18Oct/170

E-mail server in Windows Server, part 2: Security

This is a follow-up to the tutorial How to install an e-mail server in Windows, directed to those who already have an hMailserver and want to increase the security.

Spam protection

To activate the spam protection, please go to Settings >> Anti-spam in the hMailserver Administrator.

In the tab "General" you can leave the settings the way they are, as shown in the image. Of course you can adjust them later according to your needs.

In the second tab "Spam tests" you should select all four spam detection parameters:

- Use SPF (3)
- Check host in the HELO command (2)
- Check that sender has DNS-MX records (2)
- Verify DKIM-Signature header (5)

Malware protection

As already mentioned in the previous tutorial, you have the possibility to use different anti malware software in hMailServer. The most easy solution is to use the free ClamWin anti virus scanner. You can download it there:

https://sourceforge.net/projects/clamwin/

Please follow the installation wizard. Installing the browser extension is not required for your e-mail server. Normally ClamWin will now appear in the Windows system tray and start to update its database once a day. It will also protect your system from malware. You are of course free to change those settings individually in the ClamWin menu. The integration in the hMailServer is easy. Please go to Settings >> Anti-Virus >> ClamWin. The button "autodetect" will find the correct path to your ClamWin anti virus installation and you can finish the setup with "Save".

TLS encryption

To enable your clients to start an encrypted connection to your server, so nobody can steal your data, you have to enable this in your settings first. You will need an SSL certificate to achieve this. If you do not have already one for the host name of your server, you can create a self signed one on your own. Self signed certificates are free. But you will have to add an exception manually each time you set up a new client for your server. Most clients like Thunderbird or Outlook will ask you for that after the credentials got entered and they start the first connection. You can use XCA to create such a certificate:

https://sourceforge.net/projects/xca/

After the software got installed and opened, you have to create a new database on the upper left side. You can choose any name, you do not even have to remember the password. We will need this tool only once to create the new certificate. You can remove it again afterwards.

After the new database got created you can choose the tab "Certificates". In the following menu please choose "New Certificate" on the right side. A new window will open. In this new window please choose the tab "Subject" and add your host name next to "commonName". In our example screenshot this is mail.yourdomain.com. Now please create a key for the certificate by pressing the button "Generate a new key". The options in the window normally will be  inserted correctly per default as shown in the image. You can finish the creation with "create".

The next step is to switch to the tab "Extensions". Enter a date until the certificate will be valid. You can be generous at this point. In our example we set a date in the year 2030 for "Validity not after". With the "OK" button in the bottom right corner you will finally create the certificate.

Now you have to export the certificate and the according key. Please choose in the tab "Certificates" the certificate and click on "Export" on the right side. You can let the path the way it is. In our case it is:

C:\Program Files (x86)\xca\mail.yourdomain.com.crt

In the tab "Private Keys" please do the same for the previously created key. The path should be:

C:\Program Files(x86)\xca\mail.yourdomain.com.pem

Please open the hMailServer Administrator and navigate to Settings >> Advanved >> SSL certificates and click on "Add". Now you have to add the previously exported certificate and key as shown in the image below and save the settings.

For the last step please go to Settings >> Advanced >> TCP/IP ports. There you have to modify the three entries below "0.0.0.0 / 25 / SMTP" as shown in the following images. At "SSL Certificate", please choose your recently created certificate. "0.0.0.0 / 25 / SMTP" has to stay in its original state as the only one. If you change it, your e-mail server will not work properly!

Now you have to open the new ports in your firewall. For that you can edit the rule from the previous tutorial. We called it "Ports for hMailServer" there. Please change the "local ports" from 25, 110, 143, 587 to 25, 465, 993, 995. (Windows Firewall with Advanced Security on Local computer >> Inbound Rules >> Ports for hMailServer >> Protocols and Ports)

The settings for your clients have changed too:

ingoing server:

protocol: IMAP; port: 143; security: SSL/TLS; server: the IP or hostname of your server

outgoing server:

protocol: SMTP; port: 587; security: SSL/TLS; server: the IP or hostname of your server

9Oct/172

How to install an e-mail server in Windows Server

You want to send and receive e-mails with your Windows server and connect to it by using your clients on PC, smartphone or tablet? In this tutorial we will explain how you can setup your own e-mail server on a Windows system with a static public IP. This tutorial will work for our VPS as well as for our dedicated servers. hMailServer is a free open source program, the setup is rather simple and can be done in just a few easy steps. Next to the default features like SMTP, POP3 and IMAP, the software is capable to detect spam and also a free virus protection like ClamWin can be added.

Installation

hMailServer needs NET Framework 3.5. to run correctly. Therefore you should add it to Windows before you install hMailServer. To do so, please open the Server Manager. The next steps will differ a little in the different versions of Windows Server. We will explain it by using the example of Windows Server 2012. Please click on "Manage" on the right upper side and choose "Add Features and Roles". In the window that opens you can click four times on "Next" and leave all the settings the way they are. Now you can choose the features you need to install. You just have to choose the NET Framework 3.5 like shown in the image. With "Next" again, you confirm this selection and "Install" will start the installation. As soon as the process is finished, you can close the window and proceed with the installation of your e-mail server.

Please download the latest version of the software from this site:

https://www.hmailserver.com/download

Please do not choose a version that is still in beta, since it might contain bugs and vulnerabilities. After you received the installation package, you can execute it and accept the terms of service.

You should leave the default installation directory as is and continue with "Next". Now you can choose the required products for installation. You will need the full installation, so please let "Server" and "Administrative Tools" checked and proceed with "Next". For an easy installation, we do recommend to choose "Use built-in database engine" in the next step. In the following window let the name be hMailServer and proceed. hMailServer will need a password for administrative tasks in the future. So please create a password you want to use to protect your service and write it down. The last step will be to start the installation. It should finish without error.

hMailServer Configuration

Please open the hMailServer Administrator. In the first window you have to activate "Automatically connect on Start-up" and click on "Connect".

In the next window, please go to "Domains", choose "Add..." and insert your domain you want to use for sending e-mails.

After the domain got saved, you can add new e-mail addresses in the menu "Accounts".

Now please go to Settings >> Protocols >> SMTP >> Delivery of e-mail. There, please add the local host name of your server that should be used for introducing your server to other e-mail servers. It has to be a valid domain and has to resolve to the IP of your server. So please add an A record to your DNS zone if necessary. You also should set an identical PTR for the IP address of your server. This can be done in the Contabo customer control panel. The host name should consist of three parts. That means it has to be an FQDN and it may not contain too many numbers, since it might seem to be generic. A good name for example might be: "mail.justanexample.com". When you are done, please save your new settings.

Firewall Configuration

The main configuration is done. But you still have to open all used e-mail ports in the firewall to make it work. Please open the Windows Firewall settings and choose "Inbound Rules". On the right side click on "New Rule". A window will open and you have to choose "Port" and click on "Next". In the next window please insert the ports 25, 110, 143 and 587, as shown in the image.

In the following window please choose "Allow The Connection" and after "Next", please check "Domain", "Private" and "Public".

In the last window you can enter a name for the new rule. For example "Ports for hMailServer". Please finish the setup and close the firewall settings.

Now you should add an SPF record to your DNS zone. Many e-mail servers will reject e-mails from your server if it does not exist. Therefore please add this TXT record to your zone:

justanexample.com 86400 in TXT "v=spf1 ip4:1.2.3.4 ~all"

"justanexample.com" has of course to be replaced with your domain and 1.2.3.4 with your IP.

You should also add an MX record to your DNS zone, if it does not exist already. The MX record should look like this:

justanexample.com 86400 in MX 10 "mail.justanexample.com"

The value "mail.justanexample.com" has to be replaced with the the host name you have chosen for your e-mail server.

The basic setup of your e-mail server is now complete. It should be able to send and receive e-mails as soon as the DNS changes are active and you can now connect with any e-mail client like Outlook, Thunderbird or Apple Mail.

Client Configuration

Please use the following settings for your e-mail client.

ingoing server:

protocol: IMAP; port: 143; security: none; server: the IP or host name of your server

outgoing server:

protocol: SMTP; port: 587; security: none; server: the IP or host name of your server

Security

If you want to do some optimizations to the server security like transport encryption, spam checks and malware protection, please take a look at our second tutorial: E-mail server in Windows Server, part 2: Security.

24Aug/170

No space left on your HDD/SSD? Find big files and remove them!

It does not matter if you do website hosting, provide a gameserver or use other services, if you have no space left on your HDD/SSD problems will occur. Your websites might not be reachable anymore, your players cannot connect to your gameserver or all other services will not start.

To avoid this it is necessary to find big files on your system and to get rid of them. Today we will show you how to do this.

Linux:

1. Connect to your server using SSH

2. Execute the following code:

# Change into root folder
cd /

# Find the top 10 files. This may take a while:
find -type f -exec du -Sh {} + | sort -rh | head -n 10

Once finished, a list of the ten largest files will be displayed. Normally these files might be old downloads or big log files. Files that are no longer used can be deleted, of course. Before deleting log files you should check them for errors you can solve so that the issue will be permanently fixed.

3. Using the command below you can remove files

rm <path_to_file>

Windows:

In Windows you might not find big log files but forgotten downloads. To find them the following freeware is perfect:

http://www.jam-software.de/treesize_free/?language=EN

Once you downloaded and executed the software you can start scanning a partition. A list of all files will be displayed. Please make sure not to delete Windows system files 😉 .

Posted by: Matthias | Tagged as: , , , , No Comments
23Nov/160

Available now: Windows Server 2016

Not long ago, Microsoft officially launched its latest operating system for server systems, Windows Server 2016. We immediately went to work and performed numerous functionality tests and thus ensured a smooth integration in our systems. Today we can finally say:

Windows Server 2016 is available as an upgrade for all our root servers and VPS with 100% SSD!

As you already know from Windows Server 2012, you can once again choose between the Standard Edition and the Datacenter Edition when ordering Windows Server 2016.

If you are a new customer or place an additional order, you can select Windows Server 2016 as your operating system during the order process on our homepage. We kindly ask existing customers to send a short e-mail to our support department, then we will process the upgrade manually.

So what are the costs of Windows Server 2016 at Contabo?

The most important thing first: As a special service for our customers, we offer Windows Server 2016 free of charge for the first two months - for every root server customer. In other words:
No costs apply for the use of Windows Server 2016 on a root server within the first two months.

If you opt for a root server at Contabo, you are free to choose between the two new versions as well as the previous versions of Windows Server 2012 – in addition to a broad selection of Linux distributions. For most of our Dedicated Servers, Windows Server 2016 Standard Edition is available for 39.99€ per month (from the 3rd month onwards, free of charge before). The Datacenter Edition is a bit more expensive with a monthly fee of 279.99€ (from the 3rd month onwards, free of charge before); however, it offers the ambitious user additional possibilities, as for example in the field of virtualization.

If you decide to order one of our VPS with 100% SSD disk space and add Windows Server 2016 as your operating system of choice, you automatically receive the premium Datacenter Edition. It is available from 5.99€ per month for our VPS – the eventual monthly fee depends on the chosen VPS model. Of course, all available Linux distributions can be selected as the operating system for your VPS as well.

Order your new Contabo VPS or root server with Windows Server 2016 today!

19Oct/160

Upgrading Plesk from 12.5 to Onyx

With this short tutorial we will show you how to upgrade your Plesk 12.5 version to Plesk Onyx.

Before proceeding you should perform a backup of all important data. An upgrade always bears the risk of data loss.

On an SSD VPS you will have the ability to create a snapshot, creating a snapshot will give you the possibility to perform easily a rollback to the state "before upgrading".

On any other VPS or dedicated server we recommend downloading all backup files to your local PC or to our FTP backupspace.

After you have saved all important data you will be able to continue upgrading:


Linux:

1. Login via SSH and use sudo -i to start a shell with "root" privileges
2. Type in the following command:

plesk installer

If this command is not working, you can download and execute the installer using the following commands:

wget http://autoinstall.plesk.com/plesk-installer
chmod +x plesk-installer
./plesk-installer


Windows:

1. Login via RDP and open the CMD.exe with Administrator rights (Windows-Key + R)
2. Type in the following command:

"%plesk_bin%"\ai.exe --console


Once you have opened the Plesk Installer you will probably see a warning telling you to backup all your important files.

plesk_windows

After you have agreed you should see something like the image below, there should be displayed your current version of Plesk; if you want to perform the upgrade you will have to select the right version by typing the correct number, in this case number 2.

plesk_upgrade_versionen

After typing in the number of your desired Plesk installation you will accept the download of those new packages. Please note that this step can take up to 30 minutes, it really depends on the Plesk extensions you have installed.

plesk_upgrade

After the upgrade was completed you should verify that everything is working properly.

If you plan to install additional software or change some software you can of course run the Plesk Installer again and select the packages which should be installed.

plesk_software

We kindly ask for your understanding that analyzing problems can be very difficult for us, in case you encounter issues after having added or removed some software through the Plesk Installer. In any case we recommend backing up all your files before making any changes to your Plesk installation.

By the way: Plesk offers tutorials about the upgrade process as well, just click here to access the Plesk University!

There is also the option to start a clean reinstallation of your server with the latest version of Plesk within your customer control panel, in this case creating a backup of your important data prior to the installation is vital, because all data stored on your server will be lost.

 

 

Posted by: Gianni-Donato | Tagged as: , , , , , No Comments
19Feb/1410

New server model? Your opinion matters!

Recently, there have been some new hardware releases which also could be very interesting for possible new dedicated server offers. Once again, we would like to ask for your feedback on the following alternatives.

Given the choice between the following options, which server would you buy?

View Results

Loading ... Loading ...

Each of these servers can be equipped with any combination of SSDs/HDDs. You can choose freely. These would be possible prices:

2 TB HDD: 3.49 EUR per month
3 TB HDD: 4.49 EUR per month
4 TB HDD: 6.49 EUR per month
256 GB SSD: 7.99 EUR per month
500 GB SSD: 12.49 EUR per month

We would be thrilled to hear why you would prefer one of them over the other. Or is there an entirely different configuration which you would be interested in? Feel free to post in the comments for this.

Looking forward to hearing from you :-)!

Mike

31Jul/130

System Rescue CD: First Steps

sysresccd login

Many of you have already heard about it or even used it once in a while, but most of you have probably not been introduced to it yet: Our rescue system! While hopefully not being needed at all, it provides many possibilities to fix certain problems and to bring the machine back online as soon as possible. When the server is down, every second counts. It is important to know what to do beforehand. Thus, I will provide you with some basic information first:

Our rescue system is based on the SystemRescueCD. This is a specialised Linux distribution for recovery purposes. I can highly recommend it for private usage as well. I always carry a bootable thumb drive with me ;). The rescue system starts on our servers via PXE network boot. This has several advantages:

  • It is available as long as the server is connected to our network.
  • It is always accessible with the same known login credentials.
  • It boots isolated from the operating system and its settings.

The rescue system can be chosen for Dedicated Servers or VPS's in your Customer Control Panel. After clicking on the rescue icon, a new page opens with a short info text and the version control. The version should match the operating system. This is 64 bit in most cases. Once you click on "Start rescue system", your server will reboot right away.

The system will be available after a few minutes via SSH under the server IP and the default port 22. The root password is the default one that we have sent you when you ordered the server. We can send you that e-mail again if necessary. We recommend PuTTy (command line) and WinSCP (file transfer) as Windows clients.

You will probably need access to your data. Check first which partitions are available:

fdisk -l

The root file system is usually located on /dev/sda2 or /dev/vda2. Use the following command to mount the according partition:

mount /dev/sda2 /mnt/custom

Your server files are now available in /mnt/custom.

If you use Windows as operating system on your server, our rescue system can be helpful despite the different architecture. The C: drive is usually located on /dev/sda2 or /dev/vda2. The command to mount it with write access is a bit different:

ntfs-3g /dev/sda2 /mnt/windows

You are now set to modify configuration files or to retrieve personal data. WinSCP is perfect for those purposes.

When you have finished your work and want to boot your server normally again, enter the following commands:

exitrescue
reboot

Your server should then boot from the hard disk again and be available as usual.

This was supposed to be a short introduction. Becoming familiar with the Linux shell and its possibilities is very advantageous. I can definitely recommend the tutorials on nixCraft for further reading.

More tutorials for certain procedures will follow, so stay tuned!

 

Posted by: Tino | Tagged as: , , , , No Comments
20Dec/120

♡ ★ ♡ December 20th ♡ ★ ♡

Dedicated Server XStrength, power, energy. So many words for just a single letter:
Dedicated Server X

Watch out - this offer is available only today!

Save 10 Euros - Dedicated Server X instead of 149.99 EUR permanently for 139.99 EUR.

The server delivers the highest performance that we had offered so far - it is characterized primarily by ultimate speed and ultimate power.

Convince yourself:
Intel Core i7 3930K 6 x 3.20 GHz (Sandy Bridge-E)
- 64 GB DDR3-RAM
- 256 GB SSD (Samsung 830)
- 3000 GB S-ATA HDD
- 100 Mbps switch port
- Unlimited Traffic

 

Posted by: Katharina | Tagged as: , , No Comments
18Oct/120

“I’m thinking about continuing & renewing my server. EVERYTHING JUST, BECAUSE CUSTOMER SUPPORT IS GREAT”

On some day during the last week a very good customer who has been renting a Dedicated Server in our datacenter wrote us that he did not necessarily need the server at this time anymore, because the gameserver project he wanted to develop failed. No more need for a dedicated server you might think at this point. But did this great customer cancel the server with Giga-International.com due to vacany? Never ever! Have a look on the email conversation between the customer and our support department by yourself:

Customer:
"How important I am for you guys?

Just asking, because I'm bored. My gameserver hasn't been finished yet since there's no
players and server is useless for me at this time, but I would like to continue with my
server if there's something to do with it. Actually yes. There is, but I've to develop
everything from starting point.
Tell me. Do I continue? :3
"

Giga-International support department:
"
Dear Mr <customer's name>,
Thank you very much for your inquiry.
Please take note that unfortunately we are not really sure what exactly you want us to do.
Therefore we would kindly ask you to paraphrase your message and send it to us once again.
As soon as we receive your e-mail we will immediately respond back to you.
We are looking forward to receiving your soonest reply.
If you have any questions or need help, please do not hesitate to contact us.
--
Best regards,
Kundenservice / Customer support
"

Customer:
"
I'm thinking about continuing & renewing my payment. EVERYTHING JUST, BECAUSE CUSTOMER SUPPORT IS GREAT...
I do not necessarily need server at this time, because I don't have any gameservers that I
can run there, but I'll renew my payment and I can try think some gameservers. I can not
ever hope to be succeed with my gameservers. I'm losing my hope, because no one plays
there ever, but I think I'll buy at least a one month more of the server I already have.
If I don't try... I cannot be succeed.
Any great ideas what to do with dedicated? 🙂
Thanks! I'm always happy about this support. It's reliable, fast and really nice people
there.
"

That's what we call a great loyalty - we really appreciate having so kind and content customers! 🙂

I'd like to thank our nice customer that he gave me his permission to mention this incident in our blog.

21May/120

A customer’s gift for Giga-International

One of our customers has created a gift for us. He created a really nice website including a flash movie about us:

http://giga-international-lovers.com

He presented it to us with the words "And I'm Proud To Be One Of Giga-International Customers".

You can imagine how happy we are having received this amazing animation. Thank you so much!!

This gift is definetly an appeal for us to keep up our efforts in order to provide really good services and products to all of our customers.