CommuniGate Pro
Version 6.3
 

RPOP Module

The CommuniGate Pro RPOP implements E-mail message retrieval using the POP3 Internet protocol (STD0053) via TCP/IP networks. While the POP Module allows the CommuniGate Pro users to retrieve mail from their CommuniGate Pro Server Mailboxes, the RPOP Module retrieves messages from other (remote) hosts and delivers them to user Mailboxes or to other destinations.

The RPOP Module can retrieve messages for each CommuniGate Pro Account from several remote mailboxes. The RPOP Module can retrieve mail for your entire Domain using "Unified Domain-wide accounts" and distribute retrieved messages to their recipients.

The RPOP Module supports non-standard MSN POP3 servers: if the remote host (server) domain name ends with .msn.com, the Module uses the non-standard AUTH MSN method to log into that server.

Post Office Protocol (POP3) and Mail Retrieving

The RPOP Module can be used when the CommuniGate Pro Server has a dial-up connection with dynamically assigned IP address, and thus the Server cannot receive mail via SMTP. The RPOP Module polls the specified remote host (ISP) accounts, retrieves messages and stores them in the Server mailboxes.

Users with several mail accounts on several systems can instruct the RPOP Module to poll those accounts, so all their mail is collected in their CommuniGate Pro Account.

The RPOP Module supports Unified Domain-Wide accounts. A Domain-wide account is an account on the ISP or any other host that collects all messages sent to your Domain. The RPOP Module retrieves all messages from such an account and distributes them based on the addressing information in the message header fields. The RPOP Module can poll several Unified Domain-Wide accounts.

The RPOP Module activity can be limited using the TCP Activity Schedule. The Module does not poll any remote account till the TCP Activity Schedule allows the Server to initiate outgoing network connections.


Configuring the RPOP Module

Use the WebAdmin Interface to configure the RPOP Module. Open the Mail pages in the Settings realm, then open the RPOP pages.

Processing
Log Level:   Processors:

Delay Failed Hosts for: Use APOP
Delay Failed Accounts for: Allow Self-Poll
Source IP Address: Use Domain IP Addresses
Log
Use the Log setting to specify what kind of information the RPOP Module should put in the Server Log. Usually you should use the Major (message transfer reports) or Problems (message transfer and non-fatal errors) levels. But when you experience problems with the RPOP Module, you may want to set the Log Level setting to Low-Level or All Info: in this case protocol-level or link-level details will be recorded in the System Log as well. When the problem is solved, set the Log Level setting to its regular value, otherwise your System Log files will grow in size very quickly.

The RPOP Module records in the System Log are marked with the RPOP tag.

Processes
When you specify a non-zero value for this setting, the RPOP Module starts to connect to the remote hosts and retrieve mail from accounts on those hosts. The setting is used to limit the number of simultaneous connections the RPOP Module can initiate.
Use APOP
The RPOP can use the secure APOP authentication method when connecting to hosts that support this feature. If for any reason you want the RPOP Module to always use the "clear text" passwords, disable the Use APOP option.
Source IP Address
This option selects the default source network address for outgoing POP3 connections. You can allow the server OS to select the proper address or your can explicitly select one of the server IP addresses as the default source network address.
Use Domain IP Addresses
This option selects source network addresses for outgoing POP3 connections. If this option is selected, the RPOP Module will use the first Assigned IP Address for the Domain the RPOP record belongs to, and if the Domain Assigned IP Addresses can be used for outgoing connections.
If this option is not selected, or if the Domain does not have any Assigned IP Address, the RPOP Module uses the default source network address.
Delay Failed Hosts
When the RPOP Module fails to connect to an external host, it marks the host as "failed" and stops polling all accounts on that host. The option specifies when the RPOP Module should try to poll the failed host again.
Delay Failed Account
When the RPOP Module fails to open a mailbox (wrong password, remote mailbox is locked, etc.), or if the connection fails when the Module retrieves messages from a remote account, the Module delays polling of this Account for the specified period of time.
Allow Self-Poll
Very often CommuniGate Pro users misunderstand the concept of remote account polling and specify their own CommuniGate Pro accounts as the "remote" accounts to be polled. This creates message loops and wastes Server resources. If this option is not selected, the RPOP Module checks the network address of the remote POP server it has to connect to. If that address is one of the CommuniGate Pro Server own network addresses, the "remote" account is not polled.

Click the Update button to modify the RPOP Module settings.


Configuring Account RPOP Records

The CommuniGate Pro RPOP Module can poll POP accounts on remote hosts on behalf of the CommuniGate Pro Account users. For each CommuniGate Pro Account several external POP accounts (RPOP records) can be specified. RPOP records can be specified by Server and Domain Administrators, using the WebAdmin Interface.
Open the Account Settings pages and open the RPOP page in the Mail section:

Name Poll Every Account at Host Password Leave APOP TLS Mailbox Last
firstISP 12:34:56
 

If an Account has the CanModifyRPOP setting enabled, the Account user can modify the Account RPOP records via using the WebUser Interface, or a XIMSS client.

Name
This is the RPOP record name: any text specified when the record was created.
Poll Every
This option specifies how often the RPOP Module should poll the remote account.
Set this option to Never to remove this RPOP record.
If you set this option to Disabled, the RPOP record is not removed, but the remote account is not polled.
Account
This option specifies the mail account name at the remote host.
at Host
This option specifies the exact name of the POP server that should be polled. Please note that this could be the name of a specific computer (as specified in DNS A-records), not just a generic domain name of the provider system. For example, if the provider has the domain name provider.com, its POP server is usually named mail.provider.com or pop.provider.com. Consult with your provider.

Note: Standard POP servers accept incoming connections on the TCP port 110. If you need to poll an account on a remote POP server that uses a non-standard port, specify the port number after the host name, using the colon (:) symbol as the separator:
pop.provider.com:111

Password
The password to use to log into the remote account.
Leave
If this option is selected, the RPOP Module does not delete messages from the remote mailbox. Instead, it remembers the UID (Unique IDentifier) of the retrieved messages, and the next time the RPOP Module polls this remote account, it does not retrieve messages that have the same UIDs.
If you want to use this option, verify that the remote POP server supports the UIDL command.

Note: messages UIDs are stored in the Account File Storage, in the private/rpopids/name text files, where name is the RPOP record name.

APOP
If this option is selected AND the UseAPOP RPOP Module option is enabled AND the target host advertises APOP capability in its initial prompt, the RPOP Module uses the secure APOP method for authentication on that remote host.
TLS
If this option is selected, the RPOP Module tries to establish a secure (SSL/TLS) connection with the remote host.

Note:Standard POP servers accept incoming secure connections on the TCP port 995. If you need to poll an account on a remote secure POP server that uses a non-standard port, specify the port number after the host name, using the colon (:) symbol as the separator:
pop.provider.com:9786

Mailbox
This option can specify some Account Mailbox name. If some name is specified, then the retrieved messages are immediately stored in this Mailbox, without any additional processing.

If this option is not specified, the retrieved messages are sent to the Account via the CommuniGate Pro Queue, so all Server-Wide and Account-Level Rules (including External Filters) are applied to these messages.
These messages are flagged as 'do not report failures', so if delivery to the Account was unsuccessful, no error report is sent to the original message sender.

Last
If the last attempt to retrieve mail from the remote account was successful, this field tells when (in the server local time) this attempt took place.
If the last attempt was not successful, the field contains the error code.

To remove an RPOP record, set its polling period value to Never.

To create a new RPOP record, enter its name in the last table row and select some valid polling period value.

Click the Update button to modify the RPOP record set.


Processing Unified Domain-Wide Accounts

A mail account on an external host can collect messages directed to all Accounts (users) of your Domain. The RPOP Module can be instructed to retrieve mail from such an account and distribute it to the local users.

When a message is sent via the Internet, the information about the sender and the message recipients is sent in the so-called mail envelope. If mail is sent via SMTP, the envelope is sent as a sequence of protocol commands.

The information in the envelope is usually the same as the information in the message header fields, but it is not always true. The most important exceptions are:

  • the message header fields do not contain the addresses of the Bcc recipients
  • the header fields of a mailing-list message do not contain the mailing list subscriber addresses.

When a message is stored in a mailbox, the envelope information about the sender is added to the message headers as the Return-Path header field. Usually, the envelope information about the recipients is not added to the message headers.

When the RPOP Module retrieves a message from a Unified Domain-Wide Account, it has to recompose the message envelope and deliver the message to its final recipient. If the message contains the Return-Path header field, the address in that field is placed in the new envelope as the sender's address, and the header field is removed from the message (it will be recreated when the message is delivered to its final destination).

If a Unified Domain-Wide Account is created with the mail system that can copy the recipient addresses from the envelope into some message header field, then the delivery via RPOP is as reliable as SMTP delivery.
Enter the name of that header field into the Unified Account RPOP record settings, and the RPOP Module will look for that field in all messages retrieved from that account. The addresses from that field will be placed into the new envelope and the messages will be directed to those addresses. The header field itself is removed from the message. All accepted addresses get the 'report on failure' flags, so if message delivery fails, the original message sender (the address in the message Return-Path field) will receive an error report.

Unified Domain-Wide Accounts can be provided with a CommuniGate Pro Server running on the provider side. For messages stored in those accounts, the envelope recipients are added to the message headers as the X-Real-To fields. To learn how to provide Unified Domain-Wide Accounts with CommuniGate Pro, check the Local Delivery Module section.

A legacy sendmail system can be configured to add X-Real-To header fields, too. See the Appendix A below.

RPOP records for Unified Domain-Wide Accounts should be created for the postmaster Account in the Main Domain.

The WebAdmin RPOP page for this Account contains the Special field:

Name Poll Every Account at Host Password Leave APOP TLS Special Last
firstISP 12:34:56
 
Special
The name of the messages header (RFC822) field that the provider host inserts into the messages stored in the Unified Domain-Wide Account.

Mail Distribution without Special Header Fields

Many ISPs still use various legacy mail systems that cannot store envelope recipients in message headers. If you have to host your Unified Domain-Wide Account on such a system, enter the star (*) symbol into the Special field.

The RPOP Module will search for all To:, Cc:, and Bcc: header fields in retrieved messages. It will use the addresses from those header fields only if that address is routed to any existing local CommuniGate Pro Account.

If an address is routed to the SMTP or some other Module, or an address cannot be routed at all (unknown user name error, etc.), the RPOP Module does not send any error messages to the sender. The Module simply ignores that address.

All accepted addresses get the 'do not report failures' flags, so if the message delivery fails for any reason, no error report is sent to the original message sender.

If none of the message To:, Cc:, or Bcc: addresses has been accepted, the RPOP Module sends that message to the postmaster Account in the Main Domain.

As explained above, the method based on To:/Cc: header field parsing can cause problems when the actual envelope addresses are not the same as the header field addresses. Besides, some systems do not process the Unified Accounts correctly, so if a message is sent to three users in your domain, those systems may store three copies of the message in the Unified Domain-Wide Account Mailbox. Since each message header contains the addresses of all three users, the RPOP Module will deliver three copies of the message to each user.

The problems with Bcc, mailing lists, and duplicated message can be very annoying, so we strongly recommend you to ensure that the provider's mail system adds the envelope information to the messages stored in your Unified Domain-Wide Account, and you can use the Special Header Field feature.


RPOP Record Format

The RPOP records are stored in the Account database as a dictionary. An RPOP record name is used as the dictionary key, and the correspoding value is a dictionary, containing the following elements:
domain
the domain name or the IP address of the remote mail system.
authName
the mail account name in the remote mail system.
password
the mail account password in the remote mail system.
mailbox
(optional) the name of the mailbox to store retrieved messages in.
special
(optional) the name of the "envelope address" messages header field (see above).
leave
(optional) if the element is present and it has the YES value, mail messages will not be deleted from the remote mail system after they have been retrieved.
TLS
(optional) if the element is present and it has the YES value, connections to the remote mail system must be established securely, using the SSL/TLS protocol.
APOP
(optional) if the element is present and it has the YES value, the APOP login method should be used with the remote mail system.

Appendix A. Configuring sendmail for Unified Domain-Wide Accounts

The following file can be used to force the freeware sendmail program to store the envelope information in message headers.

# This file should be placed into the directory cf/feature from
# the sendmail.8.X.XX.cf.tar.Z archive.
# To add special headers, the macros `FEATURE(xrealto)' should be
# added to the main configuration file in the directory cf/cf,
# and the flag T should be added to the mailer description.
#
# This file adds special headers with the `X-Real-To' keyword.
# The special headers will be added to all messages routed to the
# mailer marked with the `T' flag in the sendmail configuration.
divert(0)
VERSIONID(`@(#)xrealto.m4 0.1 1/4/96')
 
divert(9)
# add the X-Real-To: header field to the message
# if the mailer is marked with the `T' flag
H?T?X-Real-To: $u
divert(0)

After these updates are applied, make sure that sendmail delivers all mail for your domain to one account on the sendmail system. The sendmail configuration for that unified account should list the 'mailer' marked with the 'T' flag.


CommuniGate Pro Guide. Copyright © 2020-2021, AO SBK