30.1  Persistent Internet Connection

Information and Requirements

  1. The company has the domain company.com and a primary MX record points to the computer where Kerio MailServer will be installed (the name of the computer in DNS is mail.company.com) .

  2. The computer is connected to the Internet via a leased line.

  3. There is no relay SMTP server.

  4. The company uses the NT domain DOMAIN and users will be authenticated in this domain.

  5. The production department will have an address production@company.com and the sales department will have the address sales@company.com

  6. Some users would like Kerio MailServer to download messages from their mailboxes on the Internet and deliver them to their local mailboxes.

  7. AVG 7.0 antivirus program will be used for checking mail for viruses and no EXE, COM, BAT and VBS attachments can be sent.

  8. Remote administration of Kerio MailServer will only be allowed from the IP address 67.34.112.2 (external administrator).

Implementation

  1. In the Configuration → Domains section, create the primary local domain company.com and enter the server's DNS name mail.company.com. In the Authentication tab enter the name of the NT domain DOMAIN.

  2. In the Domain Settings → Users section, use the Import button to import all users from the domain. This way the users will not have to be added manually.

  3. In the Domain Settings → Groups section, create the groups Production and Sales and add appropriate users to them.

  4. In the Domain Settings → Aliases section, define the aliases production and sales to be delivered to the corresponding user groups.

  5. The Internet connection is permanent. In the Configuration → Internet Connection section, select the Online option.

  6. Outgoing mail will be sent directly to the target domains. On the SMTP delivery tab in the Configuration → SMTP server section, select the Deliver directly using DNS MX records option.

  7. In the Configuration → POP3 Download section, define retrieval of email from requested external mailboxes. For each mailbox, select a user to whom messages from the mailbox will be delivered.

  8. Set up scheduling for downloading of mail from the remote mailboxes. The leased line is fast and is connected permanently so messages from the mailboxes can be downloaded quite often. Set scheduling every 10 minutes (Every 00:10). Outgoing mail is sent immediately and no mail is received using ETRN — only tick Receive POP3 mailboxes.

  9. In the Configuration → Content Filter → Antivirus section, enable antivirus control and choose the AVG 7.0 module. In Configuration → Content Filter — Attachment Filter, enable filtering and set forbidden files, i.e. *.exe, *.com, *.bat and *.vbs.

  10. In the Configuration → Definitions → IP Address Groups section, create a group named Remote administration and assign it a single IP address (host) 67.34.112.2.

  11. In the Configuration → Remote Administration section, tick Enable administration from network and Only from this IP address group. Choose the created group Remote administration here.