If you are noticing a spammer is abusing your machine which is identifying with a common "HELO" command via SMTP, you can optionally deny all messages which match this rule.

For example a spammer might be identifying to your server with a fake HELO command which is common for all SMTP transactions.

Edit /usr/local/atmail/mailserver/configure

In the ACL

acl_check_rcpt:

You can append the new rule below for the HELO check

deny message = HELO not allowed
condition = ${if eq{$sender_helo_name}{spammer.com}{yes}{no}}
Copy the rule for each domain you wish to check.

Restart the Atmail services and the new HELO check is live, example transaction below:

# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 nexus.local.atmail.com Welcome to the @Mail SMTP Server ( Exim )
helo spammer.com
250 nexus.local.atmail.com Hello localhost [127.0.0.1]
mail from: test@test.com
250 OK
rcpt to: test@nexus.atmail.com
550 HELO not allowed

Should you need to purge a large set of users from your Atmail system, you can use a new script to batch delete via a CSV file.

This will be included in Atmail 6.2.1 due Jan 2011 - In the meantime you can use the script below, store under:

webmail/utilities/tools/purge-users-csv.php
The usage is simple:

cd webmail/utilities/tools/

php purge-users.csv.php /path/to/userlist.txt

Where /path/to/userlist.txt contains a list of users, seperated by a newline.

This script will remove all the users database entries, clear the users maildir and purge the account from the system.
-

/**
* Purge users from the system who have not logged in
* in the last X days (where X is passed as an argument)
* to this script
*
* @author Ben Duncan
* @usage php purge-users-csv.php /path/to/csv
*/

require_once("/usr/local/atmail/webmail/utilities/nfc-bootloader.php");

// require that the argument is numeric
if (empty($_SERVER['argv'][1])) {
echo "\nUsage: php purge-users-csv.php /path/to/csvfile.txt\n\n".
"Where csvfile.txt contains a list of users seperated by a newline\n";
exit;
}

// setup api access
require_once('application/models/api.php');
$_SERVER['PHP_AUTH_USER'] = 'admin';
$api = new api( array('directApi' => 1) );

echo "Opening " . $_SERVER['argv'][1] . "\n";

$fp = fopen($_SERVER['argv'][1], "r");

while ( ($line = fgets($fp)) !== false) {

$line = trim($line);

// fetch our list of inactive accounts
$userExists = $dbAdapter->fetchOne("select Account from UserSession where Account=?", array($line));

if( !empty($userExists) )    {
echo "Deleting $line - ";

$arr = $api->userDelete($line);

if($arr['status'] == 'failed')
echo 'FAIL ' . $arr['response'] . "\n";
else
echo "OK\n";

} else {
echo "Deleting $line - FAIL ( no such user )\n";
}

}

Atmail renders PDF attachments inline as a PNG image. By default the thumbnail width is 300 pixels, showing a quick snapshot of the content of the PDF.

Should you wish to expand the width of the inline PDF previews edit

webmail/application/modules/mail/plugins/Atmail/FilePreview/Plugin.php 

Locate the following in function _createPdfPreview:

-thumbnail x300

And replace with:

-thumbnail x700

Save the file, and reload Atmail. All PDF thumbnails will be scaled to 700 pixels, providing a far larger preview of the PDF content. Example below

If you run into any troubles with the upgrade you may need to re-run the upgrade process.

Assuming that your last version was 6.20.1; Login to your Atmail database and execute the following command.

update Config set keyValue = "6.20.1" where keyName = "version";

This will fool the WebAdmin update scripts and enable re-running the sql schema updates via the WebAdmin > License > Update Software.

Following the success of the WebAdmin update, please then execute the server-update.php file as the update page will instruct you.

php server-update.php 6.20.1

After running a mailserver for some time, especially those with larger user bases, you may find you want to purge the Atmail system of any inactive users. Included with Atmail 6.20.4 was a new script that allows you to do just that. You will find the script at /usr/local/atmail/webmail/utilities/tools/purge-users.php (the /usr/local/atmail part of the path may vary for webmail only installations) and it is used as such:

Usage: php purge-users.php [days-inactive] [--no-delete]
days-inactive    Delete users inactive for this many days or more
--no-delete    do not actually delete any users, just print them

For example, I want to delete all users whom have been inactive for 60 days. I want to double check the list first so I pass the --no-delete option:

# cd /usr/local/atmail/webmail/utilities/tools/
# php purge-users.php 60 --no-delete
TEST RUN -- no accounts actually deleted
Deleting brad@atmail.com, inactive since 2010-11-05 11:54:14
Deleting test@atmail.com, inactive since 2010-11-19 23:01:19

Once I confirm that I indeed wish to delete those accounts listed I re-issue the command, this time without the --no-delete option:

# php purge-users.php 60
Deleting brad@atmail.com, inactive since 2010-11-05 11:54:14
Deleting test@atmail.com, inactive since 2010-11-19 23:01:19

Now the inactive accounts have been deleted, that includes all email and other data associated with them.

By default, Exim only checks inbound emails for spam. This is easily fixable, via the following steps:

1.) Open up /usr/local/atmail/mailserver/configure, and find:

# Accept outgoing messages from authenticated users, no need to scan as spam
accept  authenticated = *

# Skip scanning messages from users that are trusted
accept hosts = +relay_from_hosts

# Skip if message over size
accept condition = ${if > {$message_size}{50k} }

# Pass the email via Spamassassin and don't scan messages over the specified size to save CPU
# Append the X-Spam-Score and X-Spam-Report for all messages
warn  message = X-Spam-Score: $spam_score
condition = ${if < {$message_size}{50k} }
hosts = ! +relay_from_hosts
spam = nobody:true/defer_ok

warn  message = X-Spam-Report: $spam_report
condition = ${if < {$message_size}{50k} }
hosts = ! +relay_from_hosts
spam = nobody:true/defer_ok

# Reject message if Spam-score is too high ( avoid wasted disk/CPU on obvious Spam messages)
drop message = This message is rejected by the Anti-Spam System. Spam-score too high : $spam_score spam points - Please reformat your email and send again
spam = nobody:true/defer_ok
hosts = ! +relay_from_hosts
condition = ${if < {$message_size}{50k} }
condition = ${if > {$spam_score_int}{100}{1}{0}}

2.) Change the block so it looks like:

# Skip if message over size
accept condition = ${if > {$message_size}{50k} }

# Pass the email via Spamassassin and don't scan messages over the specified size to save CPU
# Append the X-Spam-Score and X-Spam-Report for all messages
warn  message = X-Spam-Score: $spam_score
condition = ${if < {$message_size}{50k} }
spam = nobody:true/defer_ok

warn  message = X-Spam-Report: $spam_report
condition = ${if < {$message_size}{50k} }
spam = nobody:true/defer_ok

# Reject message if Spam-score is too high ( avoid wasted disk/CPU on obvious Spam messages)
drop message = This message is rejected by the Anti-Spam System. Spam-score too high : $spam_score spam points - Please reformat your email and send again
spam = nobody:true/defer_ok
condition = ${if < {$message_size}{50k} }
condition = ${if > {$spam_score_int}{100}{1}{0}}

3.) Go to WebAdmin > Services > Anti-Spam, and set 'Skip Trusted' to off. Save changes.

4.) Restart Atmail.

This will scan all emails.

Updating Exim to 4.72 is essential, as it contains security measures that nullify current issues with versions 4.69 and older. Before applying this update, make sure you have the PCRE package installed. This can be done via yum or apt. For Fedora or CentOS:

% yum install pcre-devel

For Ubuntu/Debian:

% apt-get install libpcre3 libpcre3-dev libpcre++-dev

---
To update Exim, do the following:

1.) Download the new Exim package from: http://kb.atmail.com/attach/eximatmail.tgz

% wget  'http://kb.atmail.com/attach/eximatmail.tgz'

2.) Replace your current package with the new package:

% mv /usr/local/atmail/server_source/eximatmail.tgz /usr/local/atmail/server_source/eximatmail.tgz.old
% mv /usr/local/atmail/server_source/exim-4.69/ /tmp/exim-4.69/
% mv eximatmail.tgz /usr/local/atmail/server_source/eximatmail.tgz

3.) Make a backup of your current configure file:

% cp -R /usr/local/atmail/mailserver/configure /usr/local/atmail/mailserver/configure.backup

4.) Stop Atmail:

% /etc/init.d/atmailserver stop

5.) Rebuild:

% php /usr/local/atmail/server_source/scripts/buildexim.php

5.) After rebuilding, open up your /usr/local/atmail/mailserver/configure file. Find this line:

# Stop the SMTP if load > X
smtp_load_reserve = 20

6.) Below this, add:

dkim_verify_signers = $sender_address_domain

7.) Find:

acl_smtp_data = acl_check_content

8.) Below this, add:

acl_smtp_dkim = acl_check_dkim

9.) Find:

deny    message       = relay not permitted

10.) Below this, add:

acl_check_dkim:

deny message = Invalid DKIM
dkim_status = fail

accept

11.) Restart Atmail:

% /etc/init.d/atmailserver restart

Congratulations! Now you have the new version, with improved security and DKIM capabilities.

If you are running a large Atmail cluster with multiple machines, you can further optimize the performance of the application by tuning the systems sysctl values for networking.

One common issue is on a highly loaded system, the max number of TCP connections can exceed between hosts, or too many connections are in the idle state.

We recommend the following be applied to the /etc/sysctl.conf

Client machines:

net.ipv4.tcp_fin_timeout = 10

Close connections in the TCP FIN timeout state 10 seconds ( default 60 )

net.ipv4.ip_local_port_range = "15000 61000"

Increase the range of ports available for client connections ( default 32768 61000 )

Server machines (e.g mysql server or main machine)

net.ipv4.tcp_fin_timeout = 10

Same value as clients
net.core.somaxconn = 1024 ( default 128 )

The net.core.somaxconn value has an important role. It limits the maximum number of requests queued to a listen socket.

net.core.netdev_max_backlog = 2000 ( default 1000 )

-

After editing the /etc/sysctl.conf you can reboot the machine, otherwise set the paramater directly on the CLI using:

/sbin/sysctl net.core.netdev_max_backlog = 2000

This is just another tip for tuning the performance of an Atmail system, from the default stock Linux OS.

If you are running a large-scale Atmail implementation under Linux, by default in most distributions the "updatedb" command is run daily via Cron to index the filesystem HDD.

For large systems with 100k+ email messages, running updatedb against the system maildir directory is time consuming and uses a lot of resources.

A simple solution is to disable indexing of the Atmail users maildir by editing:

/etc/updatedb.conf

Search and append the following in bold:

PRUNEFS = "auto afs iso9660 sfs udf"
PRUNEPATHS = "/afs /media /net /sfs /tmp /udev /var/spool/cups /var/spool/squid /var/tmp /usr/local/atmail/users"

If you are running an NFS or storage array server, check your machine does not index the maildir via the system updatedb command.

This is just one simple configuration option that should not be overlooked.

When using Atmail in production, its wise to setup a script to automate purging of logs for performance. Atmail records all user logins ( Webmail, POP3/IMAP ) , SMTP transactions ( Send / Received ) , Spam ( RBL, DKIM, Spamassassin ) and Virus logs.

If you have a production system in use for sometime, your logs may have millions of rows and using valuable memory/CPU resources via MySQL. While you can use the Atmail Webadmin and see graphs for logs over 1 year+, this can effect the performance of Atmail if your hardware and DB are not optimized.

We recommend the following setup via Cron, create the file below:
/etc/cron.weekly/purge-atmail-logs.sh

#!/bin/sh

mysql -u[username] -p[password] atmaildbname < /usr/local/atmail/purge-atmail-logs.sql

Save the file, then chmod 755 /etc/cron.weekly/purge-atmail-logs.sh

Next, create the SQL query, change the date range as per your needs
/usr/local/atmail/purge-atmail-logs.sql

delete from Log_Error where LogDate < DATE_SUB(NOW(), INTERVAL 4 MONTH);
delete from Log_Login where LogDate < DATE_SUB(NOW(), INTERVAL 4 MONTH);
delete from Log_RecvMail where LogDate < DATE_SUB(NOW(), INTERVAL 4 MONTH);
delete from Log_SendMail where LogDate < DATE_SUB(NOW(), INTERVAL 4 MONTH);
delete from Log_Spam where LogDate < DATE_SUB(NOW(), INTERVAL 4 MONTH);
delete from Log_Virus where LogDate < DATE_SUB(NOW(), INTERVAL 4 MONTH);

optimize table Log_Error;
optimize table Log_Login;
optimize table Log_RecvMail;
optimize table Log_SendMail;
optimize table Log_Spam;
optimize table Log_Virus;

Save, then Cron will automatically purge logs older then 4 months, each week.

Try it out on your server

/etc/cron.weekly/purge-atmail-logs.sh
Tweak as per your requirements, and remember to optimize your MySQL setup for the Atmail database needs! Full tutorial at: http://atmail.com/kb/2010/importance-of-tuning-mysql-with-innodb_buffer_pool_size-and-key_buffer_size/