The new Windows Server 2003 POP3 service, in conjunction with the SMTP service, lets you use email clients such as Microsoft Outlook and QUALCOMM's Eudora to send and receive email through a Windows server without using Microsoft Exchange Server or a third-party server product. This is good news if you need a basic email solution for your network but don't require all the extra functionality that full-fledged mail-server products provide. Read on to learn the basics of installing, configuring, and administering the Windows 2003 POP3 and SMTP services.
Planning and Installation
You can install the POP3 and SMTP services on a Windows 2003 standalone server, a domain controller (DC), or a member server in an Active Directory (AD) environment. To install the services, run the Configure Your Server Wizard and select Mail server (POP3, SMTP), as Figure 1 shows. (You can use the Control Panel Add/Remove Programs applet to add the POP3 service manually, but this article assumes that you'll use the wizard to configure the mail server. Be aware in advance that to remove the mail server role, you can use the Manage Server Wizard—which will remove the POP3 and SMTP services as well as any mail domains and mailboxes you created using the POP3 service—or you can use the Add/Remove Programs applet to remove the POP3 and SMTP services without removing the mailboxes and mail domains.) The wizard leads you through the steps to install the POP3 and SMTP services and to configure several server options. If you've installed Windows 2003's Remote Administration (HTML) tool—aka Web Interface for Remote Administration—on the mail server, installing the POP3 service also installs the HTML plugin for mail server management.
The wizard instructs you to enter the name of the mail domain that the POP3 service will host. You should enter the Fully Qualified Domain Name (FQDN) of the mail domain. For example, if the POP3 service will host mail accounts for the certtutor.net domain, enter the FQDN for certtutor.net in the Domain Name box. For mail to route successfully from the Internet to this new domain, you must update the DNS MX record for certtutor.net to point to the IP address of your Windows 2003 system.
The wizard also requires you to choose the authentication method that the POP3 service will use to authenticate mail users. Depending on the type of Windows 2003 server on which you install the mail services, you can choose one of three authentication methods: Local Windows Accounts on the mail server (on a standalone server or an AD member server), an Encrypted Password File (on a standalone server, a DC, or an AD member server), or AD (on a DC or an AD member server). Be aware that when you use the wizard to install the mail services, you can't alter your chosen authentication method later without deleting all mail domains—and in turn, all mailboxes—on the server.
Configuring the POP3 Service
To configure the POP3 service, install the Microsoft Management Console (MMC) POP3 Service snap-in, which Figure 2 shows. The snap-in displays the mail-server name, mail domain name, authentication method, number of mailboxes, and amount of disk space used. This information provides a good summary of the state of each mail domain.
You can use the Server Properties option (in the snap-in's right pane) to view or change the server port, the logging level, and the root mail directory in which mail is stored. By default, POP3 clients use port 110. If you want to change this setting, first ensure that the applications you deploy can accept a nonstandard port. The logging level ranges from None, which produces no log, to Maximum, which logs all critical, warning, and informational events to the mail server's Application log. And if you plan to host many mailboxes, consider creating a separate partition and redirecting the root mail directory to that partition. This step simplifies the backup process and prevents the OS partition from filling up if the mailboxes grow beyond a manageable size (see the sidebar "Configuring Quotas" for methods for controlling mailbox size). If no mail domains are present (e.g., if you used the Add/Remove Programs applet to add the POP3 service and haven't yet created a mail domain), you can also use the Server Properties option to configure an authentication method. If mail domains already exist on the server, however, you can't change this setting.
By default, the POP3 service sends authentication information in plaintext. In the case of AD authentication, plaintext authentication credentials that pass across the network are vulnerable to interception, which could give third parties access to a user's Windows 2003 domain account. If you choose the Encrypted Password File authentication method, you can use only plaintext authentication. If, however, you choose the Local Windows Accounts or AD authentication method, you can configure the POP3 service to enforce Secure Password Authentication. SPA requires that the username and password be sent through a secure method that you can configure for both Local Windows Accounts and AD authentication. (If you want to use SPA, you must also configure your mail clients to support it.)
To use the snap-in to add a new mail domain, you can either click the New Domain option in the snap-in's right pane or right-click the mail server object in the left pane and select Properties, New, Domain. (Allocated hard disk space is the only factor that limits the number of domains that you can add to the mail server.) You must configure all the relevant DNS MX records to point to the correct IP address for the new domain. For each new mail domain, the system creates a subdirectory (with the same name as the new domain) in the root mailbox directory.
Previous
)
Register
jay hadley June 25, 2004