DAWKCoTM Web-based POP3 Domains Admin Utility Setup Help
[System Requirements] [Synchronization]
[Security] [Admin Usage]
- System Requirements -- the DAWKCo Web-based POP3 Utilities are ISAPI components designed for use with the Windows IIS (Internet Information Services) World Wide Web (WWW) Publishing Service and the DAWKCo POP3 Services Small Business Version. Thus, the DAWKCo Web-based POP3 Utilities require the following:
- x86 compatible processor(s), such as: Pentium, Xeon, Duo, Athlon, etc.
- Windows® operating system (2000/XP or later)
- Network interface (or equivalent) with TCP/IP protocol driver
- Fixed disk with NTFS file system format
- IIS (Internet Information Services) version 5 or later with the World Wide Web (WWW) Publishing Service enabled
- DAWKCoTM POP3 Services Small Business Version (4 or later)
The web pages output from the DAWKCo Web-based POP3 Utilities should work well with any Internet Standards based web browser that conforms to the following W3C (World-Wide Web Consortium) standards:
- HTML (Hyper-Text Markup Language) version 4 or later
- CSS (Cascading Style Sheets) version 2 or later
That includes current web browser versions from Microsoft®, Netscape®, Mozilla and Qualcomm®, and online services such as AOL®, CompuServe®, MSN®, Prodigy® and most others.
Password Inputs Note: with some web browsers, including Netscape Navigator v6, you cannot "copy & paste" password values into web form password inputs. If you do, invalid input will be generated and the password will not be accepted. Therefore, if you are using such a browser, you must type out your password entries.
- POP3 Synchronization -- full synchronization between the DAWKCo POP3 Server Service, the MailDaemon e-Mail Routing Service, the SMTP Rules Component, the POP3 Admin API, the Web-based POP3 Utilities, and the POP3 Server Admin program, is provided by the software. See the DAWKCo POP3 Server Admin Help topic titled Synchronization of POP3 Services for a complete discussion of the synchronization methods used. In most cases, the default synchronization time-out value of sixty (60) seconds is adequate. However, if you need to adjust the sync time-out value, you can do so at the Windows System Registry Key Value locations listed below.
Note: changing this setting is usually not necessary, but if you do, make sure that you enter the same value in both locations. Failure to do so could possibly cause one mail service or utility to block another long enough to cause mail routing failure (Badmail).
For Web-based POP3 Utilities
For POP3 Server, MailDaemon and Admin program
Configuration updates made with the web-based POP3 utilities do not require the mail services to be restarted. This includes adding, updating and removing domains and mailboxes. Conversely, updates made using the stand-alone executable POP3 Server Admin program require automatic mail services restart. If you get a "cannot find server, or DNS error" message from the web browser during a web-based admin session, it is likely that the web-based admin context could not be initialized because the web site was being restarted during a global update initiated by the stand-alone executable POP3 Server Admin program. In that case, just wait several seconds and then try again.
- Windows 2000 Security Considerations -- when running on Windows 2000, in order for the DAWKCo Web-based POP3 Utilities to properly authenticate and impersonate clients using the same techniques as used by the DAWKCo POP3 Server, the IWAM_machine account (a.k.a. Launch IIS Process Account) must be granted the TCB (Trusted Computer Base) privilege. On Windows 2000, this privilege is required in the security context of any process that performs Windows Logon functions. (Note: this requirement was eliminated in later versions of Windows.)
To minimize any potential security risk posed by this scenario, the DAWKCo Web-based processes are isolated from the IIS process. Also, upon web-based client logon, the process security context is immediately switched from that of the IWAM_machine account to that of the POP3 client account that controls access to the mailbox, which in effect confines the logged on client's access to just the POP3 mailbox.
General Security Considerations -- on Stand-alone servers, the Windows accounts assigned to mailboxes that are designated as POP3 Admin type are added to the local Administrators group. On Windows Domain member servers and domain controllers, the Windows accounts assigned to mailboxes that are designated as POP3 Admin type are added to the local Account Operators group; also if the Site Postmaster mailbox is local and the Windows account assigned to it is designated as POP3 Admin type, then that account is added to the local Administrators group.
See also, Web-based Mailbox Creation Notes below.
- Admin Usage -- POP3 Admins access the web-based POP3 Domains Admin Utility at the following location:
Where <website_domain> is a place-holder for the domain name, or virtual domain name, of the IIS web site that you selected to host the web-based utilities. Complete Help documentation on all features and use of the web-based utility is provided via help links on the utility's web pages.
Only mailbox owners designated as a POP3 Admin in their mailbox properties may administer the POP3 mailboxes using the web-based utility. Additionally, if the Site Postmaster e-Mail Address is a locally defined mailbox and the user type is set to Admin in that mailbox, then Site Administrators can also gain access to administer the POP3 domains within the site by using the Site Postmaster e-Mail Address and POP3 Password to logon to this web-based utility. The locally defined Admin type Site Postmaster also has access to the Mailbox Client Utility Color Scheme which affects the appearance of the Web-based POP3 Mailbox Client Utility.
Note: the mailbox user type setting has a relationship to Windows user account types and privileges. In order to facilitate new mailbox creation, which requires new Windows user accounts to be created, POP3 Admins are automatically added to either the Account Operators local group on the DC (on Domain Controllers and Domain Member Servers) or the Administrators local group (on Stand-alone Servers).
- Logon Procedure -- logon to the web-based POP3 Domains Admin Utility by entering your POP3 Mailbox Name and POP3 Password into the appropriate input fields on the Logon web page, and then click the Logon button. Site Administrators can gain access to the advanced properties by using the full Site Postmaster e-Mail Address and its POP3 Password as the username and password for logon. For additional details, see the Help link on the Logon web page.
- Session Expiration -- for security purposes, this web-based utility's admin sessions expire after a period of inactivity that exceeds a preset time delay--the Session Timeout value. If no actions are performed during a time period greater than the session timeout value, then the session expires and the administrator must logon again to the web-based utility before any new admin tasks can be performed.
The default session timeout period is 20 minutes, but may be adjusted between 10 minutes (minimum) and 60 minutes (maximum) in the Session Timeout input of the Web-based Admin Settings dialog of the DAWKCo POP3 Server Admin program.
- Web-based Mailbox Creation Notes
In the DAWKCo POP3 Services Small Business Version, each unique mailbox requires a corresponding unique controlling Windows Account. To facilitate the creation of new POP3 mailboxes using this web-based utility, without sending Windows Account data over the open network, new mailbox controlling Windows accounts are automatically created on the server side with randomly generated usernames and passwords. POP3 Admins are automatically added to either the Account Operators local group (on DC's and Domain Member Servers), or the Administrators local group (on Stand-alone Servers), which grants them the access needed to initiate this procedure.
[System Requirements] [Synchronization]
[Security] [Admin Usage]
Copyright ©2000-2015 DAWKCoTM Software. All rights reserved.