Litech Mail Client Setup

Any user with a Litech account can receive mail at the address "<user>@litech.org" and can send mail messages using marduk as an SMTP relay server. Mail can be read either locally with Pine on marduk, or using a standard IMAP4rev1 client such as Netscape Communicator or Microsoft Outlook Express. Soon a web-based method of reading and sending mail will be available as well. We allow server-side mail filtering too.

This document describes how to configure and use several IMAP clients for use with Litech mail servers. If you need further information or your client is behaving oddly, you'll probably want to visit the Courier IMAP site and particularly the IMAP compatibility and configuration guide.

Basic Service Information

If you're not interested in how mail is stored and the security requirements of the server, you can skip this section.

All mail files are stored in Maildir format, which stores one message per file. Each user keeps their mail in the Maildir folder in their home directory, and Exim delivers new mail directly into the Maildir/new folder. The IMAP daemon will look for new messages in this folder and will move them into the Maildir/cur directory before notifying the user that new mail has arrived. The program /usr/local/bin/cknewmail tests whether you have new mail waiting. It gets run on login, which is what prints the "You have new mail" message after the MOTD.

Access to use the SMTP server for sending mail must be authenticated using SMTP "PLAIN" authentication. This is supported by most mail clients. Use your Litech account username and password to authenticate.

Since both the IMAP and SMTP protocols send the authentication information in cleartext, you must encrypt your connection using SSL. This is also supported by most mail clients. Unfortunately, there are two different ways that clients have implemented SSL. The old way, still in use by Microsoft Outlook and some others, is to have an SSL-capable server running on a special port that initiates the SSL protocol immediately on connect. The new way, not yet officially recognized but in use by Netscape Communicator, is to integrate the SSL and non-SSL services on the same port and then only to start SSL when the client issues the STARTTLS command. We support both methods for both IMAP and SMTP.

ServiceSSL methodPort number
IMAP on-connect 993
IMAP STARTTLS 143
SMTP on-connect 465
SMTP STARTTLS 25

In order to enforce the use of SSL for authenticated connections, you will not be able to log in with either SMTP or IMAP unless you are using SSL. Without SSL, the IMAP server will advertise the "LOGINDISABLED" capability and the SMTP server will not advertise the "AUTH" capability.

Our SSL certificate (for mail.litech.org) is self-signed and will cause most clients to complain. Check the Litech SSL information page for details.

Pine

Pine on marduk has been configured system-wide to access mail by executing the IMAP daemon locally and using IMAP to manipulate your mailbox. Fortunately, an SSH connection is used with host-based authentication, so you don't need to enter your password again when you run Pine.

If you want to use Pine on a different server to access your Litech mailbox, you're on your own. Take a look at the system-wide configuration on marduk (/etc/pine.conf) and copy the relevant parts to your ~/.pinerc file. Looking at the Courier IMAP site (linked at the top of the page) will probably also help.

Netscape Messenger

Netscape Communicator has supported IMAP4rev1 in its Messenger mail client since Communicator v4.0. However, we recommend that you use Communicator v4.5 or later because of bugs in the IMAP implementation in earlier versions.

You will probably want to read the Litech SSL information page before proceeding.

  1. Go to the "Edit" menu and select "Preferences". Find "Mail Servers" under "Mail & Newsgroups" in the list on the left.
  2. First, enter the "Outgoing Mail Server" options. In the "Outgoing mail (SMTP) server" field, enter mail.litech.org and put your Litech username into the "Outgoing mail server user name" field. Then click the "Always" radio button under "Use Secure Socket Layer". Do not forget the "Always" selection. You will get weird errors about forbidden relays if you forget it.
  3. Next you need to enter the Litech mail server as an Incoming Mail Server. Next to the "Incoming Mail Servers" list, click the "Add" button. A new window will come up. In the "Server Name" field, enter mail.litech.org (without the trailing number from the outgoing mail configuration). For server type, chose "IMAP Server". Enter your Litech username into the "User Name" field. To prevent people from stealing your password off of your computer, do not click the "remember password" checkbox! If you like, you may click the "Check for mail" box to have Netscape automatically check for new mail every so often.
  4. Now click on the "IMAP" tab at the top of the window. New options will appear. Click the "Use secure connection (SSL)" box to enable SSL. (If you don't enable SSL, you won't be able to log in.) Then choose the "Move it to the Trash folder" option. You may see some strange behavior with deleted messages if you use either of the other two options. If you like, you can click the "Empty Trash on exit" checkbox which will cause the contents of your Trash folder to be deleted at the end of each session. Otherwise, messages older than 14 days will be automatically removed from the Trash folder by the server.
  5. Finally, click on the "Advanced" tab. In this menu, leave "IMAP server directory" blank, uncheck the "Show only subscribed folders" checkbox, and check the "Server supports folders that contain sub-folders and messages" checkbox. Then make sure the "Allow server to override these namespaces" checkbox is checked, and click "OK" to the two preferences windows. You're done!

Netscape Messenger has worked really well so far with the IMAP server. However, it lists all of your folders as sub-folders of your INBOX. I'm not sure why (since it supports the IMAP NAMESPACE extension), but it's not that hard to deal with.

Microsoft Outlook Express

You will probably want to read the Litech SSL information page before proceeding.

  1. Go to the "Tools" menu and select "Accounts...". Click the "Add" button, select "Mail..." from the menu, and the Internet Connection Wizard will pop up.
  2. Type your name, hit "Next", click "I already have an email address", type your address (user@litech.org), and hit "Next". Under "My incoming mail server is a...", choose IMAP from the list, and type mail.litech.org into both server text fields. Click "Next". Put your Litech username into the "Account name" field, and UNCHECK the "Remember password" box. Saving your password is insecure since it saves your password in cleartext on your local hard drive. Make sure "Log on using SPA" is unchecked, and click "Next". On the next screen, click "Finish".
  3. Now you should be back at the "Internet Accounts" window. Find "mail.litech.org" in the list and click on it. Then hit the "Properties" button to bring up a new window.
  4. First click on the "Servers" tab at the top of the window. Check the "My server requires authentication" box. Then click the "Advanced" tab, and check BOTH of the "This server requires a secure connection" boxes. The "Outgoing mail (SMTP)" port number should be 25, and the "Incoming mail (IMAP)" port number should be 993. Now click the "IMAP" tab and enter INBOX as the "Root folder path".
  5. Click "OK", then click "Close". Outlook will ask you if you want to download a folder list, and you should answer "No".

Last modified 12-1-2000 by lutchann.