FAQ - Frequently Asked Questions

How do I restart the server?

On NT, type in: net start surgemail

On 95/98, type in: /surgemail/surgemail

On Unix, type in: /usr/local/surgemail/surgemail_start.sh

To start it remotely use SurgeMail monitor on http://your.mail.server:7027

How do I get to the web manager?

Use your web browser and type in a link like this: https://your.mail.server:7025 If you are on the machine itself this link should work https://127.0.0.1:7025

How do I set the web manager username and password?

*nix systems you need to go to the shell and type
cd /usr/local/surgemail
./surgemail -password

Windows systems you need to go to the command prompt

cd \surgemail
surgemail -password

Can I use include files in surgemail.ini

Not normally no, the reason for this restriction is that the web interface allows you to modify config settings in a nice and safe manner, as a result the ini file needs to be re-written, and if it was composed of include files it would be difficult, dangerous and very nearly impossible to write it out correctly after a change.

However, you can do it if you want, but if you put an 'include full_path/file.ini' directive in surgemail.ini then any call to save the ini file will silently fail (so your web admin will just seem to work but won't really). Also note, if you create an ini file with 10,000 include files in it, and it takes 3 minutes to reload it, we will not have any sympathy for you (we've seen this done before really!)

How do I enter my registration key?

In the web manager click on the 'Register' link on the navigation pane.

Alternatively run tellmail activate on the command line with your registration details:
       tellmail activate N123 myemail@mydomain.com

Why is the manager sluggish on Netscape & Win 2000?

This is a bug in Netscape. It steals all the CPU while waiting for a web page to arrive but since the server is on the same system that means it responds slowly. You can fix it in task manager: set the priority for Netscape down to 'below normal' and suddenly it will work faster!  Or upgrade to a fixed version of Netscape.

How do I stop swatch (SurgeMail Monitor)?

It should never be necessary to stop swatch manually as swatch is designed to keep running so that SurgeMail can be restarted using the web interface. But, if for any reason the SurgeMail monitor process needs to be manually stopped create the mon.exit file in the SurgeMail directory and swatch will shutdown.

Are there concurrent user limits?

The number of concurrent users is operating system dependent and basically a matter of how many threads and file handles the operating system supports. Here are the approximate figures- 
 

Operating system Concurrent mail sessions (these are not hard limits)
Windows NT 1,500
Linux 500-1000 on early versions
more on recent kernals that do not have handle or thread limits
Solaris 7

500

Solaris 8 2,000

 

How do I tailor the quota message?

In the SurgeMail directory create a file called quota.eml, something like this (this requires SurgeMail 1.3m or later):

Subject: A new quota message ||domain||
reason: ||reason||

max=||max|| used=||used|| size=||size||

This is the quota

message for domain: ||domain||

ends here.

Which will look something like this for the user:

Subject: A new quota message xxx.yyy.com
reason: Quota exceeded 250000>200000

max=200000 used=190000 size=60000

This is the quota

message for domain: xxx.yyy.com

ends here.

How do I use SurgeMail with Pine / Mutt to read my mail?

SurgeMail uses mdir format to store mail which cannot be read by mail clients that read the mail drop file directly. The "Deliver" mail delivery robot can be used to deliver mail to a drop file:

Deliver is available from sourceforge.net and can be configured in SurgeMail using a mail redirection rule in surgemail.ini as per:

g_redirect was="marijn@mydomain.com" to="|./deliver -b /var/surgemail/mydomain.com/hd/fg/marijn/dropfile"

Where are the SurgeMail configuration files?

SurgeMails main configuration file is surgemail.ini which is store in /etc on UNIX systems and your Windows directory on Windows systems (eg c:\winnt). This file can be edited by hand after which a "tellmail reload" would need to be issued or edited via the web interface. Backups of this file are stored in the SurgeMail directory as ini_YYMMDD.rec.

WebMail has a separate configuration file stored in surgemail/scripts/webmail.ini.

How do I get WebMail to allow me to move files back to the inbox?

If WebMail is using IMAP to talk to SurgeMail this can be enabled using the following setting in webmail.ini. (This is now enabled by default but used to be disabled by default)
enable_inbox_transfer "true"

Why do I get the error "Failed to detect host" in WebMail?

This just means WebMail could not talk to SurgeMail. There could be several reasons. The most likely reason is that SurgeMail does not have the correct settings in the event that your domain name is different from your hostname eg mydomain.com vs mail.mydomain.com see for more detail

Check your webmail.ini file, surgemail/web_work/surgehost.ini and surgemail.ini for possible misconfiguration of individual domains.

Where can I download / get a printed version of the manual?

The online help is the primary documentation this is distributed with every SurgeMail download and the latest version is available online. An automatically generated pdf version is also available.

How do I install additional WebMail templates?

Different WebMail templates may be installed. The Surgemail + Webmail distributions come with three template sets by default (Panel, Surge and Smooth). Several additional template sets are available but most of these have a rather out of date "look and feel" to them and or do not supply all the functionality now supplied by webmail and surgemail (these include marble, iconic, vanilla).

Several examples of the flexibility of the webmail look and feels can be found on the the following pages:
https://netwinsite.com/surgemail/templates.htm
https://netwinsite.com/webmail/gallery/index.htm


All that is required to install a template set is to add the actual template files to the directory surgemail/webmail/templatename, the images to surgemail/www/nwimg/mail/template name and add one line to webmail.ini defining it. eg:
tpl_set 2 E:\surgemail\webmail\marble /nwimg/mail/marble Marble Set (Marble)

How can I use "sendmail" style command line syntax to send mail?

SurgeMail installs a sendmail stub. This will allow your PHP scripts and the like to continue sending mail using the same syntax they have always done. You will need to ensure SurgeMail is allowing relaying for your local IP. If it is not working pass the stub the "-debug" parameter it should create a sendmail.debug file that will give you information as to why it is not working.

How do I fix "DNS lookup failed" errors?

This means that DNS resolution of an address failed and can be for one of several reasons:

1) Wrong server being used
2) Server is not responding or firewall / router is blocking TCP port 53

SurgeMail will attempt to use the DNS settings of your operating system for its name resolutions. If this is not working for some reason you can manually force SurgeMail to use particular dns servers using the setting g_dns_host setting.
eg. where the IP numbers are the ip addresses you wish to force SurgeMail to use.
g_dns_host "1.2.3.4,2.3.4.5"

note: You must restart SurgeMail when changing g_dns_host

SurgeMail provides status information on the DNS servers that it uses in on the status page on the web interface.

If this still fails it may be that the DNS server is faulty and is not responding or that a firewall or gateway is blocking TCP port 53 access. (some OS services only require UDP access which is why your firewall might be blocking TCP traffic on port 53) To test this telnet to your DNS server as per "telnet your.dns.server.ip 53". If this does not connect this is the problem. If this does connect then your DNS server is working fine.

How do I fix DNS "lookup_name" lockups?

Set the setting g_dns_paranoid to false i.e.

g_dns_paranoid "false"

And restart SurgeMail. If the problem persists contact surgemail-support@netwinsite.com.

How do I add users on the command line?

Users can be added on the command line as follows (You need to run the path etc for your authentication module as specified in surgemail.ini)
./nwauth -path . -set username@domain password

Alternatively for a more efficient process create a text file of nwath
commands and pipe it to nwauth as follows:
>>Start of file nwauth.in<<
set user1@domain.com password
set user2@domain.com password2
set user3@domain2.com password3
>>End of file<<
./nwauth -path . < nwauth.in

or for list of nwauth command lin commands:
./nwauth -help

In new versions built later than the 25th of April 2004 you can now use a tellmail command
tellmail add_user <user@domain> <password>
This automatically uses the correct authent module etc

Is there a printed version of the documentation?

Yes, a pdf version of the online help can be downloaded from:
https://netwinsite.com/ftp/surgemail/doc/surgemail.pdf

What ports do I need to open on my firewall?

This depends on the services you wish to offer, but in principle the main ports you will need open to TCP traffic are:

53 DNS lookup for outgoing mail
110 POP3 services (Also used for mirroring)
143 IMAP services
25 SMTP services
587 SMTP Local Users
443 HTTPS
80 (or 7080 if port 80 is already in use) Webmail HTTP access
7025 Administration HTTPS access

SurgeMail also uses the following

995 Secure POP3 services
993 Secure IMAP services
465 Secure SMTP services
7110 SurgePlus

7443 Secure Webmail HTTPS access
7026 Administration HTTP access
7027 Monitor HTTP access

What does the SurgeMail version numbering mean?

SurgeMail version numbering is setup as follows <Number>.<number><letter>[optional number] - <build number> eg 1.5a - 12

  • The first number is a major release number version expected to change approx once per year.
  • The second number is a release number which will include new features and is expected to change once a month.
  • The letter is a sub version number which gets modified each time a new version is uploaded to netwinsite either as a beta or as a specials build. This will probably change almost on a daily basis and will include both new features and bug fixes. eg 1.5a -> 1.5b
  • If the production builds need to be patched for a specific bug fix only, the optional number will be incremented eg 1.5a2
  • Whenever a new build is supplied to a customer the <build number> will be updated (as of SurgeMail 1.8e)

Updates.htm documents changes since the last production release whenever a new version is released as a likely production release candidate.

Prior to version 1.5a this was defined slightly differently.

WebMail fails to connect - Failed to Auto-Detect POP or IMAP at

In surgemail/webmail.ini ensure the settings for IMAPhost and SMTPhost point to your actual server and not a domain that resolves to some other system, or doesn't resolve at all eg:

	smtphost localhost
	imaphost localhost

Can I run WebMail on a seperate machine?

Yes. In some cases it might be beneficial to run the WebMail CGI on a different machine, to do this, simply install WebMail on the other machine see the WebMail documentation on how this is done. Then in addition to the normal configuration requirements, eg: pophost smtphost etc you need to configure these WebMail settings:

use_id_autologin true

friends_only true
autorespond true
netwin_autologin_id 0 https://surgemail.server.com:7025/cgi/user.cgi /var/spool/webmail lcmd=user_load_pass&vhost=||vhost||&webmail=true& bgcolor=||href_text||cust_panel_bgcolor||&tdcolor=||href_text||#eeeeff||&thcolor=||href_text||#D6D6CE||&border=0&background_image=||href_text||cust_panel_background|| netwin_autologin_id 1 https://surgemail.server.com:7025/cgi/user.cgi /var/spool/webmail lcmd=user_load_fcommon&vhost=||vhost||&webmail=true& bgcolor=||href_text||cust_panel_bgcolor||&tdcolor=||href_text||#eeeeff||&thcolor=||href_text||#D6D6CE||&border=0&background_image=||href_text||cust_panel_background|| netwin_autologin_id 2 https://surgemail.server.com:7025/cgi/user.cgi /var/spool/webmail lcmd=user_load_fwd&vhost=||vhost||&webmail=true& bgcolor=||href_text||cust_panel_bgcolor||&tdcolor=||href_text||#eeeeff||&thcolor=||href_text||#D6D6CE||&border=0&background_image=||href_text||cust_panel_background|| netwin_autologin_id 4 https://surgemail.server.com:7025/cgi/user.cgi /var/spool/webmail lcmd=user_spam_load&vhost=||vhost||&webmail=true& bgcolor=||href_text||cust_panel_bgcolor||&tdcolor=||href_text||#eeeeff||&thcolor=||href_text||#D6D6CE||&border=0&background_image=||href_text||cust_panel_background|| netwin_autologin_id 5 https://surgemail.server.com:7025/cgi/user.cgi /var/spool/webmail lcmd=user_load_centipaid&vhost=||vhost||&webmail=true& bgcolor=||href_text||cust_panel_bgcolor||&tdcolor=||href_text||#eeeeff||&thcolor=||href_text||#D6D6CE||&border=0&background_image=||href_text||cust_panel_background|| netwin_autologin_id 6 https://surgemail.server.com:7025/cgi/user.cgi /var/spool/webmail lcmd=user_sms_load&vhost=||vhost||&webmail=true& bgcolor=||href_text||cust_panel_bgcolor||&tdcolor=||href_text||#eeeeff||&thcolor=||href_text||#D6D6CE||&border=0&background_image=||href_text||cust_panel_background|| netwin_autologin_id 7 https://surgemail.server.com:7025/cgi/user.cgi /var/spool/webmail lcmd=user_listmb&vhost=||vhost||&webmail=true& bgcolor=||href_text||cust_panel_bgcolor||&tdcolor=||href_text||#eeeeff||&thcolor=||href_text||#D6D6CE||&border=0&background_image=||href_text||cust_panel_background||
And these surgemail.ini settings:
g_autologin_pop "TRUE"

g_webmail_url "http://other.server.com/scripts/webmail.exe"

In addition for every domain you add to SurgeMail you will now manually need to update webmail.ini with the domain details, see the WebMail documentation on "Virtual Hosts" for how this is done.

How do I (manually) install / uninstall Avast Antivirus

The avast installer in integrated to SurgeMail web admin interface - just press the install and uninstall button on the globals page.

There should not be the need to manully install Avast but if necessary this can be done by: downloading the installation package from ftp://netwinsite.com/pub/surgemail/util/avastoem.exe running the command line:
avastoem.exe /oem "SurgeMail"
and making sure it is installed into the SurgeMail\Avast directory.

Again there should not be the need but to manually uninistall just delete all the files and subdirectories in the \surgemail\avast directory other than surgemail\setup\setupif.dll which is required to install again via surgemail web admin. In addition you need to delete the registry key :HKEY_LOCAL_MACHINE\SOFTWARE\ALWIL Software\Avast\SurgeMail and all entries within it.

I have more than one IP but only want SurgeMail to listen on one, how?

g_smtp_port <ip:port>

This allows SurgeMail to listen on a specified port and IP, you can add multiple IPs if you wish to listen on more than one and multiple ports also.

eg:
g_smtp_port "1.1.1.1:25, 2.2.2.2:1025"

How do I check my virus scanner is running ?

You can check the status page and check how many viruses have been caught. You can also send a test virus through which can be got from www.eicar.org, and then of course there are the logs you can check.

How do I make SurgeMail bind to one ip for outgoing messages?

In surgemail.ini add the following setting then restart.

g_bind_out "x.x.x.x"

How do I move SurgeMail to a new machine?

There are two ways of doing this, one is basically copying all the files to the new machine. The second is by setting up a mirror and letting SurgeMail mirror itself over to the second machine.

See this page for the mirroring method (recommended)

Or the manual method to move SurgeMail

  1. Install SurgeMail on new machine
  2. Setup anything you tailored on the original system (e.g. authent modules)
  3. Stop SurgeMail on new machine
  4. tellmail deactivate on old machine
  5. Stop SurgeMail on old machine
  6. Copy surgemail.ini from old machine to new machine
  7. Copy the SurgeMail directory, the mail directory and the database over to new machine.
    Check surgemail.ini for the paths to copy for the mail directory (g_mailbox)
    The default database is nwauth which will be stored in the surgemail directory but consists of the files (nwauth.add, nwauth.txt)
  8. Check surgemail.ini and check everything is located correctly. Change all the paths if necessary
  9. Chown -R mail files (if on UNIX) for all mail folders etc...
  10. Start surgemail on new machine, check logging in etc
  11. tellmail activate on new machine
  12. If you have moved from one OS to a different OS then you should run the installer on the new server again so that it places the correct binaries on the new system.

How do I backup SurgeMail?

  • Backup surgemail.ini which is found in the windows directory or /etc if on UNIX
  • To backup the mail you need to backup the directory that stores all the mail. You will need to check this location in surgemail.ini look for "g_mailbox_path" and that will give you the directory to backup.
  • To backup the user accounts, if you are using NWAuth for your user database (which is the default) then you should backup all the nwauth* files in the SurgeMail directory.
  • Finally you can backup the SurgeMail directory which contains the programs, the temporary work area for queued messages, and the templates etc etc.

On Windows you can just use something like winzip to copy everything, on UNIX based platforms you can use tar and gzip or whatever you prefer.

To restore a backup

  1. Install SurgeMail on the new box
  2. Shutdown SurgeMail on both machines
  3. Copy your backup over to the new machine and untar/unzip (If you are on linux using tar is a good idea as this will preserve file permissions)
  4. Check the file permissions if you are linux (ls -l) they should be owned by mail
  5. Copy surgemail.ini over to the new machine and check the paths in it to make sure they are correct.
  6. Restart SurgeMail

If you are moving SurgeMail to a new machine you can check this guide http://www.netwinsite.com/surgemail/help/faq.htm#moving_surgemail

How do I send my mail through my ISPs server or some other mail server?

If you need to send your mail via another SMTP server then you can use the gateway setting. This setting lets you choose which domains to send to a server so you can send one domain to one server and another domain to another server or you can send all domains to one server. This is useful if your ISP won't allow you to connect to port 25 on remote machines or if you are on cable/DSL and domains like AOL won't accept mail from you because of this so instead you can send all your mail through your ISPs mail server.

Example 1: Sending all mail through a differerent server

g_gateway domain="*" to="ip of server to use" relay="false"
If you need to authenticate on the server you are going to use you can do this
g_gateway domain="*" to="ip of server to use" relay="false" user="user to auth with" pass="password of user"

Example 2: Sending mail going to AOL via a different server

g_gateway domain="aol.com" to="ip of server to use" relay="false"
You can add SMTP AUTHentication like in example 1.

You can find more information on using the gateway setting here g_gateway

How can I change a domain name in SurgeMail?

  1. Stop Surgemail
  2. Make a backup of nwauth.* and surgemail.ini
  3. If using nwauth, then Run ./nwauth -rename old.domain.name new.domain.name   
  4. If not using nwauth change the domain names in your database!
  5. Edit surgemail.ini and change the vdomain name="OLD.DOMAIN.NAME" TO "NEW.DOMAIN.NAME"
  6. And add 'host_alias "old.domain.name" if desired.

Slow performance, virus scanner installed?

If you have a virus scanner like Nortons installed with Auto Protect enabled, you should disable the auto protect feature which will seriously kill performance of the mail server (e.g. it may run 100 times slower). Also if you have your virus scanner enabled for incoming/outgoing mail you should disable that as well as it could easily break the mail server protocol in unexpected ways.

SurgeMail has a virus scanner option 'avast' which should be used for scanning for viruses in mail messages, it is much much more efficient as it is properly integrated.

I cannot delete a file in webmail (turn off your virus scanner!)

If you have a virus scanner like Nortons installed with Auto Protect enabled, it may lock access to webmail files, this will prevent webmail from deleting the message file, this then upsets the user :-). So let me repeat, don't run a virus scanner on your mail server, instead use a scanner inside SurgeMail. (e.g. avast)

How do I run SurgeMail and IIS SMTP virtual server on the same Windows server?

Applies to Windows 2000

PROBLEM:  You can not have SurgeMail and IIS SMTP Virtual Server listening on the same TCP port 25.  The IIS SMTP service listens to port 25 on all unassigned IP addresses, even though you specify a specific IP address for the SurgeMail server.  You need to disable the MS IIS socket pooling feature (DisableSocketPooling).  This property is not exposed in ADSI for SMTP.

This works for IIS also, just substitute SmtpSvc with the W3SVC

SOLUTION: 

  1. Assign a unique IP for SurgeMail …. For example if your server's IP is 123.123.123.30 , assign 123.123.123.31 to be used for the DNS resolution that will point to the URL that resolves to SurgeMail on your Windows server, e.g. mail2.yourdomain.com.
  2. Download and install the MetaEdit2.2 utility for IIS. – see article http://support.microsoft.com/kb/232068/EN-US/
  3. Stop the default SMTP Virtual Server in IIS, if you haven't already to have SurgeMail SMTP work on port 25.
  4. Create a backup of your IIS metabase by using IIS Manager, right-click on your server and select Backup/Restore Configuration and then create a backup file in case the edit fails.
  5. Run the MetaEdit2.2 utility and follow the instructions at http://support.microsoft.com/default.aspx?scid=kb;en-us;281760
  6. Restart the IIS default SMTP Virtual Server and it should take off fine.  We now have SurgeMail and IIS SMTP virtual server listening on port 25 with two unique IP's!

I can't receive mail

Usually this is one of the following

  • Firewall not letting traffic in on port 25
  • Router not configured to let traffic in on port 25
  • ISP blocking incoming traffic on port 25
  • DNS records not setup correctly.

So first check that you can connect locally to the server. At the command prompt on the server type

telnet localhost 25

You should receive a welcome message like this
220 mydomain.com SurgeSMTP (Version 3.1b-1) http://surgemail.com

If you get unable to connect then it's probably due to a firewall running on that machine that is stopping surgemail.

If you are running SurgeMail on a Windows operating system you can restart surgemail and then check mail.log and check it says
"03 10:32:22.89:Info:2156: Listening on (all interfaces:25)"

You can use this page to help test sending mail to your server.
http://email-test.com

 

I am getting a DNS lookup failure, what can I do?

You need to check that you have the port open for SurgeMail to the DNS.

Port 53 TCP and UDP

You can test the DNS is working and SurgeMail has access to it by going to the shell or command prompt and typing

nslookup
server= <ip of DNS>
set type=MX
netwinsite.com

Don't type the angle brackets :).

You should then get a response back looking like this:
netwinsite.com MX preference = 10, mail exchanger = mail.netwinsite.com


You can then type exit to exit the nslookup program.

Once you have tested that it works you can make sure SurgeMail is using this DNS.
Login to the SurgeMail webadmin and in the setting search box type
g_dns_host
then edit that setting and put the ip of your DNS in there.
Then click save, then completely stop surgemail and restart it.

You should now be able to send emails without dns problems, there will be times when you will get some dns lookup failures of course.

 

I am running Apache/IIS hosting a website, Can I run SurgeMail with webmail on the same machine?

Yes you can!, there are several ways in fact.

  1. If you have a spare ip on the machine you can make webmail bind to that IP only and then configure Apache/IIS to only bind to the other IP. This means you can have webmail running on port 80 (normal web port) and it won't interfere with Apache/IIS.
  2. You can setup webmail so it runs directly under Apache or IIS, you will need to download webmail separately from netwinsite and run the webmail installer and then turn off the webmail port in surgemail as you won't be using that. You would then setup a virtual domain in apache or IIS for the webmail.
  3. You can setup a virtual domain in IIS/Apache and then redirect requests to that domain to port 7080 where SurgeMail's web server will then take care of things, this is operating Apache in a proxy mode but with IIS you are just redirecting the browser, unfortunately IIS as far as I know does not support proxy. This is the easiest thing to do and best thing to do if you don't have a spare IP.

If anyone knows of a free proxy support module for IIS let us know. There is one that could be tried http://www.isapirewrite.com/ but this is commercial, however they do have a trial period I believe.

Options 1 & 3 are the recommended ones and easiest.

Here is exactly how you would do option 3

Apache:

In this example we will use the domain "test.com" test.com is already running a website and we want to add a subdomain webmail.test.com which will go directly to webmail.

So you will need to edit httpd.conf which is found commonly in /etc/httpd/conf

If you skip to the end you will find the virtual domain setup, basically you would have something like this

    NameVirtualHost *:80
    <VirtualHost *:80>
        ServerName www.test.com
        DocumentRoot /var/www/html
    </VirtualHost>
    <VirtualHost *:80>
        ServerName webmail.test.com
        ProxyPass / http://127.0.0.1:7080/
        ProxyPassreverse / http://127.0.0.1:7080/
    </VirtualHost>

That's it, the first virtualhost block is your default domain and should match your DocumentRoot setting in httpd.conf.
The second block is where we setup webmail.test.com and then use the proxy module commands to forward requests to that domain onto the SurgeMail webserver which by default listens on port 7080

If you receive a warning about cookies not getting passed in, you may need to configure the following setting too:

 ProxyPassReverseCookieDomain 127.0.0.1 webmail.test.com

note: ProxyPassReverseCookieDomain does NOT take a port number.

If you are configuring multiple domains through a virtual host configuration and are having trouble with them not getting resolved you may need to use the apache configuration setting:

 ProxyPreserveHost On

You can find full documentation on virtual domains for Apache here. http://httpd.apache.org/docs-2.0/vhosts/

IIS 5/6

This is very easy to do.

  1. Load up the IIS Manager.
  2. Right click on "websites" then click select New then select website which should open the wizard
  3. Enter a description (webmail for test.com)
  4. The next screen it asks for the ip and the port, just leave these as they are as we are using named based virtual domains, so in the "Host Header" box type "webmail.test.com" (without the quotes. and click next.
  5. It then asks for the path for this virtual domain, just make a directory in your document directory for this domain (like... c:\inetpub\www\webmail) and then select that and then next
  6. Just give it read permissions
  7. After you click next it should finish the wizard, now we need to tell it to redirect everything to port 7080 for this domain
  8. Right click on webmail in the list and then click properties
  9. Click on the home directory tab
  10. Select "a redirection to url" and then enter http://webmail.test.com:7080 and then click ok

Now when you browse to http://webmail.test.com you should go direct to the webmail pages
If you have any problems please email us at surgemail-support@netwinsite.com

 

How can I fix this error 399 TCP Read failed?

  1. Upgrade surgemail
  2. Check and remove any virus scanner installed on your mail server
  3. Check your ip address to see if it's listed in any black listing RBL service
  4. Try connecting to the destination host from your mail server, and from another
    system to see if it works or not.
    telnet <ip of destination server> 25

Duplicate messages sending or receiving

There are many situations where duplicate messages can occur. Specifically when one server has sent a message but before the receiving server says 'I've got it' a bunch of tests are performed, if these take too long the connection may timeout. In this situation the sending system will resend, but the receiving system believes it has the message and says "I've got it". Big delays like this should not occur normally with surgemail so would be a sign of something

There are many situations where duplicate messages can occur. Specifically when one server has sent a message but before the receiving server sais 'I've got it' a bunch of tests are performed, if these take too long the connection may timeout. In this situation the sending system will resend, but the receiving system believes it has the message and sais "I've got it". Big delays like this should not occur normally with surgemail so would be a sign of something wrong.

Also mail clients set to 'leave messages on the server' can get confused in some instances and refetch messages, this also shouldn't happen though. Examine the msg*.rec delivery logs to determine if a duplicate was delivered twice or just 'read' twice by the client.

Here are some general things to check:

  • Check if you have a virus scanner on your system or client, if so remove it and see if that fixes it, virus scanners regularly break the smtp protocol :-)

  • If your dns is sluggish surbl may be taking too long: g_surbl name="multi.surbl.org"
    stamp="sc.surbl.org,ws.surbl.org,phishing,ob.surbl.org,ab.surbl.org,jp"

  • Check the following settings which are all potentials for 'delays' which might cause this problem. g_badfrom... g_mx_verify...

  • Capture the thread in mail.log of an incoming message that takes a long time, then scan down the time stamps to find the 'biggest' gap in time, then you should see the cause.

Here are some links with things to check and notes on outlook issues:

  • http://support.microsoft.com/default.aspx?scid=kb;en-us;292249
  • http://support.microsoft.com/default.aspx?scid=kb;en-us;317945
  • http://www.its.caltech.edu/~halweb/pc/software/outlookxp-duplicate.txt

 

How do I get to the command prompt in Windows?

  1. Left cick on the start button
  2. Left click on Program files or All Programs
  3. Left click on Accessories
  4. Left click on command prompt

How do I whitelist a domain?

There are several steps involved as there are various whitelists, for RBL's , ASPAM etc. RBL's & ASPAM

g_orbs_late "true" (allows RBL based exceptions based on rctp and from address)
g_spf_skip_to "*@domain" (applies to RBL's and ASPAM)
g_spf_skip_from "*@domain" (applies to RBL's and ASPAM)
g_smite_skip "*@domain.com" (applies to smite scoring and thus friends - this is the source domain)
g_smite_skip_to "*@domain.com" (applies to smite score & friends - this is the destination domain)


If you know the IP's of the domain you want to whitelist you can also whitelist based on them.
g_spf_skip "ip" - skips spf checks for emails from this ip
g_orbs_exception "ip" - skips RBL checks for emails from this ip
g_mfilter_skip "ip" - skips mfilter processing for emails from this ip
g_spam_allow "ip" - skips spam throttle limits, ideal for the ip address of a mailing list server.

 

Sendmail - My forms can no longer send mail

SurgeMail replaces the sendmail binary with a sendmail stub, this basically pretends to be sendmail and redirects everything to SurgeMail. Your programs should not have any problems but sometimes there are.

  • Create a file called sendmail_surge.ini in /etc on *nix or the windows directory on Windows.

  • in this file add the following settings
    host 127.0.0.1
    debug true

Then try sending a message with the sendmail binary

/usr/sbin/sendmail -debug
From: yourusername@yourdomain
To: user@whateverdomain
Subject: test

This is a test
.

You can then view sendmail.debug to check what has happened. If you still have problems please send us the sendmail.debug log and also the output from a
/usr/sbin/sendmail -version (surgemail-support@netwinsite.com)

 

Why do some messages appear multiple times in a users inbox?

There are several ways this can occur. Basically there is a known 'issue' with smtp where a timeout/failure during the 'data' stage after the 'dot' is sent by the sender, can result in the receiving system thinking it's got the message while the sending system thinks it failed to send it so retries.

Usually this occurs due to something slightly odd going on like a virus scanner interposed in the channel which is causing a multi minute delay while it accepts the message from one end but doesn't send it on to the other end.

So, first, you need to identify where the duplication occurred, in the surgemail logs find the message id in question and you will see if it was received multiple times or not.

Then go backwards to the source till you know where the duplication is occurring, then on both systems in question (the sender or mail client and receiving mail server) look for virus scanners and smart spam filters that might have caused an issue. And increase any timeouts you can see, in surgemail the timeouts you can increase are:

G_SEND_TIMEOUT
G_SMTP_CMD_TIMEOUT
G_SMTP_DATA_TIMEOUT

Now, the one most likely to help is the data timeout, but, it's a new one, you may need a special build to get that setting, let me know platform and we'll send a new build you can try which has that setting. With this type of fault I would set it up to about 20 minutes to see if it
fixes it, e.g.
g_smtp_data_timeout "1200"

Lastly, some email clients will download messages multiple times by mistake, this is unlikely to be the problem but worth keeping in mind, particularly if the setting to 'leave message on server' is ticked in the mail client. Again the msg*.rec file should make it clear if this is a likely explanation as it will only show one message
arriving.

AOL have blocked my server, what can I do?

AOL have some very strict policies regarding how much spam you can send them and your users can easily get your server blocked. The first thing to do is to go to http://postmaster.aol.com and open a feedback loop, this will let you know exactly how you are getting blacklisted, from there you should be able to kill the problem in SurgeMail. Often it is users that have setup redirection rules from their accounts to their AOL accounts.

You could prevent your users doing this with the following settings.

g_forward_illegal to="*@domain.com,*@domain2.com" apply="user"

will prevent users configuring forward rules to specified domains.

it will not prevent existing settings from working, if you want to find those try:

tellmail find_user domain fwd *@domain.com
tellmail find_user domain fwd *@domain2.com

SMTP session numbers growing, g_thread_max, g_smtp_max, g_pop_max limits

This problem has many causes, usually a broken virus scanner, or bad dns_host entry and orbs lookups causing a problem. If you just increase the limit without first understanding why the limit is being hit, you may well make the problem worse and hide the real cause of the problem while generating more obscure problems. So unless you really expect that many sessions for some reason first read through this section and check the relevant status info.

If there are lots of pop/imap sessions then it may be an authent problem or a disk IO problem.

In any case first look at advanced 'status' and examine the state of all the channels and how long they've been idle, if they are all in the same state then it's likely the name of the state will give you a clue as to what it's doing and what is mis configured.

If you are using a virus scanner other than avast, then we recommend you change to avast, the other free or third party scanners cause endless problems, they are fine for 'little' servers but when you are running a real server you should be seriously considering getting avast to avoid the headache's :-)

The other common problem is dns/spf lookups causing a problem to fix add this setting:

g_dns_lookup "true"

This is on by default in 3.7b and later builds.

If you are really getting hit by thousands of concurrent incoming email then first try reducing the timeouts:

G_SMTP_CMD_TIMEOUT "30"
G_SMTP_DATA_TIMEOUT "62"

If that still doesn't help increase the limits g_thread_max and g_smtp_max, but not beyond 900 and 800 respectively and start lower (e.g. 500,400

Read the next section 'only' if you've eliminated all issues above.

Increasing g_smtp_max and g_thread_max safely (too many files open)

Ok, first, read the above section, there is almost no chance you really need to increase these limits so chances are you need to fix the problems described in the above section, if you increase the limit without fixing the above problems then the problem will continue and it will be a lot harder to figure out the real cause.

To safely increase the limits do the following:

  • In surgemail_start.sh set ulimit -n 4096 (increased from 1024)
  • Upgrade to surgemail 3.8c-5 or later
  • Set limits, I suggest you still keep below 2000, g_smtp_max "1800" g_thread_max "2000" g_pop_max "1500"

 

NoSubmit errors on incoming email

This error may not mean a problem exists, it can occur normally when your system is probed. However it can also indicate a problem with the data stage. Basically it suggests 'something' is breaking the connection when the message body is being received.

Likely culprits are

Virus scanners (on your server, or on your gateway, or on the sending server) - Remove/uninstall these nasty things :-)

On windows it might be an MTU issue, Try "DrTCP" from dslreports (http://www.dslreports.com/drtcp) , decrease the MTU to 1024.

 

How do I move spam to a spam folder for all users

Ok, first, don't do this :-), in general this is a bad idea, if you have the surgemail spam settings correctly configured the users won't get spam so this won't be necessary, see https://netwinsite.com/surgemail/help/spam.htm

But, there are some situations where this is worth doing, lets say you have an external spam filter tagging the messages, then possibly this might be a good idea. Do it as follows.

In the web admin tool click on accounts, go to the bottom of the page, and then click on the 'filtering' button under 'Default user settings for this domain or global.

Add a rule to move messages into the folder you want if the header/tag exists, note you can add the 'if exists' check box so it will only do it if the user has created the specified folder.

Then you may wish to add an expire rule to expire the contents of this spam folder if it has messages more than 60 days old

(for each domain add)

expire_rule folder="Spam" age=60

How do I setup SurgeMail to be a backup server for a domain?

Let us use "mydomain.xx" as the example domain. You want to setup SurgeMail so that if the primary server that is hosting mydomain.xx goes down SurgeMail will accept mail for that domain and hold it until the primary server goes back online and then SurgeMail will deliver the mail to that server.

You need to make sure that you have a lower priority MX record for the domain pointing at your server to start with so that mail will be delivered to SurgeMail when the primary server is down. Then you just need to configure SurgeMail which is very easy.

You only need one setting.

g_gateway domain="mydomain.xx" to="ip of primary server"

The important thing is that you must NOT setup the domain on SurgeMail as otherwise SurgeMail will think that the domain is hosted locally and try and deliver the messages locally and they will of course fail as the users won't exist.

You can control the time period SurgeMail will hold these messages for the primary server before bouncing them with the
g_retry_rule setting, by default it will use the g_retry_limit setting which has a default of 48 hours, so SurgeMail will continue trying to send the messages to the the primary domain for 48 hours and then will bounce them.

In what order do the various parts of SurgeMail run? ( g_virus_cmd, g_virus_filter etc etc)

Here is a short list of some of the functions in SurgeMail listed in the order they are run. g_virus_cmd is run first.

g_virus_cmd
g_filter_pipe
aspam
mfilter
g_scan_cmd

To convert a PFX file to a PEM file, follow these steps on a Windows machine:

1. Download and install the Win32 OpenSSL package from http://gnuwin32.sourceforge.net/packages/openssl.htm.

2. Create a folder c:\certs and copy the file yourcert.pfx into the c:\certs folder

3. Open a command prompt and change into the GnuWin32\bin directory:

cd %ProgramFiles%\GnuWin32\bin


4. Type the following command to convert the PFX file to an unencrypted PEM file (all on one line):

openssl pkcs12 -in c:\certs\yourcert.pfx -out c:\certs\cag.pem -nodes


5. When prompted for the import password, enter the password you used when exporting the certificate to a PFX file. You should receive a message that says MAC verified OK.

Copy the resulting file to the surgemail certificate file surge_priv.pem

SurgeMail crashes on 64bit linux every minute - libgcc_s.so.1 must be installed for pthread_cancel to work

Install the 32bit GCC RPM then 32 bit binaries will run on your 64bit installation.

 

Setting up ATRN service for a client


Define the mx record for 'example.com' to point to your mail server.

In surgemail.ini define:

g_atrn_port 366
g_atrn_server domain="example.com" user="fred" pass="secret"
g_relay_to "example.com" (so that surgemail will store mail for that domain)
g_retry_rule domain="example.com" hours="200" (keep messages for several days)

And open port 366 on your firewall if necessary and restart surgemail.

Then the client who's domain is 'example.com' should configure his server to use atrn username "fred" password "secret" to fetch pending email on your server.

How can I stop local accounts being compromised and used for spamming?

Limits to prevent guessing passwords and abusing a local account to send spam:

g_recent_bypass "127.0.0.1" # bypass limits per ip address
g_bad_login_ip_ignore "127.0.0.1" # bypass limits for bad logins
G_BAD_LOGIN_ALLOW "10" # Number of bad logins before blocking user
G_BAD_LOGIN_IP_ALLOW # number of bad logins before blocking that ip address

# limit users from sending out bulk email...
g_user_send_max max="2000"
g_user_send_warning "500"
G_USER_SEND_IP "true"
G_USER_SEND_WHITE "127.0.0.1,other known mailling list servers"

You can also check for weak passwords used by your users with the following command (run in the shell or command prompt)

tellmail test_weak
to find the worst accounts/passwords.

How do I restrict who a group of users can email?

In certain situations you may want to limit certain groups of users to not be able to send / receive mail directly from the internet.
eg in schools or in company environments

This can be done using g_access_group with an appropriate g_user_send_rule and g_user_receive_rule.
eg. accounts in the "local" group can only send to / receive from other mydomain.com accounts:

g_access_group group="local" access_pop="*" access_imap="*" access_smtp="*" access_incoming="*"
g_user_receive_rule group="local" from="*@mydomain.com"
g_user_send_rule group="local" to="*@mydomain.com"

Bounce blacklisting due to responders friends etc ironport filtering or spamcop

Some RBL systems (like spamcop) blacklist servers for sending bounces. One could argue if this was valid or not, but they do it, and so we must cope with it

In general surgemail doesn't send many bounces compared to most servers but if you find your are being blacklisted due to this issue then consider using these settings:

1) Turn on the default recommended spam settings using the 'config' checker in the web admin tool

2) Set

	 g_spam_block "true"

3) If you have a front end mail server, or low priority mx hosts, then remove them, so mail goes directly to surgemail if possible.

4) If problems still persist then set

	 g_friends_check_spf "true"
	 g_responder_safer "true"

5) If problems still persist, panic :-)

 

554 Failure tcp_read_dot

 

These errors indicate a fault external to surgemail, usually virus/spam scanner
on the sending users pc is the problem. But let us know if you can't find the
fault. Other potential causes include faulty network cards or random network failures. Or a corrupt email message and faulty sending email server.

 

You can identify more about the problem by testing as follows:

 

  • Get the problem sender to send with a different email client, and to send different sized messages with different contents.
  • Get the problem sender to send the identical message/attachment via another email service (e.g. gmail)
  • You can turn on extra logging at your end using g_log_tcp_read "their.ip.address", this will give a detailed log of what your server received before the connection closed. (see tcp.log)

554 Failure tcp_read_dot

This message means surgmeail never got a 'data' command from the sending server. So the sending server never actually tried to send an email message, this is most common if all the recipients are rejected, or if a virus or spam filter at the sending users pc rejects the message before it can be sent. It also happens when the sending mail server/client is just trying to find out if the recipient is valid.

It has been seen once with "Symantec AntiVirus 10.0.0.359 running the Internet E-mail Auto Protect. Disable the feature."

Finding a lost/deleted message

To find lost items find the uid of the missing item.
Then search the msg*.rec logs to see what ip address deleted it and when.
 
Here is an example, showing delivery, burst, and delete. The uid is assigned during the 'burst' stage... but the 'time' of delivery 1409243025
is also useful for tracking the message.
 
28 11:23:45.00 [101706748] Stored 198.11.224.13 <srikan@v2xk.in> <surgemail-support@netwinsite.com> 48011 <012601cfc2d$@v2k.in> "[198.11.224.13-static.com] Stored locally /home/.../surgemail-support/mdir/new/1409243025.31147_14202.netwin.netwinsite.co" 
28 15:06:53[0] burst 127.0.0.1 . <surgemail-support@netwin.co.nz> 0 . "burst 1409243025.31147_14202.netwin.netwinsite.co --> u122443~2,(0,48764)[1409243025]" 
28 16:36:48[0] del 122.61.185.36 . <surgemail-support@netwin.co.nz> 48764 . "u122443~2,DS(0,48764)[1409243025](ip=122.61.185.36)" 

 
Then you have the ip address of the culprit in theory.