domain webmail
Question asked by onur kaya - 1/28/2023 at 9:56 AM

I want to create a custom webmail for my domain with SmarterMail.

When I enter webmail.xxxxx.com, I want the SmarterMail login interface to appear.

How can I do this?

4 Replies

Reply to Thread
Douglas Foster Replied
The details depend on how many other domains are on your email server.

When someone types "webmail.example.com", these events occur:

1) The name is converted to an IP address, so "webmail.example.com" has to exist in DNS as either an IP4 "A" record, an IP6 "AAAA" record, or a CNAME entry which can be resolved to an IP4 or IP6 address.

2) The browser than connects to the target IP address, and passes the name "webmail.example.com" as part of the connection request.

3) The web server (IIS) uses the host name to decide whether to allow the connection.  In IIS, you specify the individual names that it accepts on a specific target address and port, or a default site that accepts all names for a particular target address and port.  

4) Assuming that you are using HTTPS to get an encrypted session, the server responds with a certificate chain to prove its identity.   The chain should include the server identity certificate and any intermediate certificates.   The root certificate should not be part of the chain.

5) Your web browser verifies the legitimacy of the certificate chain.    The chain needs to verify back to a root certificate which is already on your client device.   Your device believes the names on the server certificate are true because chain verification proves that the certificate was issued by a root authority which you trust, as evidenced by the fact that you installed its root certificate on your device.   The verification process involves digital signatures.   Additionally, certificates expire regularly and certificates which are not valid for today's date are also untrusted.

6) Next, your web browser checks to see if the certificate includes the name that you used, The certificate has a name list.   The certificate name list must include either "webmail.example.com or "*.example.com".   This proves to your device that you really connected to the intended server, and that your traffic was not highjacked in transit and redirected to a malicious site.   Note that wildcard names only cover a single level:  *.example.com matches "webmail.example.com" but it will not match "www.webmail.example.com"   When using commercial certificates, you pay extra for a wildcard certificate, but it can be used on lots of servers.   You also pay extra for each additional name included on a commercial certificate.

SmarterMail only supports one server certificate for the entire site, so that certificate must contain individual names or wildcard names for all of the domains on the SmarterMail server.   Additionally, those names must be configured into IIS so that it accepts all of the names.  Finally, all of those names must be configured into DNS so that the name resolves to an IP address.

Linda Pagillo Replied
Hi Onur!

If you need some help implementing what Doug detailed above, feel free to reach out to us at help@mailsbestfriend.com

We are very versed in how to do what you are asking, with or without SSL (SSL recommended of course!)

We are also a SmarterTools reseller so SmarterTools team can vouch for us :)
Linda Pagillo
Mail's Best Friend
Email: linda.pagillo@mailsbestfriend.com
Web: www.mailsbestfriend.com
Authorized SmarterTools Reseller
Authorized Message Sniffer Reseller
Zach Sylvester Replied
Employee Post Marked As Answer
Hey Onur, 

To simplify everything that has been said here basically you need two things optionally three things.

  1. A certificate
  2. A binding
  3. A DNS Record.  

Step 1: 
Set up the DNS record. Go to your DNS provider and create an A record for your domain for webmail. 

Step 2: 
Login to your server and open IIS. Expand all the trees on the left side until you see the SmarterMail website. 
Click bindings on the right side and enter the hostname, set the IP to all unassigned. Set the port to 80 and protocol HTTP. 

From this point, you should be able to access webmail from that URL.

The next part is your certificate for HTTPS. This bit is a little complicated you can skip it if you aren't worried about security. 

You can either purchase an SSL certificate from somewhere or you can use let's encrypt. 
Please see our Let's Encrypt document here. 
And our General SSL guide here. 

I hope this helps. 

Kind Regards, 

Zach Sylvester

System/Network Administrator
SmarterTools Inc.
(877) 357-6278
Robert Burks Replied
Thanks for the useful info

Reply to Thread