Cu hnh My ch Mail nng cao

Bi bo trnh by nhng ty chn cu hnh my ch Mail (mail server) nng cao trong cc
HH h Windows Server 2003. Cc ty chn ny bao gm vic cu hnh nhiu my ch
mail s dng mt ni lu gi mail n hay mt ni lu gi mail t xa, cu hnh e-mail
b danh v thay i thng ip li cho.
Gii thiu
Trn mt mail-server Windows Server 2003, bn c th cu hnh mt s cc ty chn nng cao.
Cc ty chn ny bao gm vic cu hnh nhiu mail-server s dng mt ni lu gi mail n
hay mt ni lu gi mail t xa, cu hnh e-mail b danh (aliasing) v ty bin thng bo li cho
(greeting message).
Bi bo cung cp nhng hng dn c th bn c th cu hnh cc ty chn nng cao ny
nh th no. Chng ti khuyn co rng bn nn xem li phn tr gip E-mail Services Help
trc khi c bi bo ny. truy nhp vo vo E-mail Services Help' (tr gip cc dch v Email), nhn Start, nhn Help and Support, nhn Internet and E-mail Services v cui cng
nhn E-mail services.
Kch bn 1: Cu hnh nhiu mail-server s dng mt ni lu gi mail n hay mt ni
lu gi mail t xa
Trong mt cu hnh mail-server chun, mi mail-server c mt ni lu gi mail cc b tng
ng. Mc d vy, bn c th cu hnh nhiu mail-server s dng mt ni lu gi mail n hay
mt ni lu gi mail t xa. Li th ca vic s dng nhiu mail-server l ch thm s d tha
vo vic trin khai ca bn v cho php mng ca bn x l c nhiu lu lng hn. Li th
ca vic s dng mt ni lu gi t xa l bn c th sau s dng mt thit b lu gi file
chuyn dng nh mt thit b NAS (network-attached storage).
Quan trng: thc hin th tc tip sau, bn phi ang s dng mt Active Directory integrated
authentication (chng thc tch hp Active Directory) hoc encrypted password file authentication
(chng thc file mt khu c m ha). Mail-server phi trong cng mt domain Active
Directory nh my tnh m trn ni lu gi mail c cu hnh.
cu hnh nhiu mail-server c th s dng mt ni lu gi mail n hay ni lu gi mail t
xa:
+ Theo ch dn tr gip ca Windows Server 2003 ci t cc dch v E-mail trn mi my
tnh m bn mun s dng nh l mt mail-server. Nhng ch dn ny c cung cp trong mc
tr gip To install e-mail services. xem mc ny, nhn Start, v sau nhn Help and
Support. Nhn Internet and E-mail Services, nhn E-mail services v sau nhn POP3
service. Nhn How To, Set Up the POP3 Service v sau nhn Install e-mail services.
+ Trn mi mail-server, chn Active Directory integrated authentication hoc encrypted
password file authentication. Cc ch dn cho th tc ny c cung cp trong mc tr gip Set
the authentication method. xem mc ny, nhn Start sau nhn Help and Support. Nhn
Internet and E-mail Services, nhn E-mail services v sau nhn POP3 service. Nhn How
To, nhn Set Up the POP3 Service v sau nhn Set the authentication method.
+ Lm bt c cc thay i b sung no cho cu hnh ca cc mail-server ring l nh thit lp
mc ng k (logging level) hay cng (port), hay cu hnh SPA (secure password authentication).
+ Lm theo nhng ch dn trong tr gip ca Windows Server 2003 cu hnh mt th mc hay
a nh mt folder dng chung lm ni lu gi mail. Nhng ch dn ny c cung cp

trong mc tr gip "Share a folder or drive". xem mc ny, nhn Start v sau nhn Help
and Support. Nhn Disks and Data, nhn Managing Files and Folders, Shared Folders, How
To, Share a folder or drive.
+ Ph thuc vo vic bn ang s dng encrypted password file authentication (chng thc tp
tin mt khu c m ha) hay Active Directory integrated authentication (chng thc c tch
hp Active Directory), lm mt trong cc bc sau:
* Nu bn ang s dng encrypted password file authentication, bn phi dng cng GUID
(globally unique identifier) trn mi mail-server. lm nh vy, chn mt mail-server, nhn din
GUID ca n v sau cu hnh tt c cc mail-server khc s dng chung GUID ny. GUID
c nh v ti: HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\pop3service\auth\authguid.
GUID c hin th trong ct Data. Hoc nu bn nhn p vo kha (key) authguid, GUID hin
th trong ct Value data.
thay i GUID:
- Nhn Start, nhn Run v sau g: regedit
- Vo HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\pop3service\auth\ authguid
- Nhn p v kha authguid v sau , trong Value data g : GUID
- Sau vic sa i ang k (registry), bn phi khi ng li dch v POP3. Nhn Start, nhn
Run, g cmd v sau nhn OK.
- Ti du nhc dng lnh, g: net stop pop3svc
- Sau khi dch v dng, ti du nhc dng lnh, g : net start pop3svc
* Nu bn ang s dng Active Directory integrated authentication, bn phi ch replication
(bn sao) ca Active Directory xut hin, nh vy tt c cc mail-server c th truy nhp vo ni
lu gi mail mi. Thi gian replication thay i, ph thuc vo s lng cc domain controller
trong vic trin khai ca bn. Thng tin chi tit v Active Directory replication, xem trong mc tr
gip ca Windows Server 2003 Replication overview. xem mc ny, nhn Start v sau
nhn Help and Support. Nhn Active Directory, nhn Concepts, nhn Understanding Active
Directory, nhn Understanding Sites and Replication v sau nhn Replication overview.
+ Lm theo nhng ch dn tr gip trong Windows Server 2003 cu hnh mi mail-server mt
ni lu gi mail v s dng ni lu gi mi m bn to. Nu bn to ra mt th mc chia
x t xa nh mail root, ng dn s l nh sau: \\path\share. xem mc tr gip cho th tc
ny, nhn Start v sau nhn Help and Support, Internet and E-mail Services, E-mail
services, POP3 service, How To, Set Up the POP3 Service, Set the mail store.
+ Sau khi thit lp ni lu gi mail, bn phi khi ng li dch v POP3. Nhn Start, Run, g
cmd v sau nhn OK.
+ Ti du nhc dng lnh, g: net stop pop3svc
+ Sau khi dch v dng, ti du nhc dng lnh, g: net start pop3svc
t bo mt (security) v v s cho php (permissions) cho ni lu gi mail :
1. Trn my tnh m ti ni lu gi mail c cu hnh, chy Windows Explorer.

[item]Nhn chut phi trn th mc hay a chia x m bn mun s dng nh mt ni

lu gi mail v sau nhn Sharing and Security. Kim tra li xem Share this folder
c chn.
[item]Trn tab Sharing, nhn Permissions, nhn Everyone v sau nhn Remove.
[item]Nhn Add, nhn Object Types, chn Computers v sau nhn OK.
[item]Trong Select Users, Computers, or Groups g: Domain Admins; Network Service;
System; v cc tn ca tt c mail-server trong s trin khai ca bn, mi tn cch nhau
bi mt du chm phy (;) v sau nhn OK.
[item]Nhn Domain Admins v sau nhn Full Control.
[item]Lp li bc trc cho Network Service, System v mi ti khon mail-server v
sau nhn OK.
[item]Trn tab Security, thc hin li cc bc t 4-7.
[item]Trn tab Security, nhn Advanced.
[item]Kim tra li ty chn Allow inheritable permissions from the parent to
propagate to this object and all child objects. Include these with entries explicitly
defined here c chn.
[item]Chn Replace permission entries on all child objects with entries shown here
that apply to child objects, OK, Yes khi c du nhc v sau nhn OK.
[item]To cc domain e-mail v cc mailbox.
xem mc tr gip ca cc th tc ny, nhn Start v sau nhn Help and
Support, Internet and E-mail Services, E-mail services, POP3 service, How To v
thc hin mt trong cc bc sau :
* xem mc tr gip to ra cc domain e-mail, nhn Manage Domains v sau
nhn Create a domain.
* xem mc tr gip to ra cc mailbox, nhn Manage Mailboxes v sau nhn
Create a mailbox.
Ch :
Son tho khng ng registry c th lm hng h thng ca bn. Trc khi thay i
registry, bn nn sao lu li bt k d liu c gi tr no trn my tnh.
Quan trng: Nu bn thay i bt c cc thuc tnh server dch v POP3 nh cng (port)
hay mc ng k (logging level), t bt c cc mail-server no trong s trin khai ca
bn, cc DACL (discretionary access control list) trong ni lu gi s c t cc gi tr
mc nh. Bn phi reset cc DACL trong ni lu gi mail nh c m t trc ,
trong th tc To set mail store security and permissions.
Ch : - Nu bn c nhiu hn mt mail-server trong s trin khai ca bn, bn phi
thc hin li th tc thch hp to ra mt domain e-mail trn mi mail-server i hi

truy nhp vo domain e-mail ny. Nu bn ang xo mt domain e-mail, bn phi thc
hin li th tc thch hp trn mi my tnh trong s trin khai ca bn. Thng tin thm
to ra v xo cc domain, xem cc mc tr gip tng ng trong Manage Domains.
xem tr gip, nhn Start v sau nhn Help and Support, Internet and E-mail
Services, E-mail services, POP3 service, How To, Manage Domains.
- Bn phi ch Active Directory replication xut hin trc khi cc ti khon ngi dng
dch v POP3 c sn trong Active Directory. Mc d bn c th to ra cc mailbox t
bt c cc server no, replication phi c xut hin gia cc domain-controller trc
khi cc phn kch thc mailbox c th hot ng hay cc ti khon ngi dng POP3
c th ng nhP (log on) vo domain Active Directory.
- Khi bn cho php cc quota (phn tham gia ca a). Cc quota c hiu lc ch trn
my tnh c cu hnh vi ni lu gi mail. Nu bn c mt tp cc quota-limit trn cc
mail-server khc trong Active Directory domain, bn phi to chng li trong ni lu gi
mail.
- Nu bn ang s dng encrypted password file authentication (chng thc tp tin mt
khu c m ho), cc quota s c hiu lc chng li cc ti khon my tnh cho
php ghi (write) vo ni lu gi mail. Qu trnh tip tc cho n khi bn cu hnh mt
quota cho mi ti khon mailbox. Thng tin chi tit hn v to cc quota cho cc ti
khon e-mail, xem mc tr gip trong Windows Server 2003 Configuring disk quotas for
the POP3 service. xem mc ny, nhn Start v sau nhn Help and Support. Nhn
Internet and E-mail Services, E-mail services, POP3 service, Concepts, Using the
POP3 service, Configuring disk quotas for the POP3 service.
- Bn khng th sa i mt quota cho n khi ti khon lin quan ghi ln u tin
vo ni lu gi mail
- Khi bn to mt domain e-mail mi, mail-server u tin m trn bn thc hin th
tc ny b sung thm domain e-mail mi vo my ch SMTP (Simple Mail Transfer
Protocol) cc b v to ra th mc lu gi mail cho domain e-mail. Bn phi lp li qu
trnh ny cho cc my ch mail khc trong s trin khai ca bn truy cp vo domain
e-mail mi. Mc d vy, ch c domain SMTP s c b sung vo my ch m trn
bn ang thc hin th tc ny. Nguyn nhn l do th mc lu gi mail cho domain email ang tn ti.
- Khi bn xo mt domain e-mail, my ch mail u tin trn bn ang ang thc hin
thao tc ny g b domain SMTP cc b ca n v th mc lu gi mail ca domain email. Bn phi g b entry ca domain SMTP t tt c ca cc my ch mail khc trong
s trin khai ca bn. lm iu , hy lp li qu trnh ny qua vic thc hin thao
tc xo ti du nhc dng lnh ca mi my ch mail trong s trin khai ca bn.
thc hin thao tc ny ti du nhc dng lnh g : winpop delete domain
- Mt s tu chn phi c cu hnh trn mi my ch mail trong s trin khai ca bn.
Cc tu chn ny bao gm: thit lp ni lu gi mail, thit lp mc ng nhp (logging
level), thit lp SPA (Secure Password Authentication) v thit lp phng php chng
thc. Cc thao tc khc nh to v xo cc mailbox c th c thc hin trn bt c
mail-server no trong s trin khai ca bn do cc thao tc ny tc ng ti ton b
domain e-mail.
- Thng tin thm v thit lp cc permission (s cho php) trn mt ti nguyn dng
chung, xem mc tr gip trong Windows Server 2003 c tn "Set permissions on a
shared resource. xem mc ny, nhn Start v sau nhn Help and

Support, Disks and Data, Managing Files and Folders, Shared Folders, How To, Set
permissions on a shared resource.
- Thng tin chi tit v thit lp permissions trn mt folder xem mc tr gip trong
Windows Server 2003 c tn "To set, view, change, or remove permissions on files and
folders. xem mc ny, nhn Start v sau nhn Help and
Support, Security, Access Control, How To, Set, View, Change, or Remove
Permissions on an Object, Set, view, change, or remove permissions on files and
folders.
Kch bn 2: Cu hnh E-Mail Aliasing
Bn c th s dng aliasing cu hnh mt a ch e-mail v nh vy tt c e-mail
c gi n n c nh tuyn n mt a ch e-mail khc. Chng hn, tt c e-mail
c gi n postmaster@example.com s c nh tuyn n a ch e-mail
someone@example.com.
Vi aliasing, bn c th bo ton cc a ch e-mail khc nhau cho s s dng cng
cng v c nhn, cc ti khon ngi dng mng v danh (obscure), nh tuyn e-mail
qua nhiu domain e-mail v to cc a ch e-mail n gin v ph hp tng tc vi
khch hng. iu lm gim s l liu ca ca cc a ch e-mail trong (internal). Vic
lm gim s l liu ny c th tr thnh mi li v an ninh.
Aliasing hot ng bi vic to ra mt lin kt "cng" (hard) gia folder ca mailbox ti
khon e-mail b danh (alias) v mt hay nhiu folder mailbox ti khon e-mail khc. Mt
lin kt "cng" to ra mt tn mi v khc cho tp tin tn ti v ng dn th mc. N
khng to ra mt bn sao lu ca tp tin hoc th mc hoc thay i ni dung ca tp tin
hay th mc. to ra mt b danh (alias), bn to mt lin kt "cng" gia ti khon email b danh v ti khon e-mail m bn mun nh tuyn cc e-mail ti v cng c
bit nh l mt ti khon e-mail ch (target e-mail account). Vic to mt lin kt "cng"
(hard link) lm thay i th mc lu gi mail ca ti khon e-mail b danh n ng
dn ca th mc lu gi mail ca ti khon e-mail ch. Kt qu l, bt k e-mail no
c gi ti ti khon e-mail b danh u c nh tuyn n ti khon e-mail ch.
thc hin aliasing, bn phi s dng cng c linkd.exe c sn trong Windows 2000
Resource Kit v Windows Server 2003 Resource Kit.
Sau khi bn ti xung cng c ny, bn phi to ra mt th mc mi trong ni lu gi
mail ca ti khon b danh. Bn s dng cng c linkd.exe to ra mt lin kt "cng"
gia th mc lu gi mail ca ti khon b danh v ti khon ch.
y khng tn ti ti khon ngi dng lin quan vi ti khon e-mail b danh. Nu
bn ang s dng chng thc tch hp Active Directory hay chng thc cc ti khon
Windows cc b, bn khng th ly ra e-mail khi s dng cc u quyn b danh. Nu bn
ang s dng chng thc tp tin mt khu c m ho, mc d vy, bn c th ly ra
e-mail khi s dng tn ti khon e-mail b danh hoc tn ti khon ch. L do y l
mt khu c dng chung cho c hai mailbox.
to mt e-mail b danh, bn thc hin theo cc bc sau:
+ Nhn Start, nhn Run v sau g: cmd
+ Ti du nhc dng lnh, g: mkdir mailroot\domain\p3_aliasAccount.mbx
+ Vo th mc c cha tp tin linkd.exe.
+ Ti du nhc dng lnh, g: linkd
mailroot\domain\p3_aliasAccount.mbxmailroot\domain\p3_target Account.mbx

Quan trng :
Tn th mc m bn to cho ti khon b danh khng c xung t vi cc tn th mc ang
tn ti. N phi tun theo mt s quy tc t tn cho mailbox c ch ra trong bng di y.
Phng php chng thc

Cc k t ngn cm

Active Directory integrated authentication

@()/\[]:;,"<>*=|?+

Local Windows accounts authentication

@()/\[]:;,"<>*=|?+

Encrypted password file authentication

@()/\[]:;,"<>*=|?

Ch :
- E-mail m c gi n c hai tn ti khon b danh v tn ti khon ch sn sinh ra nhiu
bn sao lu ca cng e-mail trong mailbox ti khon ch.
- Vic thc hin nhng thao tc qun tr (nh kho hay xo mt mailbox) trn mailbox b danh
hay domain ti b danh tn ti cng nh hng ti mailbox ch. Chng hn, nu bn kho
mailbox b danh, mailbox ch cng s b kho.
- Nu bn mun xo mt domain c cha mt mailbox m mt b danh tr vo n, hoc mt
mailbox m mt b danh tr ti, trc ht bn phi xo mailbox b danh i.
Kch bn 3: Thay i Greeting Message
Trong khi dch v POP3 chp nhn mt kt ni n, n tr li bi vic gi thng bo sau y:
Microsoft Windows POP3 Service Version 1.0. Thng bo ny nhn din cu hnh my ch v
cung cp thng tin c th b li dng bi tin tc. Bn c th tu bin thng bo ny che y
vic truyn ca bt k thng tin no v cu hnh my ch. Thng ip li cho c gii hn l 259
k t. Mc d vy, vic che y thng tin truyn khng phi l mt cch hiu qu. N phi c
lm tng thm vi mt s thc t an ninh b sung nh nhng th c m t trong cc mc tr
gip dch v POP3 c tn "Best practices". xem mc tr gip ny, nhn Start v sau nhn
Help and Support. Nhn Internet and E-mail Services, E-mail services, POP3 service, Best
practices.
tu bin thng bo li cho POP3, bn phi to mt kho chui REG_SZ trong Windows
Server 2003 registry. Sau bn c th gn mt gi tr chui tu bin vo kho m n s c
s dng nh mt thng ip li cho.
thay i thng ip li cho :

1. Nhn Start, nhn Run v sau g: regedit

[item]Vo HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Pop3 Service
[item]Nhn Edit menu, nhn New v sau nhn String Value.
[item] t tn gi tr chui mi, trong ct "name", g Greeting.

[item]Trong chi tit, nhn chut phi vo Greeting v sau nhn Modify.
[item]Trong Value Data, g thng bo li cho mi v sau nhn OK.
[item]Bn phi dng v sau khi ng li dch v POP3 cho thng bo li cho c
hiu lc.
Cnh bo :
Son tho khng ng trong registry c th l hng h thng ca bn. Trc khi thay i registry,
bn nn sao lu bt c d liu gi tr no trn my tnh.
Ch :
Thng ip mc nh s c s dng nu thng ip li cho tu bin ln hn 259 k t hay
nu n c cha bt c cc k t khng hp l no. Cc k t khng hp l bao gm tt c cc
k t ASCII khng th in c v cc du ngoc nhn (< v >).
Chc cc bn thnh cng !