If your going to Namesco with your Demon Email....

665 views
Skip to first unread message

Peter Shaw

unread,
Sep 4, 2016, 5:58:48 PM9/4/16
to
I'm going to use this thread to tell you (Most) of what you need to know to set it up.

I've just spent about 4 days figuring out how to transfer my Email at "shawty.demon.co.uk" onto the Exchange Essentials package.

To start with, there's a huge amount they DON'T tell you in the glossy marketing blurb that you'll get to if you follow the links in the email you got from demon announcing the death of your email service.

I'll probably turn this into a blog post on my blog at "shawtyds.wordpress.com" as a lot of it is so much easier with pictures.

IN THE BEGINNING
================
When you first click on the link in the email, you'll be taken to a page on Namesco that offers you 2 packages. The one that in general seems to be recommended package for us demon users.

The drop down will give you a list of how many user licences you want for the package, it's important to note that these are physical user licences for actual physical user accounts.

For example:
my primary email is shawty at shawty dot demon.co.uk, my wifes is sam @ shawty dot demon.co.uk

If I was to choose 2 licences, then this would give us both the ability to have a single account that we can both log into either using Office 365 on the web, or via POP from our mail clients on our respective machines.

In my case however, I use fetchmail to grab my mail, download it to my internal mail server, and distribute my mail that way, so for me one licence is enough.

In summary: you need one licence for every active log-in your planning on having, that can receive email.

So what do I do if I have X number of emails, that's going to cost a fortune?
-----------------------------------------------------------------------------
Well, ONLY if you want every one of those emails to allow one user to log into the service, IF instead you just want a number of email addresses all hitting the same mailbox (Just like your old demon email did) then you ONLY need one licence, and you add your users as aliases.

To add aliases you go into the office/outlook admin section, click on users, then active users.

From within your list of active users, click on the account for your main email (It'll be the one with the licence assigned to it) then from the side panel that slides out, edit the email address.

Your address will appear, with an alias list underneath it, and a text box with an add button next to it.

Select any domain you have registered to that account, type the user portion into the text box, then save it.

If you have multiple domains, you can use the domain settings in your outlook admin, to register that domain (I'll explain how to do this in a later post) , and it will also appear in that drop down box, meaning you don't just have to have xx...@xxx.demon.co.uk aliases, you can use one mailbox and one license to alias as many users for as many domains as you like, and once set up ALL inbound email for those accounts will land in that one folder.

There is however one thing to watch out for.

There seems to be a bug in the outlook admin webapp. If you select a different domain and add a new alias, the drop down will retain the domain you just selected, however, if you just add a new user alias, then save them both together, when you go back in, you'll find that the second one added will have the default domain name for the account assigned to it.

The solution, is simply, when you add a new alias, change the domain name back to default, then change it to the domain you want to register before you click add, that ensures the correct domain name is added.

and that's pretty much it, at least for the main part anyway, it's so much easier to explain with pictures, but if your having problems, feel free to ask.

It's getting late now, but I'll add another post soon that documents how to set up fetchmail with your new exchange essentials account, it's a little more tricky than you might expect :-)

Shawty

Tim Lamb

unread,
Sep 5, 2016, 4:13:35 AM9/5/16
to
In message <857f799f-4de0-4d95...@googlegroups.com>,
Peter Shaw <shawt...@googlemail.com> writes
>I'm going to use this thread to tell you (Most) of what you need to
>know to set it up.
>
>I've just spent about 4 days figuring out how to transfer my Email at
>"shawty.demon.co.uk" onto the Exchange Essentials package.

Thanks for this, Peter. I am just heading out to the *unknown waters*
with a deadline of the 9th. September.

Progress so far has been to set up a new domain and *lite* mail as a
back up. Works OK as webmail but not yet in Turnpike.

Next move is to transfer my Demon domain and mail to Namesco!

Looking forward to chapter 2:-)

--
Tim Lamb

Peter Shaw

unread,
Sep 5, 2016, 9:42:18 AM9/5/16
to
Part 2 - Setting up fetchmail
-----------------------------

For those of you, like me that run your own mail server, you may be using fetchmail.

Beacuse of the way the Exchange essentials package works, it's not as straightforward to get it working as it was previously.

Previously, many folks using Fetchmail, will likely have just done the following:

set daemon 300
set syslog
set postmaster shawty AT shawty.demon.co.uk

set bouncemail
set spambounce
set no softbounce

defaults:
timeout 300
antispam 554
batchlimit 100

poll mail.demon.co.uk and port 110
proto POP3
auth password
user "shawty AT shawty.demon.co.uk" there with password "FOO" is shawty AT shawty.demon.co.uk here
no rewrite

poll mail.demon.co.uk and port 110
proto POP3
auth password
user "sam AT shawty.demon.co.uk" there with password "FEE" is sam AT shawty.demon.co.uk here
no rewrite

In essence, you would have had one polling rule for each mailbox user registered in the email portal, or one log in for the name+account AT domain style login if using the older multi drop method.

Under the new exchange essentials, this is similar, but you can ONLY have one log in per licence.

any aliases you set up when you created the account will ALL come through that one login, the email that appears to fetchmail WILL have the "To header" intact.

So logging in as "shawty AT shawty.demon.co.uk" and retrieving an email for "sam AT shawty.demon.co.uk" will mean there is a "To: sam AT shawty.demon.co.uk" header in the email text.

Unfortunately, Office 365 mangles the headers slightly, so fetchmail, even when using the "envelope 'To'" option, fails to find this header correctly, and so pushes local email ALL to the same user.

By default if there is no "is xxxxx here" clause, that user will be "fetchmail@localhost"

What you need to do instead, rather than letting fetchmail hand the email off to your local internal SMTP server, is you need to hand it off to a processing program such as "procmail"

The config for fetchmail in /etc/fetchmailrc (I'm using Ubuntu other systems may differ) should look something like the following:

set daemon 300
set syslog
set postmaster shawty AT shawty.demon.co.uk

set bouncemail
set spambounce
set no softbounce
#set logfile "/var/log/fetchmail"

defaults:
timeout 300
antispam 554
batchlimit 100

poll outlook.office365.com
proto POP3
port 995
envelope "To"
user "shawty AT shawty.demon.co.uk" with pass "FOO" to fetchmail here fetchall
ssl
sslfingerprint "3A:A4:58:42:56:CD:BD:11:19:5B:CF:1E:85:16:8E:4D"
no rewrite
mda '/usr/bin/procmail -d %T'

The astute among you will also notice the SSL finger print. Office 365 WILL NOT allow you to connect using non SSL and without a fingerprint.

To generate the finger print you need to do the following

openssl s_client -connect outlook.office365.com:995 -showcerts

from the linux command line. That will produce a LOT of output, the key part you need is the first certificate.

Copy from the first "-----BEGIN CERTIFICATE-----" to the first "-----END CERTIFICATE-----" making sure you get the begin and end lines and everything in between.

save that to a file, usually by "cat > filename" then hitting paste (Shift+insert if using putty as I do)

Once you have that copy in a plain text file, you then need to run openssl again on the file to get the fingerprint as follows

openssl x509 -fingerprint -md5 -noout -in <filename here>

This will then display a line showing the fingerprint to add to your fetchmail file.

Since the certificates are global however, the fingerprint I show above will probably be the same for anyone else connecting to the service.

Note also I connect to POP3, you can change the 995 to 993 and connect to IMAP if you wish

Once you have the fetchmailrc file setup, you then need to set up "/etc/procmailrc"

This needs to look something like the following:

MAILDIR=/var/vmail
DEFAULT=$MAILDIR/$LOGNAME/
LOGFILE=/var/log/procmail
VERBOSE=on

:0:
* ^To: .*sam AT shawty.demon.co.uk.*$
!sam AT shawty.demon.co.uk

:0:
* ^To: .*shawty AT shawty.demon.co.uk.*$
!shawty AT shawty.demon.co.uk

:0:
* ^To: .*postmaster AT shawty.demon.co.uk.*$
!postmaster AT shawty.demon.co.uk

In all cases replace " AT " with "@" (It's to stop news miners looking for emails...)

essentially, each rule started by ":0:" says, if the "to header" contains anything that has "bl...@domain.foo" anywhere within it, then forward that email to the email address following that is preceeded by an exclamation mark.

You simply need to repeat the rules, one for each alias you defined in the office admin.

You can also send the email to a further program for processing by prefixing with a pipe symbol rather than an exclamation mark, man procmail will give you more details.

Ok, so what about sending email?
--------------------------------
Well, you can send it out via your office 365 account, and if like me your using postfix, then you simply just need to set your smart host to be TLS via the office smtp settings, again "outlook.office365.com" on port 587.

However....

IF you do it this way ALL your mail will be sent from your primary account, irrespective of what the alias is, so the "From Header" in my case will ALWAYS show as "shawty AT shawty.demon.co.uk"

The original demon SMTP will still work, but unfortunately when they transfer the email across to Namesco, they tear down the safe sender record, which means that "smtp.demon.co.uk" will NO longer believe that "shawty.demon.co.uk" is who it says it is and in most cases refuse to forward the mail, believing you to be an imposter.

It is fixable though.

What you need to do is set your outgoing mail server to "deliver directly" rather than going through a smart host, then go into the DNS administration panel for your "xxxxx.demon.co.uk" domain in the namesco admin site.

Find the TXT record that holds your SPF details, it'll look something like this:

v=spf1 include:spf.protection.outlook.com -all

you NEED to add an inline A record in there, update the record by pasting over it and then saving, the new record will look something like this:

v=spf1 include:spf.protection.outlook.com a:shawty.demon.co.uk -all

Replace 'shawty' with whatever your host name is.

Save it, and give it about 30 mins to update.

What you should find now, is that when you send Email directly and NOT via a smart host, is that remote hosts can retrieve an SPF with your domain embedded, and they will believe you are who you say you are.

This also avoids the exchange email tagging all your outgoing emails with the same address.

Shawty

Andrew Gabriel

unread,
Oct 7, 2016, 8:54:16 AM10/7/16
to
In article <857f799f-4de0-4d95...@googlegroups.com>,
Peter Shaw <shawt...@googlemail.com> writes:
> I'm going to use this thread to tell you (Most) of what you need to know to=
> set it up.
>
> I've just spent about 4 days figuring out how to transfer my Email at "shaw=
> ty.demon.co.uk" onto the Exchange Essentials package.
>
> To start with, there's a huge amount they DON'T tell you in the glossy mark=
> eting blurb that you'll get to if you follow the links in the email you got=
> from demon announcing the death of your email service.
>
> I'll probably turn this into a blog post on my blog at "shawtyds.wordpress.=
> com" as a lot of it is so much easier with pictures.
>
> IN THE BEGINNING
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> When you first click on the link in the email, you'll be taken to a page on=
> Namesco that offers you 2 packages. The one that in general seems to be r=
> ecommended package for us demon users.
>
> The drop down will give you a list of how many user licences you want for t=
> he package, it's important to note that these are physical user licences fo=
> r actual physical user accounts.
>
> For example:
> my primary email is shawty at shawty dot demon.co.uk, my wifes is sam @ sha=
> wty dot demon.co.uk
>
> If I was to choose 2 licences, then this would give us both the ability to =
> have a single account that we can both log into either using Office 365 on =
> the web, or via POP from our mail clients on our respective machines.
>
> In my case however, I use fetchmail to grab my mail, download it to my inte=
> rnal mail server, and distribute my mail that way, so for me one licence is=
> enough.
>
> In summary: you need one licence for every active log-in your planning on h=
> aving, that can receive email.
>
> So what do I do if I have X number of emails, that's going to cost a fortun=
> e?
> ---------------------------------------------------------------------------=
> --
> Well, ONLY if you want every one of those emails to allow one user to log i=
> nto the service, IF instead you just want a number of email addresses all h=
> itting the same mailbox (Just like your old demon email did) then you ONLY =
> need one licence, and you add your users as aliases.
>
> To add aliases you go into the office/outlook admin section, click on users=
> , then active users.
>
> From within your list of active users, click on the account for your main e=
> mail (It'll be the one with the licence assigned to it) then from the side =
> panel that slides out, edit the email address.
>
> Your address will appear, with an alias list underneath it, and a text box =
> with an add button next to it.
>
> Select any domain you have registered to that account, type the user portio=
> n into the text box, then save it.
>
> If you have multiple domains, you can use the domain settings in your outlo=
> ok admin, to register that domain (I'll explain how to do this in a later p=
> ost) , and it will also appear in that drop down box, meaning you don't jus=
> t have to have xx...@xxx.demon.co.uk aliases, you can use one mailbox and on=
> e license to alias as many users for as many domains as you like, and once =
> set up ALL inbound email for those accounts will land in that one folder.
>
> There is however one thing to watch out for.
>
> There seems to be a bug in the outlook admin webapp. If you select a diffe=
> rent domain and add a new alias, the drop down will retain the domain you j=
> ust selected, however, if you just add a new user alias, then save them bot=
> h together, when you go back in, you'll find that the second one added will=
> have the default domain name for the account assigned to it.
>
> The solution, is simply, when you add a new alias, change the domain name b=
> ack to default, then change it to the domain you want to register before yo=
> u click add, that ensures the correct domain name is added.
>
> and that's pretty much it, at least for the main part anyway, it's so much =
> easier to explain with pictures, but if your having problems, feel free to =
> ask.
>
> It's getting late now, but I'll add another post soon that documents how to=
> set up fetchmail with your new exchange essentials account, it's a little =
> more tricky than you might expect :-)
>
> Shawty
>

Thanks very much for this.
Just got an email telling me my system administrator has already been told
my email service will be closing (which of course they haven't, because
that's me too - the last email from them was in 2013 telling me they
would now be enforcing the 30 day expiry rule).

So I have no idea when the account will close because I never got the
email telling me that.

--
Andrew Gabriel
[email address is not usable -- followup in the newsgroup]

Andrew Gabriel

unread,
Oct 11, 2016, 5:05:26 PM10/11/16
to
In article <nt85t8$i2k$1...@dont-email.me>,
So I now have an office365 account, apparently.
What's the admin login for it?
Tried my existing demon email admin account, and that doesn't work.
It does seem to want <something>@demon.co.uk
and I've no idea what password it's expecting (demon pop3, namesco
control panel, something else?)

Andrew Gabriel

unread,
Oct 12, 2016, 2:02:52 PM10/12/16
to
In article <ntjk64$l8b$1...@dont-email.me>,
and...@cucumber.demon.co.uk (Andrew Gabriel) writes:
> In article <nt85t8$i2k$1...@dont-email.me>,
> and...@cucumber.demon.co.uk (Andrew Gabriel) writes:
>> In article <857f799f-4de0-4d95...@googlegroups.com>,
>> Peter Shaw <shawt...@googlemail.com> writes:
>> Thanks very much for this.
>> Just got an email telling me my system administrator has already been told
>> my email service will be closing (which of course they haven't, because
>> that's me too - the last email from them was in 2013 telling me they
>> would now be enforcing the 30 day expiry rule).
>>
>> So I have no idea when the account will close because I never got the
>> email telling me that.
>
> So I now have an office365 account, apparently.
> What's the admin login for it?
> Tried my existing demon email admin account, and that doesn't work.
> It does seem to want <something>@demon.co.uk
> and I've no idea what password it's expecting (demon pop3, namesco
> control panel, something else?)

To answer my own question - it's a completely new login and password
which appears on the Namesco Office365 control panel when it's set
up. I was looking too soon.
Reply all
Reply to author
Forward
0 new messages