Community Knowledge Base

Bindings

System administrators can use this section to specify on which ports the server IP address(es) -- both IPv4 and IPv6 addresses -- should listen, assign protocols to those ports or assign a hostname for each IP address. All ports being used should be assigned to at least one IP address on the server. However, SmarterMail provides system administrators with some flexibility when configuring bindings. This means, for example, that the system administrator can allow POP (port 110) on the IP 111.111.111.11 but not allow it on 222.222.222.22. In addition, some servers may have other programs installed that need to listen on mail ports. To accommodate this, the system administrator can configure SmarterMail to listen on a subset of IP addresses, leaving the remaining IP addresses available for other programs.

Another benefit to binding IPs to your mail server is that you can limit the possibility of your entire mail server being blacklisted by assigning IPs on a per-domain basis. That means that spammers sending messages on your mail server will only get their domain and their specific IP blacklisted rather than getting the entire mail server blocked.

When accessing Bindings, the following tabs will be available, and each tab will display the number of items configured for each:

IP Addresses

Every IP address stored on the server's Network Interface Card (NIC) will be displayed in this section. As a result, it's not possible to add an IP address for bindings from this page: it must be available from the Network Interface Card (NIC). Information is displayed about each IP address, including its hostname, a description (if one is added), and the number of ports the IP address is assigned to.

Clicking on an IP address opens its configuration options. The following setting will be available:

  • IP Address - The IP address from the server. This field cannot be edited.
  • Hostname - The hostname that should be assigned to the IP address (e.g., mail.example.com). A hostname can be assigned to each IP address on the server. This is beneficial because it allows every domain on the server to be assigned its own IP address, thereby limiting the chances of the entire mail server becoming blacklisted should a user on one domain send out unwanted emails.
  • Description - A friendly explanation of the binding's purpose.
  • Ports - Select each port on which this IP address should listen. All ports being used should be assigned to at least one IP address on the server.

As mentioned, the IP Addresses listed in this section are pulled from the server and can only be removed from SmarterMail by removing the IP Address from the NIC. (If an IP address continues to show in the IP Addresses section or cannot be deleted, it is possible the IP address is still contained in the server registry. After removing an IP address from the NIC, be sure it is removed from the registry as well.) Occasionally, however, an IP address that is NOT stored in the server's NIC may appear in this list. These IP addresses can be removed using the Delete button, if desired.

Ports

Use this section to assign specific protocols to ports or to add Secure Socket Layer (SSL) and Transport Layer Security (TLS) rules to any ports and protocols. When viewing this tab, each port added will be listed, and some information about each is avaialble, including its name, the type of port, and the number of IP addresses assigned to the port.

To add a new port, click the New button. To edit an existing port, simply click on it. Regardless of whether you're adding a new port or editing an existing one, a modal opens and the following settings will be available:

  • Protocol - The type of communications protocol that should be used (IMAP, LDAP, POP, SMTP, XMPP, or Submission Port).
  • Port - The port number on which to listen for the selected protocol.
  • Name - The friendly name for the port.
  • Encryption - If the port requires SSL or TLS encryption, select the appropriate option. SSL always assumes the connection will be secure and sends the encryption immediately. TLS connects normally and then looks to see if the connection is secure before sending the encryption.
  • Certificate Path / Password - If SSL or TLS encryption is selected, enter the complete path to the security certificate and its corresponding password.
  • IP Addresses - Every IP address on the server will be listed here. Select the IP address(es) on which this port should listen.

Regarding SSL Certificates

When adding or modifying ports, one thing asked for is an Encryption type. If SSL or TLS is selected, SmarterMail asks for a Certificate Path and Password. Even when using SmarterMail to manage SSL Certificates, those fields are still required. This is because some clients do NOT support SNI. For this reason an administrator will need to add a certificate to act as a fallback for each SSL/TLS Port binding in order for SmarterMail to listen for TLS connections. It can be the same certificate for each port and administrators should verify all secure port bindings are configured to use a certificate file that includes the private key.