Part time postmaster

Introduction

This article is aimed at those people who are implementing an e-mail system for their network as part of their other duties, or who have inherited an e-mail system as part of taking a new job or whatever. I hope to outline some of the things you need to consider when designing, building and maintaining an e-mail system, in particular one that connects to the Internet. I assume that the reader will have at least some knowledge of basic computer networking terms and skills. If you meet these requirements (responsible for an e-mail system, at least a basic technical knowledge of networking) you are probably your organisation's postmaster, especially if no one else is.

I intend to keep precise technical details of configuring certain products out of this article and stick to things that will be helpful to everyone regardless of what e-mail server software you use, and regardless of what platform you run it on. If you are looking for hot tips on how to configure your version of Sendmail or Exchange then keep looking, but if you are interested in some of the reasons why you need to configure them at all then keep reading.

Standards (or "How I learnt to stop moaning and read the RFCs")

One of the most important lessons you need to learn as a postmaster is that things are done a certain way on the Internet for a reason, that some people who run other sites your users expect to exchange e-mail with have certain expectations about what services your e-mail system will offer, how it offers them, and how your system will attempt to talk to their system. If you fail to meet these requirements you or your users will be unable to talk to some people on the Internet at all, and you or your users will have difficulty talking to many more others. If your system poses a security or reliability threat to other systems people will complain to you, and worse still, to your Internet Service Provider. If these complaints are serious enough your ISP will probably cut your e-mail system's Internet access off. You don't have to like the reasons; you don't have to understand them, though you probably should try; and you don't have to follow them if you really don't want to. But if you break "the rules" you should understand that some other e-mail systems on the Internet will simply refuse to talk with you.

All of the most important standards for e-mail (and other aspects of Internet life) are outlined in documents called RFCs or Requests for Comments, which are outlines of how something should work on the Internet - these documents allow many different software companies to write software that is "RFC compliant" and be sure that their software will work together. Networks that use MS Exchange server for e-mail can swap messages with networks that use Sendmail because both are RFC compliant.

There are several different RFCs that pertain to e-mail, and I am not going to suggest that you read them all, because you'd just ignore me, but you should be aware that they exist, that they are important, and that ignoring or breaking rules outlined in RFCs is a valid reason for other networks to refuse to exchange e-mail messages with you. I don't suggest sitting down and reading them like a book, because they are dull, and you'd get very little from it while you are just beginning, but you should be aware that these documents exist and are used as reference guides to describe how e-mail systems should work, and how they should ideally be administered.

Running a e-mail system

First of all you should ensure that your e-mail system is setup correctly. This means it should be secure - that is to say it should not allow spammers to use it to relay e-mail to others, and it should be setup in whatever way your organisation feels is appropriate for handling it's e-mail business.

Next it should have an administrator who must be contactable at the address 'postmaster@domain.com', and it needs to have an entry pointing to it in the DNS records for your domain. Your DNS needs to have a Mail Exchange record (aka MX record) for your domain that points to the IP address of your mail server in order that other e-mail servers can find it to deliver e-mail. This is the minimum you need in order to exchange e-mail with other organisations on the Internet.

Your postmaster

An e-mail server should have a postmaster. This is required in the RFCs I mentioned earlier. Postmaster is a standard administrative address that others on the Internet can use to send notices, complaints, and queries regarding e-mail to and from your domain. It is important that you setup a postmaster@yourdomain.com address and that you monitor it, checking at least once a day. You should also have an abuse@yourdomain.com address, and you may need others depending on what services you are offering. For a small organisation running it's own email I tend to point both to the same mailbox in the expectation that the same person will read both, but that may not always be the case on larger systems.

• Make sure this address is kept separate from others, so that checking it for new mail can be a job that is shared between several people.
• Make sure this address is checked often. "Often" varies depending on the volume of mail you process, but should be at least once every working day.
• It is acceptable to issue an automated response to mail sent to the postmaster account, to say that you have received the email, but you should ensure that a proper "human" response is also issued as soon as is possible. It is not generally permissible to refuse mail unilaterally and ask people to direct mail elsewhere.
• If someone is sending e-mail to your postmaster account then they probably either need help contacting someone at your organisation, or they have a complaint. How would you treat a telephone caller who wanted to make contact with someone at your organisation? How would you treat someone who wished to make a complaint? Answer that, and you already know how to treat someone sending email here.

If you do not have a postmaster address or you do not monitor it you may miss some important messages. Missing these messages may result in some places refusing to exchange e-mail with you. One important thing to mention is that the postmaster address does need to be postmaster@yourdomain.com - expecting people to work out that you want them to use "admin@" or "postperson@" or whatever cute name you picked is not good enough.

Your postmaster should respond to e-mail queries in a timely fashion. It is common for people to e-mail the postmaster account at a site if they know someone works there but are unsure of their e-mail address so your postmaster should be prepared and equipped to help mail get to the correct destination. The Postmaster should also be able to exercise discretion, which means being careful what information they give to outsiders, and able to keep quiet about the contents of emails they see that are addressed to others.

As far as internal privacy issues go, I would suggest that what you actually decide to do is up to you and your organisation (local laws permitting) but you should get a policy written down and ensure that your postmasters follow this policy; laws change from area to area but one thing that seems to remain consistent when considering employee and customer rights is that you should always be consistent and treat everyone the same. That should take care of any privacy issues before they become a problem. You should probably ask your organisation's legal team to help with that.

DNS

Domain name servers, or DNS servers, are the address books of the Internet. Network devices on the Internet. refer to each other by a numeric IP address, such as 192.168.0.2, whereas we humans like to use names, such as www.microsoft.com. DNS servers simply serve as translators between the actual numeric address of a system on the Internet. and a name that we can remember. If you wish to send e-mail to others you need to allow your e-mail system to have access to a DNS server to assist it with translating an e-mail address into an IP address that your e-mail server can locate to deliver your mail to.

If you wish to receive mail then you need DNS records for your domain and they need to include MX records (short for Mail eXchange) to tell other mail servers on the Internet. where to deliver mail that is addressed to your domain. If this talk of DNS servers, IP addresses, and translations makes you feel confused, I very strongly suggest you ask your Internet. service provider if they can provide DNS services for you. If you fancy having a go yourself, or if you want more information about DNS servers in general, you will find the articles about DNS servers in the tech section at www.ezine.com to be very helpful.

Helpful hints

• Take the time to secure your e-mail system correctly before "going live".
• Remember that if it is hijacked by spammers you may find people will refuse to swap e-mail with you.
• And it is a lot easier to get onto a blacklist of hijacked or badly behaved systems than it is to get off.
• Also remember that a badly configured e-mail server is a possible route hackers could use to attack the rest of your network.
• Layout an e-mail acceptable use policy that agrees what your users can and can not do on your e-mail system. As a minimum this should stay within the rules that your ISP expects you to follow, and should also include any corporate standards for communication outside the company.
• This e-mail AUP should set down what the organisation expects from it's users, what the users can expect in return, and should be used by your postmaster as a guide on how to manage problems, complaints, etc that arise from e-mail your users have sent or received.

Top