Server Gigabit Guide

Facebook Twitter Youtube Instagram
  • Login
  • Register
  • Contact Us
Server Gigabit Logo

Email Server in Windows Server, Part 2: Comprehensive Guide

You are here:
Estimated reading time: 2 min
In this article

 

This is a follow-up to the tutorial “Email Server in Windows Server, Part 2: Comprehensive Guide”, directed to those who already have an hMailserver and want to increase the security. In this guide, you will learn how to secure your email server in Windows Server. We will cover topics such as spam protection, malware protection, and TLS encryption. By following these instructions, you can effectively safeguard your server from malicious activities and ensure the integrity of your email communications.

Spam Protection

  1. Navigate to Settings >> Anti-spam in the hMailserver Administrator.

  2. In the “General” tab, retain the default settings.

  3. In the “Spam tests” tab, enable all four spam detection parameters:

    • Use SPF (3)
    • Check host in the HELO command (2)
    • Check that sender has DNS-MX records (2)
    • Verify DKIM-Signature header (5)

Malware Protection

  1. Integrate ClamWin antivirus software into hMailServer.

  2. Download and install ClamWin from its official website: https://sourceforge.net/projects/clamsentinel/

  3. Configure hMailServer’s anti-virus settings:

    • Navigate to Settings >> Anti-Virus >> ClamWin in the hMailserver Administrator.

    • Click “autodetect” to automatically locate the ClamWin installation directory.

    • Click “Save” to finalize the integration.

TLS Encryption

  1. Enable TLS encryption to secure email connections.

  2. Obtain an SSL certificate for your server’s hostname.

  3. Generate a new certificate using XCA:

    • Open XCA and create a new database.

    • Navigate to the “Certificates” tab.

    • Click “New Certificate” and enter your server’s hostname under “CommonName”.

    • Click “Generate a new key” to create a key for the certificate.

    • Finalize the certificate creation by clicking “Create”.

  4. Export the certificate and key:

    • In the “Certificates” tab, select the certificate and click “Export”.

    • Maintain the default path for exporting the certificate.

    • Repeat the process for exporting the private key.

  5. Import the certificate and key into hMailServer:

    • Open the hMailServer Administrator and navigate to Settings >> Advanced >> SSL certificates.

    • Click “Add” and select the previously exported certificate and key.

    • Save the settings.

  6. Modify TCP/IP port settings:

    • Navigate to Settings >> Advanced >> TCP/IP ports in the hMailServer Administrator.

    • Modify the three entries below “0.0.0.0 / 25 / SMTP” as shown in the images provided.

    • Save the settings.

  7. Open the modified ports in your firewall:

    • Edit the firewall rule named “Ports for hMailServer”.

    • Change the “Local ports” from 25, 110, 143, 587 to 25, 465, 993, 995.

  8. Update email client settings:

    • Incoming server:

      • Protocol: IMAP
      • Port: 143
      • Security: SSL/TLS
      • Server: The IP or hostname of your server

    • Outgoing server:

      • Protocol: SMTP
      • Port: 587
      • Security: SSL/TLS
      • Server: The IP or hostname of your server

Conclusion

By following the comprehensive instructions provided in this guide, you can effectively secure your email server in Windows Server. By implementing spam protection, malware protection, and TLS encryption, you can safeguard your server from malicious activities and ensure the integrity of your email communications.

Was this article helpful?
Dislike 0
Views: 35