.
5
Technology Brief
Mac OS X: Mail Services
Remote Monitoring and Management
Server Admin enables you not only to configure mail services, but to securely monitor
services and activity logs from any Mac OS X v10.4 system, anywhere on the Internet.
Real-time data on service usage allows you to see who is connected, how long they’ve
been connected, and the IP address of the client system. You can also review users’ mail
storage quotas and see how much disk space has been used. This extensive informa-
tion can help you create usage reports and plan allocation of server resources for your
organization. And for UNIX-savvy administrators who prefer a scriptable, command-line
environment, all Server Admin capabilities are accessible from the Terminal application.
Apple Server Solutions
Mail services are among the powerful workgroup and Internet solutions built into
Apples UNIX-based Mac OS X Server operating system. Combining the latest open
source technologies with Mac ease of use, Mac OS X Server unleashes the power of
Xserve G5, Apple’s rack-optimized server hardware. With phenomenal performance,
massive storage capacity, high-bandwidth I/O, and integrated remote management
tools, Xserve G5 running Mac OS X Server is an unparalleled server solution for
businesses, schools, and research centers.
For More Information
For more information about Mac OS X Server,
Xserve, and other Apple server solutions, visit
www.apple.com/server.
© 2005 Apple Computer, Inc. All rights reserved. Apple, the Apple logo, Mac, Mac OS, and Xserve are trademarks of Apple
Computer, Inc., registered in the U.S. and other countries. Other product and company names mentioned herein may be trade-
marks of their respective companies. Product specifications are subject to change without notice. This material is provided for
information purposes only; Apple assumes no liability related to its use. March 2005 L308653A
Certificate management
The Server Admin application in Mac OS
X Server v10.4 includes a new certificate
management interface. It lists all of your
certificates in one location, identifying the
certificate authority, date of validation, and
date of expiration. For each service that uses
certificates, Server Admin displays a list of
available certificates, making it easy to select
and manage all of your servers certificates.