[Djigzo users] Newbie set-up help

Martijn Brinkers martijn at djigzo.com
Wed Jun 17 15:31:21 CEST 2009

Hi Dimitri,

Have you downloaded the administration guide? It explains how to setup 
the MTA and gives an overview of all the functionality.

The first step is to make sure that email is sent and received via Djigzo.

A general setup will go as follows:

Djigzo MTA

* Allow email relay from your internal sendmail (add the IP of the 
sendmail server to “My Networks”)

* Add the the domains to the “Relay domains” for which you receive email 
(firstbhpb.com etc.)

* Set the ”Internal relay host” to the IP address of the sendmail server 
(or spam server/virus scanner) to make sure that incoming email gets 
sent to your internal email server.

* If you want Djigzo to sent email to external recipients leave 
“External relay host” blank. If you use an external relay fill in the IP 
(or address) of the relay

* To make Djigzo know which internal recipients are valid recipients 
enable advanced settings and enable “Reject unverified recipient”. This 
option makes Djigzo (actually the internally used Postfix server) ask 
you sendmail server whether the user is a known user. Enable this option 
to prevent back-scatter (see http://www.postfix.org/BACKSCATTER_README.html)
Change  “reject code” from 450 (try again later) to 550 (reject) if you 
are certain that “Reject unverified recipient” is functional.

* Apply settings

Djigzo internally uses Postfix for the MTA part so for the fine details 
see http://www.postfix.org/documentation.html.

Djigzo contains a MTA (responsible for email delivery) and MPA 
(responsible for email processing like encryption etc.). The MTA 
determines for which domains you receive email. The MPA determines which 
email should be encrypted or decrypted. The MPA has to know which 
domains are internal and which are external In most setups incoming 
email for your internal users should be decrypted and outgoing email for 
external users should be encrypted. So in most setups you should add a 
domain (see page 22 of the administration guide) for each domain you 
have enabled in the MTA relay domains and make sure that the domain is 
an internal domain (to make sure that incoming email is decrypted and 
outgoing email is encrypted).

You should now create a CA server certificate and add certificates for 
your internal and/or external users. This is explained in the S/MIME 
setup guide.

Once you have setup Djigzo for sending and receiving email you can start 
experimenting with all the features.

Hope this helps.

Feel free to ask if something isn't clear.

Kind regards,

Martijn Brinkers

Dimitri Yioulos wrote:
> Hello to anyone listening.
> I'm excited about Djigzo, and would like to 
> implement it in our 65-person shop.  I DL'd, and 
> successfully installed the latest VM version on 
> VMware Server 1.0.9.  I also added the latest 
> version of VMware Tools.  I've read all of the 
> manuals, and have a general idea of what I need 
> to do to make this all work.  But, I can't seem 
> to get my head completely around it.  Someone's 
> help in setting up and getting it running would be 
> much appreciated.
> Here's my present email set-up:  latest sendmail, 
> as well as MailScanner, MailWatch, clamav, Bit 
> Defender, and spamassassin (which have been in 
> place, and running well, for five years) in DMZ.
> I'd like to place Djigzo in front of my current 
> mail server, and use self-created certificates.
> Again, help would be appreciated.
> Dimitri

Djigzo open source email encryption

More information about the Users mailing list