hMailServer - Free Email Server for Microsoft Windows

If you want to set up a Microsoft Windows system as an email server, there is a free, full-featured email server program available called hMailServer. It supports IMAP, POP3, and SMTP.

After you install hMailServer and reboot the system on which it was installed, you should see the system listening on the SMTP port.

C:\>netstat -a | find "smtp"
  TCP    PC01:smtp              PC01.example.com:0    LISTENING

Unless you opted not to have a Start Menu item created, you should find an hMailServer group in the Start Menu. Run hMailServer Administrator from within it. When it starts, you should be able to connect to localhost, i.e. the instance of hMailServer running on the system, by clicking on it to highlight it and then clicking on Connect.

hMailServer Connect

You will be prompted to enter the password you provided when you installed the software. After you enter the password, you will see the Welcome window where you can add a domain that will receive email.

hMailServer Welcome

Click on the Add domain button, then type the domain name, e.g. example.com, in the Domain field. The Enabled checkbox should be checked.

hMailServer Add Domain

Click on the Save button. You will then see the domain name appear in the left-hand pane of the window with Accounts, Aliases and Distribution lists beneath it.

hMailServer Domain Added

Click on Accounts and then the Add button. In the Address field, type an email address you want to use for the domain, e.g. jane, if you wanted to use jane@example.com. Put the password to be used for the account in the Password field. You should use a strong password that is not easily guessed. If you want to specify a maximum size for that user's mailbox, you can set it here. For ordinary user accounts, the administration level should be left at User.

hMailServer New Address

You can enter the first and last names for the user associated with this address by clicking on the Advanced tab.

hMailServer Address Name

Click on the Save button to save the address.

hMailServer Address Saved

If you want to set up an "alias" for the address, e.g. if you would like email addressed to jdoe@example.com to go to the same mailbox as email addressed to jane@example.com, click on Aliases and then Add. In the "redirect from" field, you would put "jdoe". In the "to" field, you would put "jane". The Enabled checkbox should be checked.

hMailServer New Alias

Click on the Save button.

hMailServer Alias Saved

If you've created several accounts and you would like some email messages to go to multiple people, e.g., you would like email addressed to sales@example.com to go to both jane@example.com and jill@example.com, click on Distribution lists. In the Address field, put sales You can specify one of three modes for the distribution list.

For this example, I will presume that the list will be public.

hMailServer Distribution
List

Click on Save. Then click on the Members tab. Click on the Add button to add members to the disribution list.

hMailServer Distribution
List Members

You need to specify the local host name to be used by the server when it is sending or receiving email. For an email server to work properly, it needs to know its public name on the Internet. This is normally something like mail.example.com. Since there is no good way for software to automatically detect the public host name of the computer where it is running, you need to tell hMailServer what public hostname to use. While it's possible to run hMailServer without telling it its public hostname, some email servers will reject email from your email server if you don't specify it.

To do specify the local host name, click on the "+" to the left of Settings, the "+" to the left of Protocols to expand the list beneath it, then SMTP. Within the STMP window, click on the Delivery of e-mail tab. In the Local host name field, place the name to be used by the server, e.g. mail.example.com , if any email addressed to some address, e.g. jane@example.com should be handled by mail.example.com. I.e. this should be a MX record configured for the domain in DNS.

You can get this from a command line on a Microsoft Windows system using the nslookup command.

C:\> nslookup -querytype=mx example.com
*** Can't find server name for address 192.168.0.5: Non-existent domain
Server:  UnKnown
Address:  192.168.0.5

Non-authoritative answer:
example.com  MX preference = 50, mail exchanger = mail.example.com

mail.example.com     internet address = 10.10.0.22

The name for the mail exchanger, if one has been defined in the DNS records will appear after mail exchanger = , e.g. mail exchanger = mail.example.com in this example.

If you install hMailServer on a system to handle email for a domain, e.g. example.com, you will be able to send mail out through the system, but you won't receive any email addressed to addresses in the domain, e.g. jane@example.com, unless there is an MX record in the DNS for the domain that tells other mail servers that email addressed to someone at example.com should be sent to the IP address of your hMailServer email server or, if there is no MX record in the DNS servers authoritative for example.com, that the IP address for example.com matches the IP address for your system running hMailServer.

hMailServer Local Host 
Name

Click on the Save button.

Note: if you don't take the above step, you will see the error below listed when you click on Status to check the status of the server.

ID: W001
Severity: High
Description: You haven't specified the public host name for this computer in the SMTP settings.

hMailServer Server Address 
Error

When you set the value for the local host name, if you telnet to port 25 on the server, you will see it listed in the banner returned by the server.

C:\>telnet 127.0.0.1 25
220 mail.example.com ESMTP
EHLO test
250-hmailserver
250-SIZE 20480000
250 AUTH LOGIN
QUIT
221 goodbye


Connection to host lost.

C:\>

To prevent spammers from sending spam through the hMailServer email server, by default, the server requires SMTP authentication, i.e. unless email is being sent to a defined email address on the server, e.g. one you've created, such as jane@example.com, the server will require a username and password before allowing the email message to be sent through the server. In the example above, when I connected to the SMTP port, port 25, by telnet and issued an EHLO command, the hMailServer software responded with AUTH LOGIN. That indicates that the only mechanism it supports by default for SMTP authentication when an email client connects is the LOGIN method. You also have the option of enabling support for the PLAIN authentication method. I.e, you can configure the software to accept a username and password sent as plaintext, i.e. unencrypted text. To turn on that option, take the following steps within hMailServer Administrator:

  1. Click on the "+" to the left of Settings to see the options beneath it.
  2. Click on the "+" to the left of Protocols to see the options beneath it.
  3. Click on SMTP.
  4. Click on the RFC compliance tab.
  5. Check the checkbox next to Allow plain text authentication.

    hMailServer Plaintext 
Authentication

  6. Click on Save.

If you then connect to port 25 on the server and issue an ehlo command, you should see PLAIN listed as an authentication option as well as LOGIN.

C:\>telnet 127.0.0.1 25
220 mail.example.com ESMTP
ehlo test
250-hmailserver
250-SIZE 20480000
250 AUTH LOGIN PLAIN
quit
221 goodbye


Connection to host lost.

Unfortunately, there are some email clients that don't support those two authentication methods. For instance, Eudora 4.2.2 doesn't support either of those authentication menthods. It uses CRAM-MD5 as the default authentication method (see Eudora and SMTP AUTH).

For such cases, you can allow "relaying" for specific IP addresses. E.g., you can configure hMailServer to allow users on your Local Area Network (LAN) to be allowed to send email throgh the server without authenticating themselves, i.e. without providing a username and password to send email. In this case, you are relying on the sending system's IP address as an authentication method. To do so, take the following steps in hMailServer Administrator:

  1. Click on the "+" to the left of Settings to see the options beneath it.
  2. Click on the "+" to the left of Advanced to see the options beneath it.
  3. Click on IP Ranges.
  4. Two IP ranges have already been defined, "My Computer" and "Internet". You need to add another range by clicking on the Add button.
  5. Provide a name for the range, e.g. LAN.
  6. Set a priority value for the the IP range. You can specify a value between 0 and 1000. A higher value means higher priority. If hMailServer matches two IP ranges, the IP range with the highest priority will be used. For example, if a client is matching one IP range with priority 5, and one IP range with priority 10, hMailServer will use the IP range with priority 10. If a client is matching two IP ranges with the same priority, the choice hMailServer will make is undefined.

    For this example, I'll set a priority of 20. The priority for Internet is 10, so you must make it higher than that value or the rules for the Internet range will be applied, since that range is 0.0.0.0 to 255.255.255.255, i.e. all possible IP addresses. If you made the value the same, i.e. 10, the rules for the Internet range could still be applied.

  7. Specify the lower and upper bounds for the IP addresses on the LAN, e.g. 192.168.0.0 to 192.168.255.255.
  8. Check the types of connections that will be allowed. I'm presuming that the server will allow all 3 types of allowable connections, e.g. POP, SMTP, and IMAP.
  9. Don't check any of the Require Authentication for deliveries options, since you are going to rely on the sending system's IP address for authentication.
  10. For Allow deliveries from, I would not expect a sender to be sending with a "from" address that is not defined through hMailServer Administrator, so I'm not going to check either "External to local accounts" or "External to external accounts". I will check "Local to local accounts" and "Local to external accounts".
  11. For the Other settings, I don't check the anti-spam option. If this option is enabled, hMailServer will run spam protection (such as SPF, DNS blacklists and MX check) for SMTP deliveries originating from this IP range. I want to leave this option disabled for the local network. I don't need to enable forwarding relaying, so I'll leave that option unchecked. But, I will check the anti-virus option, so hMailServer will run virus protection on deliveries originating from this IP range. You will need to later specify the virus scanner to use under the Anti-virus option within Settings to actually have email scanned for viruses or other malware.
  12. When finished setting options, click on the Save button. If you want further information on the options that are available, see IP range.

hMailServer IP Range

To reduce the amount of spam flowing into users' inboxes, I would recommend enabling use of DNS Blacklists (DNSBLs) in hMailServer. hMailServer comes preconfigured to use two such lists, the ZEN list, zen.spamhaus.org, and the SpamCop Blocking List (SCBL), bl.spamcop.net. But use of those two blacklists is disabled by default. To enable their use, look at DNS blacklists beneath Settings, Anti-spam. Click on each entry in turn and then click on the Edit button to enable it. Check the Enabled checkbox for each entry, then click on the Save button to enable that entry.

hMailServer DNS Blacklists

You may want to enable logging so that hMailServer generates logs you can use for troubleshooting or just to get an idea of the amount of email traffic the server is handling. To do so, expand Settings and click on Logging. By default hMailServer doesn't have any log options enabled. Check the Enabled checkbox and select the types of logs you wish to be generated. For an explanation of the various log types, see Logging. The options are as follows:

Application
SMTP
POP3
IMAP
TCP/IP
Debug
AWStats

hMailServer Logging

I enable all logging options, except Debug. The Debug messages log contains low level messages. Debug logging should only be turned on when troubleshooting.

The Mask Passwords option substitutes 3 asterisks in any log file where a password might otherwise be logged. Click on Save to start logging.

The Keep files open setting lets you specify whether hMailServer should keep log files open inbetween writes. The default log writing behavior in hMailServer is that whenever hMailServer should append something to a log file, the file is open, written to and after that closed. This means that any data hMailServer writes to the file is flushed immediately. If there are a lot of small writes to the log files, this may be bad for performance.

If you configure hMailServer to keep log files open, Windows will buffer data being sent to the log file. This may dramatically improve log file performance. The downside is that the log files can not be deleted while they are open. When hMailServer has finished writing to a log file (in the case of the normal log files, this happens at midnight when a new file name is generated), hMailServer will close the file and the file can be deleted.

You can view the logs by clicking on the Show logs button.

To complete configuration of hMailServer, add additional accounts, aliases, and any distribution lists. If there is firewall software running on the system or a firewall in front of the system, make sure that connectivity to TCP ports 25 (SMTP) and 110 (POP3) and/or 143 (IMAP) are allowed to the system and you should be set to have the system handle email for the domain. You can also add additional domains and accounts, aliases, and distribution lists for those additional domains, if you wish.

If you need further information on configuring hMailServer, see the on-line documentation at the developer's website at hMailServer Documentation

References:

  1. Configuration tutorial
    hMailServer - Free email server for Microsoft Windows
  2. Eudora and SMTP AUTH
    Date: May 11, 2008
    MoonPoint Support
  3. hMailServer Documentation
    hMailServer - Free email server for Microsoft Windows
  4. IP range
    hMailServer - Free email server for Microsoft Windows

Valid HTML 4.01 Transitional