Author: Momčilo Došenović

Introduction

If you are looking for a high-performance business mail server that provides fast and secure email communication while ensuring effective space management, you should try Axigen.

Axigen is a Linux, Windows, and Docker mail server with groupware and collaboration functionalities, which answer all challenges of a dynamic business environment. It supports an entire range of mail services — SMTP, POP3, IMAP, WebMail (Desktop and Mobile versions) — includes List server, Logging, Reporting, and FTP Backup modules and provides various, flexible administration options using Web administration interface — WebAdmin.

Axigen provides users with effective time-management tools such as personal and public calendars, tasks, and notes, available from WebMail, MS Outlook, and iCal (Webcal) compatible clients. Advanced collaboration functionalities enable users to share their emails, tasks, and appointments by granting colleagues permissions to read, write, delete or perform other actions on the content of mailbox folders of choice, by viewing others availability (free/busy) status or delegating the right to send messages in their name to co-workers.

Axigen makes administration, user access, and business communication easy, offering full-scale security and features:

• Active Directory integration
• Remote server administration via WebAdmin (Web-based, secure connection, proprietary language)
• Auto-discovery (For SMTP, POP3, IMAP, ActiveSync, Outlook Connector, CalDAV& CardDav. CLI based – globally and per domain)
• Let’s Encrypt certificates (CLI & WebAdmin generation and auto-renewal)
• SSL certificates management (Generate CSRs, upload certs, create and renew self-signed or Let’s Encrypt certificates)
• Automated operations (Through CLI)
• Services availability per account (SMTP, IMAP, POP, WebMail)
• Automatic creation of account from LDAP
• HTML5 WebMail interface (Webmail client with desktop-like usability)
• Standard WebMail interface (Simple interface for legacy browsers and slower internet connections)
• Mobile WebMail interface (Email access from mobile phones)
• 2-Step Verification (Two Factor Authentication) for WebMail
• Over quota notifications (via email or webmail popups)
• Delay delivery of selected messages
• Automatic migration tool
• AXIGEN Outlook Connector (Implements most Exchange-like features)
• Integrated Personal Organizer: Calendar/Tasks/Journal/Notes
• Manage personal, public, and domain contacts
• Groupware (shared folders, permissions, Free/Busy status, Send mail on behalf of other users)
• Clustering support & Delegated Administration
• Reporting & statistics, SNMP support

In terms of security, an extensive security toolset is implemented, which is also highly configurable. System Administrators can flexibly use the filtering rules available at the server, domain, and user level, by specifying what filters to use, the order of applicable filters, and the actions to be taken according to the scanning process results. Filtering in Axigen includes Antivirus/Antispam, Antispoofing (SPF authentication rules), Domain Keys, and custom SIEVE scripts. Axigen integrates at present connectors for Open source Antispam and Antivirus applications (SpamAssassin and ClamAV). Still, thanks to its script interface for external connectors, it can integrate with virtually any AS/AV application requested by users.

 

Deployment

Since Axigen is an email server, a typical setup involves several DNS configurations. A quick summary of the DNS records that you need to set up for each domain: https://www.axigen.com/documentation/dns-configuration-p60719104. For the corporate environment, besides public DNS settings, you need to set up split DNS settings for your private network (example below Microsoft DNS):

 

 

Axigen is also available as a VMware image (Virtual appliance), pre-installed, and pre-configured. We will use a VMware image for our deployment; you can download it from https://www.axigen.com/mail-server/download/.

After downloading, all you need is to deploy it to your VMware environment. Edit VM settings if required; the appliance is deployed with 2 CPUs, 4 GB RAM, 50 GB Hard disk. We will add 1 TB disk as domain storage for mailboxes.

When appliance deployment is done, power on VM; after a couple of minutes, login is available through VMware console, SSH, and WebAdmin interface. The initial password is predefined, and it should be changed.

One of the most critical decisions is to plan future growth of the user mailboxes; 1 TB disk will be used for that. Create partition, change the partition type to LVM, create physical volume, volume group, logical volume, create a file system, mount and add to /etc/fstab.

Change time-zone and default root password.

If needed, set static IP address (example below nmtui tool).

After setting static IP address, using a browser, point to Axigen IP/FQDN and start Initial Configuration:

Accept the license agreement, set an admin account password, request a 60-days trial/FREE license, add your primary domain (don’t forget to change Domain Storage Location, in our deployment /axigendata/domains/demo.braineering.rs), set postmaster password, and apply the license. After applying license, WebAdmin login is available.

Active Directory integration

For the users found in Axigen to authenticate against an active directory database, you need to create an LDAP connector. Go to Axigen WebAdmin -> Clustering -> Clustering Setup -> LDAP Connectors tab -> Add new connector

After creating the LDAP Connector, enable LDAP synchronization for the domain. Go to: WebAdmin -> Domains&Accounts -> Manage Domains -> General -> LDAP Synchronization, check Enable LDAP synchronization and add LDAP Connector we have created:

 

 

Connector status is Operational. The next step is to install the Axigen Active Directory Extension on the Domain controller.

The integration and configuration process related to the Active Directory is performed entirely using the Microsoft Management Console (MMC) and the add-in snap-in provided for this purpose as an extension. This snap-in application can be downloaded free of charge from the download page from Axigen’s website.

Once the installation of the “.msi” (Microsoft Installer) package for the snap-in is complete, the integration process can begin, and the configuration of the existing Active Directory accounts can be performed. Before any actions can be performed, the Axigen mail server must be configured correctly to use the AD server for syncing purposes. For this reason, an LDAP connector must exist before the following procedure is executed. If the Axigen is not correctly configured, the sync process will fail.

With the “Axigen AD extension” package installed, a new tab will appear in the “Properties” section of the domain accounts. This tab can be accessed whether the selected account has the Axigen extensions enabled or not. To activate the Axigen extensions for the user account, you need to right-click the account and select the “Create Axigen Account” option.

After selecting “Create Axigen account,” the account is added to Axigen:

Options and settings available while using the Active Directory add-in include:

• Alias management – This section allows the addition, modification, and removal of email account aliases.
• Configuration inheritance – This section allows the modification of the default (implicit) inheritance scheme.
• Service management – This section allows an explicit definition of access levels for email services, including SMTP, IMAP, POP3, WebMail, and remote POP.
• Quota management – This section allows the configuration of the account’s maximum permitted storage space.
• Restriction management – This section allows the explicit definition of certain restrictions related to password enforcement, email number, folder number, etc.
  • Password – The password enforcement section allows the configuration of various rules to increase password guessing difficulty.
  • Sessions – Allows the configuration of maximum concurrence values accepted per service for the respective account.
  • WebMail – Allows the configuration of attachment size and number and the maximum message size for WebMail generated messages.
  • Message Sending – This section allows the setup of limitations on the number of messages delivered by the account in a specific time interval.
  • Temporary Email – Allows the activation or deactivation of this feature for the account, the number of addresses that can be created, and the maximum expiry time for each of them.
  • Send / Receive – Options that limit the behavior of send or received emails by this account.
• Contact information management – This section allows modifying the account owner’s contact data (first name, address, email address, phone number, etc.).

WebMail access is enabled by default for the new account, from browser go to https://mail.yourdomain.com, authenticate with your domain credentials:

Generate certificate using Let’s Encrypt

The next step is to generate the certificate. Axigen can use the Let’s Encrypt service to generate SSL certificates.

The certificates can be used for the following Axigen services:

• WebMail
• IMAP
• POP3
• SMTP Incoming
• Proxy services — WebMail Proxy, IMAP Proxy, POP3 Proxy

For each certificate it generates, Axigen will attempt automatic renewal 25 days before the certificate expires. The newest release of Axigen certificates, including Let’s Encrypt ones, can be managed centrally from WebAdmin. Go to WebAdmin -> Security & Filtering -> SSL Certificates -> ADD, fill in HOSTNAME, accept license agreement click GENERATE CERTIFICATE.

After a couple of seconds, our Let’s Encrypt certificate is generated:

We will configure the WebMail listener on port 443 to use Let’s Encrypt certificate. From the browser, open Axigen WebMail and check certificate status.

Branding

The Branding feature addresses businesses and service providers offering business-grade email based on Axigen. It allows end-customers to personalize their email interface design using their logo and brand name in the WebMail and WebAdmin, instead of the default (Axigen) ones. WebMail branding applies to all three Axigen WebMail applications — Ajax, Standard, and Mobile.

With Global branding, you can apply the same branding elements for all your domains that don’t have specific branding elements configured — this also includes newly created domains. Log into WebAdmin → Choose Global Settings from the left menu → Scroll down to the Branding section and click on Configure Branding:

With Customer level branding, you can individually brand each customer domain — for service providers; this option could be offered as part of a premium plan. Log into WebAdmin → Choose Domains & Accounts → Manage domains from the left menu → Click to edit the domain you want to brand → Scroll down to the Branding section and click on Configure Branding:

After configuring branding, we have customized WebAdmin and WebMail:

 

 

 

Beside Branding, Axigen allows you to customize your WebMail appearance by modifying the WebMail HTML and CSS files in /webmail/. Article with step-by-step instruction on how to customize your Axigen WebMail interface login and loading pages: https://www.axigen.com/knowledgebase/Customizing-Skinning-Your-WebMail-Interface_330.html

Outlook Connector for Office

Axigen Outlook Connector enables you to take full advantage of all the Axigen features when using it together with Outlook. Axigen Outlook Connector ensures native connectivity with Microsoft’s email client, enabling the use of Axigen’s calendaring and collaboration capabilities in Outlook. Axigen Outlook Connector comes with an installation wizard. It needs to be set up on each machine using Outlook as an email client and having messaging communications handled by the Axigen mail server. Adding an email account in Outlook with the connector will allow syncing of many services like:

• Mail
• Contacts
• Calendar
• Notes
• Tasks
• Shared Files
• Shared Calendars
• Shared Contacts
• Shared Mail

Before setting accounts in Outlook, you need to create a DNS record, autodiscover.yourdomain.com, and edit Axigen configuration. SSH to your server and, using editor, edit lines in /var/opt/Axigen/run/axigen.cfg

Download Outlook Connector from https://www.axigen.com/mail-server/outlook-connector/.

To run the wizard, double-click the “Axiolk” executable file. It will prompt the wizard welcome window, telling you which version of Axigen Outlook Connector you need to install. Click “Next” to start installing. Follow instructions to finish the deployment. Click OK

Select Create Profile

Start Outlook.

Archiving

Email archiving is a critical business practice. It’s not just keeping your emails in the inbox or backing them up. It involves storing your data in a secure environment where they can’t be tampered with or deleted but are easily searched and viewed.

There are several ways you can implement email archiving with Axigen and reroute your email traffic:

1. By configuring a dedicated account
2. By configuring a Public Folder
3. By configuring a separate domain on the same Axigen server and a dedicated account
4. By configuring a second Axigen server on which you will configure archiving domains/accounts.

Configuration of the first option, “The email address belongs to an account” is simple and has the advantage of using the Axigen UltraStorageTM engine that keeps a single copy of a message that is then referenced from the account’s mailboxes as well as from the archive folder. In Security&Filtering -> Acceptance&Routing ->Advance Setting add rule:

This rule adds an “invisible” recipient to all emails – blog.archive@demo.braineering.rs.

Conclusion

Axigen is a high-performance mail server built to provide fast and secure email communication. It is available on both Windows and Linux OS. Axigen enables you to:

• Organize your business with practical time-management tools such as personal and public calendars, tasks, and notes, available from WebMail, MS Outlook, and iCAL (Webcal) compatible clients.
• Communicate using MS Outlook while taking full advantage of Axigen’s calendaring and collaboration. Alternatively, send and receive emails from many other popular POP3 / IMAP email clients, such as Mozilla Thunderbird or Apple Mail.
• Access your WebMail account from mobile devices with Internet access to check emails, compose/delete messages, set permissions on folders, and much more.
• Synchronize your email, contacts, calendars, or tasks by using Axigen’s built-in Exchange ActiveSync® support for mobile devices
• Protect your confidential data with an extensive set of defensive tools, including:
  • Authentication and Encryption
  • Multi-layer Access Control (firewall-like rules)
  • SPF and DomainKeys Compliance
  • Blacklisting / Whitelisting / Greylisting
  • Country Filtering, DNS Checks & Blacklists
  • Identity Confirmation System
  • Message Acceptance / Sending Policies
  • Anti-Impersonation and Password Expiration Policies

With web-based administration front-end, setup is a breeze, and maintenance simple and straightforward. Axigen is offered as SaaS (Software as a Service) in Braineering Becloud. If you want to test a live instance of Axigen, contact us.