SMTP AUTH and POP3 Email Users
- Table of Contents
- SMTP AUTH
- POP3 and Email Forwarders
- Adding a New Email User
- Custom SMTP Authorization
Once your GreenArrow Engine server is configured to receive email for a domain, it can also be configured with SMTP AUTH and POP3 users.
When relaying messages into GreenArrow Engine via SMTP, you have two authorization options. The first option is to specify which IP addresses are authorized to relay mail through GreenArrow Engine. The second option is to create email users, then use SMTP AUTH, or username/password based authentication to log in as an email user before relaying messages.
When a new email user is created within GreenArrow Engine (see below), it’s granted SMTP AUTH access to GreenArrow Engine’s SMTP services. GreenArrow Engine’s default configuration includes SMTP services that listen on ports
587. Some ISPs block outgoing access to port
25, so configuring your injecting application or email client to connect to port
587 is recommended in most configurations.
SMTP AUTH is enabled by default. You can disable SMTP AUTH by sending in a request to GreenArrow technical support or following the steps in the SMTP Services page’s Authorizing SMTP Clients section.
POP3 and Email Forwarders
When a new email user is created within GreenArrow Engine, you have a few different options for how to deliver mail received by that user:
Deliver to local mailbox- stores incoming mail on your GreenArrow Engine server in a Maildir that can be accessed via POP3. GreenArrow Engine’s POP3 server listens on port
Forward to another address- provides the same options for incoming mail as you have when creating an email forwarder.
Deliver to local mailbox and forward- combines the
Deliver to local mailboxand
Forward to another addressoptions.
Follow dot-qmail delivery instructions- allows you to include the contents of a
.qmailfile, and have its logic processed for all incoming messages to this account.
Use the following information to configure your POP3 client:
||The username of the email user that was created.|
||The password of the email user that was created.|
||The hostname of your GreenArrow server. For example, if you log in to GreenArrow Engine’s web interface by going to
Adding a New Email User
Complete the following steps to create a new email user:
- Login to GreenArrow Engine’s web interface.
- Navigate to
- Click the
Users/Forwardersbutton next to the domain that you’d like the user to be created for:
- Click the
Add Email Userbutton:
Enter the username and password of the user that you’d like to create, and select the desired mail delivery option before clicking
Use wildcard matchingbox causes the new email user to receive mail for both the address that’s entered and any address of the form
localpart-*@domain. For example, if the username were
[email protected], then it would receive mail addressed to
To create a catch-all email address that will accept all emails for users that do not already exist on that domain, create an email address with the username
defaultand click the
Use wildcard matchingoption.
Custom SMTP Authorization
In addition to GreenArrow Engine’s user database, you may add your own users to the database.
GreenArrow Engine provides a
eng_smtp_auth_users__raw_db_access table with the following definition.
You may insert, delete, or update this table at will.
Table "public.eng_smtp_auth_users__raw_db_access" Column | Type | Modifiers ----------------+---------+--------------------------------------------------------------------------------- id | bigint | not null default nextval('eng_smtp_auth_users__raw_db_access_id_seq'::regclass) username | text | not null crypt_password | text | not null crypt_salt | text | not null active | boolean | not null default true Indexes: "eng_smtp_auth_users__raw_db_access_pkey" PRIMARY KEY, btree (id) "eng_smtp_auth_users__raw_db_access__username__uniq" UNIQUE, btree (lower(username))
username field must be case-insensitive unique.
crypt_salt field can be any value you wish to use to increase the entropy of the hashed passwords.
crypt_password field should be set to the lowercase hexadecimal
SHA256 hash of the concatenation of
crypt_salt and the raw password.
<?php $crypt_password = strtolower(hash("sha256", $crypt_salt . $raw_password));
You may use the
active column to disable users temporarily. Only users with
active = TRUE will be successfully authenticated.
Users authorized in this way are for sending only. This feature is only enabled if the control flag
/var/hvmail/control/opt.smtp_auth_user_database is enabled by running
echo 1 > /var/hvmail/control/opt.smtp_auth_user_database