Difference between revisions of "EmailAutoDiscover"

Latest revision as of 20:40, 6 November 2014

Hostnames required

In the following examples, $maildomain is the domain from the email address being configured. $securedomain is a host or domain that we have an SSL certificate for. Due to the way the autodiscover works, autodiscover.$hostdomain needs to have a different IP to $securedomain

autoconfig.$hostdomain should be an IP that has no HTTPS service. $securedomain doesn't have to contain $hostdomain or $maildomain

autoconfig.$maildomain (CNAME to autoconfig.$hostdomain)

Used by Thunderbird to configure email. You can configure custom mail server names using a script to query the email address.
SSL certificate not required for this hostname.

autodiscover.$maildomain (CNAME to autoconfig.$hostdomain)

Use a CNAME in $maildomain for autoconfig.$customerdomain pointing to autodiscover.daily.co.uk
IP address must NOT allow access via HTTPS so that it uses http and follows redirect to $securedomain without giving an SSL warning.
SSL certificate not required for this hostname.

$securedomain is for after the redirect

No CNAME required for this one, but SSL certificate is required.

$maildomain DNS

autoconfig         IN CNAME  autoconfig.$hostdomain.
autodiscover       IN CNAME  autoconfig.$hostdomain.
_autodiscover._tcp IN SRV    0 1 80 autoconfig.$maildomain.

There are other SRV records which may be setup as per RFC 6186.

_imap._tcp         IN SRV    10 1 143 imap.$hostdomain.
_imaps._tcp        IN SRV    0 1 993 imap.$hostdomain.
# pop3 has a higher priority value which results in imap being preferred
_pop3._tcp         IN SRV    10 1 110 pop.$hostdomain.
_pop3s._tcp        IN SRV    10 1 995 pop.$hostdomain.

_submission._tcp   IN SRV    0 1 587 mail.$hostdomain.

In the event that POP3 and IMAP are not available (e.g SSL variants only), use something like the following:

_imap._tcp         IN SRV    0 0 0 .
_pop3._tcp         IN SRV    0 0 0 .

There is no evidence that any clients use these SRV records yet.

Windows Outlook 2007/2010/2013

Outlook 2010

Query https://autodiscover.$maildomain/autodiscover/autodiscover.xml (this needs to fail because https blocked)
Query http://autodiscover.$maildomain/autodiscover/autodiscover.xml
Get redirected to https://$securedomain/autodiscover/autodiscover.xml
Prompts for allowing that url to configure mail client

For example, if we have an SSL certificate for www.bocks.com, we can setup a redirect for https://www.bocks.com/autodiscover/autodiscover.xml and Outlook will ask user if they wish to allow www.bocks.com to configure their email settings.

Thunderbird (Windows, Mac and Linux)

Query http://autoconfig.$maildomain/mail/config-v1.1.xml
If not found, none of the other things in the list of checks that it performs apply so autoconfig fails.

Apple Mail and iOS

Requires generation of a .mobileconfig file containing the settings. This has to be downloaded via web browser to the mobile device or Mac.

Outlook for Mac

Unable to get this working.

@@ Line 1: / Line 1: @@
 http://www.andrewyager.com/blog/2008-09-13/outlook-2007-email-autodiscovery-php-server
@@ Line 6: / Line 5: @@
 https://github.com/jamesiarmes/php-ews/wiki/Autodiscovery
-It is unlikely that autodiscover can be configured without a valid SSL certificate for the domain in the email address. Implementing a mass-hosting version of autodiscover would be prohibitively expensive due to this. It would however be possible to configure it on a per-domain basis provided the SSL certificate is purchased (or a self-signed one is installed on all client machines - Would this work?)
+http://technet.microsoft.com/en-us/library/cc511507%28v=office.14%29.aspx#AutodiscoverXMLSchema
+https://bugzilla.mozilla.org/show_bug.cgi?id=521538
+http://www.emaildiscussions.com/showthread.php?t=62769
+[[Category:Email]]
+== Hostnames required ==
+In the following examples, $maildomain is the domain from the email address being configured. $securedomain is a host or domain that we have an SSL certificate for. Due to the way the autodiscover works, autodiscover.$hostdomain needs to have a different IP to $securedomain
+autoconfig.$hostdomain should be an IP that has no HTTPS service.
+$securedomain doesn't have to contain $hostdomain or $maildomain
+autoconfig.$maildomain (CNAME to autoconfig.$hostdomain)
+* Used by Thunderbird to configure email. You can configure custom mail server names using a script to query the email address.
+* SSL certificate not required for this hostname.
+autodiscover.$maildomain (CNAME to autoconfig.$hostdomain)
+* Use a CNAME in $maildomain for autoconfig.$customerdomain pointing to autodiscover.daily.co.uk
+* IP address must NOT allow access via HTTPS so that it uses http and follows redirect to $securedomain without giving an SSL warning.
+* SSL certificate not required for this hostname.
+$securedomain is for after the redirect
+* No CNAME required for this one, but SSL certificate is required.
+== $maildomain DNS ==
+ autoconfig         IN CNAME  autoconfig.$hostdomain.
+ autodiscover       IN CNAME  autoconfig.$hostdomain.
+ _autodiscover._tcp IN SRV    0 1 80 autoconfig.$maildomain.
+There are other SRV records which may be setup as per [https://tools.ietf.org/html/rfc6186 RFC 6186].
+ _imap._tcp         IN SRV    10 1 143 imap.$hostdomain.
+ _imaps._tcp        IN SRV    0 1 993 imap.$hostdomain.
+ # pop3 has a higher priority value which results in imap being preferred
+ _pop3._tcp         IN SRV    10 1 110 pop.$hostdomain.
+ _pop3s._tcp        IN SRV    10 1 995 pop.$hostdomain.
+ _submission._tcp   IN SRV    0 1 587 mail.$hostdomain.
+In the event that POP3 and IMAP are not available (e.g SSL variants only), use something like the following:
+ _imap._tcp         IN SRV    0 0 0 .
+ _pop3._tcp         IN SRV    0 0 0 .
+''There is no evidence that any clients use these SRV records yet.''
+== Windows Outlook 2007/2010/2013 ==
+Outlook 2010
+# Query https://autodiscover.$maildomain/autodiscover/autodiscover.xml (this needs to fail because https blocked)
+# Query http://autodiscover.$maildomain/autodiscover/autodiscover.xml
+# Get redirected to https://$securedomain/autodiscover/autodiscover.xml
+# Prompts for allowing that url to configure mail client
+For example, if we have an SSL certificate for www.bocks.com, we can setup a redirect for https://www.bocks.com/autodiscover/autodiscover.xml and Outlook will ask user if they wish to allow www.bocks.com to configure their email settings.
+== Thunderbird (Windows, Mac and Linux) ==
+# Query http://autoconfig.$maildomain/mail/config-v1.1.xml
+# If not found, none of the other things in the list of checks that it performs apply so autoconfig fails.
+== Apple Mail and iOS ==
+Requires generation of a .mobileconfig file containing the settings. This has to be downloaded via web browser to the mobile device or Mac.
+== Outlook for Mac ==
+Unable to get this working.

Difference between revisions of "EmailAutoDiscover"

Latest revision as of 20:40, 6 November 2014

Contents

Hostnames required

$maildomain DNS

Windows Outlook 2007/2010/2013

Thunderbird (Windows, Mac and Linux)

Apple Mail and iOS

Outlook for Mac

Navigation menu

Views

Personal tools

Navigation

Search

Tools