Table of contents

Up and running since Sat 2008-04-19

Email settings

Using Google's spam filter

Migrating users

Troubleshooting

Certificate error

Server, instructions for use

Last update: 2008-05-08

Your mail administration

Enter your email address as username and your email password. Users whose email address ends in @elephanttrust.org have to use @winhlp.com instead. Example: If your email address is jack@elephanttrust.org, your username is: jack@winhlp.com

Up and running since 2008-04-19

Please check here for information on the server change. If you use florenz157.server4you.de or mail.michna.com as your mail server, you will have to follow the instructions if you don't want to lose mail.

More information may be added to this page later. Please check back in here from time to time.

Technical background

Some technical data of the new server components:

The switch has been performed on Sat 2008-04-19. In theory the switchover should take half an hour, but there are some misconfigured DNS server around, so some mails may go to the old server later. If you check your email on the old server again once a few days later, you should be fine and should not lose any mail.

The old server will continue to run until approximately mid-May, when it will be decommissioned and all data on it erased.

Email settings

If you are a migrating user who has already had an account on the old server, don't change that account. Instead create an additional, new account for the new server. The reason is that you have to collect mail from the old server for a couple of days.

You have to decide between two different ways to use your mail. You have to make a decision between 1. and 2., but you can use both a. and b. interchangingly if you use the IMAP protocol in your local email client program.

  1. Use our server directly.
    1. Use it through an email client program like Outlook Express, Windows Mail, or Mozilla Thunderbird. See below for the settings.
    2. Use webmail by prepending "https://webmail." to your domain. Examples: https://webmail.michna.com/, https://webmail.elephanttrust.org/, etc. You will get a certificate warning, which you have to ignore and choose to open the web page anyway, but you will be using encrypted communication. This certificate warning cannot be avoided.

      You could use http:// in place of https:// to communicate without encryption, but this is not recommended.

      To log on, enter your email address as username and your email password. Users whose email address ends in @elephanttrust.org have to use @winhlp.com instead. Example: If your email address is jack@elephanttrust.org, your username is: jack@winhlp.com

  2. Use Google Mail (or another suitable email system) to collect your email from the server and filter it.
    1. Collect your mail from Google Mail with your own email client program.
    2. Use Google Mail on your web browser.

For solution 1. a. create an account for the new server in your email program with the following information. For solution 2. a. follow Google Mail's instructions.

Name of the account: (Arbitrary, you can call it like your email address. It just has to be unique.)
Server type: IMAP (preferred) or POP3
Server, both POP3/IMAP and SMTP: india155.server4you.de
Username: (Your email address)

If your address ends in @elephanttrust.org, you have to use @winhlp.com instead. Example: If your address is jack@elephanttrust.org, your username is: jack@winhlp.com

Password: (Your password)

If you have not received your password by email already, ask us. We can also set a new password for you, but we cannot find out yours after you have changed it.

Important: When you have received a new password, change it immediately through the Administration.

Special server settings to enable: The SMTP (sending) server requires authentication, namely the same one as the POP3/IMAP (receiving) server.

The server does not use secure password authentication (SPA), but it does use TLS or SSL encryption, so enable TLS or SSL for both the receiving POP3 or IMAP and the sending SMTP server, if you can. It is an important security measure.

If TLS doesn't work, try SSL. Use the following port numbers.

Protocol    Without TLS/SSL    With TLS/SSL
IMAP 143 993
POP3 110 995
SMTP 25 or 587 25 or 587

If you have enabled TLS or SSL (which you should), the first time you use the server you will get a certificate warning, which you can ignore. Select to use the server anyway. The certificate for mail is the same as that for the web server. Verify that it has one of the following:

SHA1-Fingerprint: F3C5240A 018BE556 3E63E51C AE0A71F1 8D6215A3

MD5-Fingerprint: 169CE1DB A5E2EF6F 108F0F7C CB06EBB6

Please scroll down and read the chapter "Certificate warning" to avoid this repeated warning.

This encryption is essential for example, when you use your laptop on a wireless LAN, because without it everybody else who is on that WLAN can record all your data traffic, even your mail password.

The IMAP root folder path is: INBOX

For example, in Outlook Express you can enable the setting to shift messages automatically into special folders. You should use the folder names sent-mail and Drafts.

Administration: https://india155.server4you.de:8443/ (You will at first get a certificate error. Click on the option to proceed anyway. Please read the chapter "Certificate error" below to learn how you can prevent it.)

There is also an auto-forwarder at http://michna.com/admin/, which goes to that same address. Its purpose is that you can type the easier-to-remember address: michna.com/admin

Webmail: Prepend "https://webmail." to your domain. Examples: https://webmail.michna.com/, https://webmail.elephanttrust.org/. You will get a certificate warning every time, but you will be using encryption. Choose to open the web page anyway. This certificate warning cannot be avoided.

If your address ends in @elephanttrust.org, you have to use @winhlp.com instead. Example: If your address is jack@elephanttrust.org, your username is: jack@winhlp.com

Cheat sheet: http://michna.com/mail/ (in short: michna.com/mail)

If you use IMAP, some special IMAP settings have to be set like the following example from a German Outlook Express. The root folder name for our server is INBOX. (For Google Mail it is [Gmail].) The folder for sent mail has to be named sent-mail, because that's what webmail automatically generates, and you want to have this compatible with webmail. The name for the drafts folder is arbitrary, but again you should set the same name in webmail to keep the systems in synch.


Special IMAP settings for our server
(See different settings for Google Mail below.)

Make the new account the default account, so you use it to send mail and no longer the old one.

You can delete the old account a few days after the new server is up and running and receiving mail.

Using Google's spam filter

Getting your mail into Google Mail

If you receive a large amount of spam, i.e. more than 50 spam mails per day, consider using an additional spam filter. The easiest is Google Mail.

In Google Mail enter the settings described below, but use your own email username. Click on Settings, Accounts, Get mail from other accounts:

Google Mail collect
Google Mail settings example to collect your mail—substitute your username and password

Getting your mail from Google Mail into your local email client program

If you want to use a local email client program to collect your mail, like Outlook Express, Mozilla Thunderbird, or Eudora, you can configure it for Google Mail's server as follows.

  1. Go to Google Mail, Settings, Forwarding and POP/IMAP.
  2. Follow the instructions there to configure your email client. You had already enabled IMAP (perferred if your mail client can do it) or POP3, so most of the settings are already in place. You only have to change the configuration for the sending side, SMTP.

You can use our own server for sending mail or you can also use Google's mail server. If you want to use ours, enter the SMTP settings described at the top into the account setting of your email program, but leave the POP3 or IMAP settings set for Google Mail. Note that you have to enter separate authentication settings, i.e. username and password, for the SMTP server. These settings are somewhat hidden in some email programs and have to be opened by an extra mouse click.

Some special IMAP account settings in your email program are the name of the root folder and the names of the two folders for sent mail and drafts. For example, in a German Outlook Express these settings look as follows.

Outlook Express IMAP
IMAP properties in a German Outlook Express for an English Google Mail

Migrating users

Forwarding your mail to another email system

General

If you had your mail forwarded to an independent mailbox somewhere else, such as Yahoo or Google Mail, you need to do a few things.

First of all, forwarding is increasingly problematic, due to various spam defenses that can get irritated by forwarded mail. For this reason we generally recommend against forwarding. Essentially you have three choices:

  1. Test it by letting somebody else send you mail. If the mail arrives, you can keep the forwarding.
  2. Set up your mail system to collect mail from our server. For example, Google Mail does this very easily and very well.
  3. Give up forwarding and use our server india155.server4you.de directly.

Forwarding to Google Mail

This has been tested and is currently working well. Google allows you to use their mail servers to send mail from our domain.

You can also use our mail server india155.server4you.de for sending and set up your email client to automatically move the sent mail into Google Mail's IMAP Sent Mail folder, if your local mail client program can do that. Outlook Express, for example, does this if set up as described above. If not, you can move sent mail by hand or keep it only local.

The following example explains how to send mail through Google Mail's SMTP server, without using the Google Mail address:

  1. Open Google Mail.
  2. Click on: Settings, Accounts, Send mail as:, Add another email address
  3. Enter your desired email address.
  4. You can make this your default address and specify that all mail is by default sent "From" that address.
  5. See the subchapter, "Getting your mail from Google Mail …", above for instructions on how to send through Google's mail servers.

Forwarding to another mail system

As mentioned, this is not recommended, but if it works for you, you can do it. The recommended way is to set up your other email system to collect email from our server.

If you have any problems with any of these procedures, please contact us.

Collecting your email directly from our server

General information

If you have been collecting your email directly from the florenz157.server4you.de or mail.michna.com server, you have to do a few things, because for a couple of days you have to collect mail from both the old and the new server. For the new server you have to create an additional, new email account.

If you receive an inordinate number of spam mails, one possible solution is to have a Google Mail account and let Google automatically pick your mail from your mailbox, as described above.

Make sure your old account continues to work for now (meanwhile obsolete, please ignore)

This subchapter deals with the switchover, which is already past us. It remains here only for historic reasons and for the next time we change servers.

  1. Change your email password. This is important. Do not use a short password. Use at least 8 characters, if possible including at least one special character. Do not use a word that is in the dictionary. Do not use any name that other people know or can find out. A combination of two unrelated words is a good idea. Keep our mail server safe.

    To change your password, go to https://india155.server4you.de:8443/ or http://michna.com/admin/, click on the option to proceed in spite of the certificate error, log in with your email username and password, and change your password. You can use the same password that you use elsewhere, if you always keep it safe.

  2. Open your email client program, such as Outlook Express, Mozilla Thunderbird, or Eudora and go to the settings of the email account. Check which of the two server addresses you are using. If you have florenz157.server4you.de, this part is fine. If you have mail.michna.com, change it to: florenz157.server4you.de

    You may have to do this twice, once for the incoming server (POP3) and once for the outgoing server (SMTP).

After a few days you can delete this old account entirely.

Troubleshooting

If you cannot collect or send mail, recheck the following:

  1. Check whether you actually have an Internet connection.
  2. Check all settings above, particularly the server name: india155.server4you.de
  3. Make sure that SPA (Secure Password Authentication) is not enabled, and neither any other secure password authentication method. We rely entirely on SSL to secure the entire data exchange, including the password.
  4. You can try to disable TLS/SSL (Secure Socket Layer) for testing, but when everything works, you should re-enable it.
  5. Make sure you have the right ports for the IMAP/POP3 and SMTP servers. Note that IMAP and POP3 use different ports with and without SSL. Check the settings above for the proper port numbers.

Certificate error

Background

The administrator pages of our new web server at https://india155.server4you.de:8443/ (also reachable through a forwarding page at http://michna.com/admin/, in short, michna.com/admin) use the SSL encryption protocol, recognizable by the https:// prefix in the address (URL), unlike the more common http:// prefix. This is useful and makes it much more difficult to eavesdrop electronically on the data exchange.

The same holds for all mail connections, if you sensibly chose to activate TLS or SSL.

The encryption key is customarily coupled to a certificate that is meant to certify the identity of the buyer of the certificate, which costs some money. Since we currently don't need this and need only the encryption key, we don't pay, but instead make our own certificate. Consequently your browser issues a certificate error, telling you that this certificate does not come from a commonly known certificate authority (CA) and is therefore not good enough to identify our server.

When this happens, you can choose to ignore the error and open the web page anyway, but the next time you start your browser and go to the administrator page, you will get the error message again. To avoid this, you essentially have to tell your browser that you trust this certificate, which means putting it into your certificate store.

This is the procedure for Internet Explorer 7:

  1. In Internet Explorer open: https://india155.server4you.de:8443/
  2. Click on the choice to open the web site in spite of the error.
  3. Click on the red signal at the very top center: "Certificate error"

    The browser tells you: Certificate is invalid

  4. Click on: Show certificates
  5. Inspect the certificate. It should be from: india155.server4you.de
  6. Click on the button: [Install certificate]
  7. Accept the default certificate store choice and click on the button: [Next >]
  8. Finalize the procedure by clicking on the respective button.
  9. Verify that the certificate has one of the following:

    SHA1-Fingerprint: F3C5240A 018BE556 3E63E51C AE0A71F1 8D6215A3

    MD5-Fingerprint: 169CE1DB A5E2EF6F 108F0F7C CB06EBB6

  10. Close your browser.

Other browsers probably do this similarly. Firefox, for example, asks you directly, so after inspecting the certificate and checking a fingerprint, elect to always accept it.

Web site certificates are coupled to the domain. You could call the administrator pages up through any domain hosted on the server. For example, instead of https://india155.server4you.de:8443/ you could call them up with https://aschenbrenner.com:8443/, https://michna.com:8443/, https://winhlp.com:8443/, or https://elephanttrust.org:8443/. However, only the india155.server4you.de domain has the certificate, so on all other domains, including the webmail addresses, you get a certificate address error, even though the certificate is valid.

Your friendly server administrators Klaus and Hans-Georg

@

hits since 2008-04-22
Free PHP scripts by PHPJunkYard.com