How to Migrate Email without IMAP credentials

Here are a few ways you can migrate emails without knowing the IMAP credentials.

  1. Use the Admin Password.
  2. Migrate emails using SFTP.
  3. Import/Export using RoundCube?

Use the Admin Password

Some email services allow you to use the administrator password to sign into any email account. This allows you to move emails without knowing the users password.

You can refer to this FAQ on the imapsync website.

https://imapsync.lamiral.info/FAQ.d/FAQ.Admin_Authentication.txt

Migrating Files using SFTP

Disclaimer:

This option will only work if you have ftp/ssh/filesystem access.
Depending on email volume, you could miss emails that arrive during the transition.
If possible, it is recommended to use something like imapsync.
There could be format issues if the two email servers use different mailbox formats and/or email server software.

Emails are usually stored in the users home directory. Depending on the hosting provider, it could be /mail or ~/mail

You can zip up the mail directory and then unzip on the target server. This would only work if you have access to the filesystem. Create your email accounts before unzipping.

You could transfer the passwd and shadow files to keep the email passwords the same. Again, create the email addresses on the target server first and then either overwrite, or merge the differences between the shadow and passwd files.

For example, on cPanel servers, the mail directory is in ~/mail and the shadow and passwd files are in ~/etc/DOMAIN.COM

If you are logged in as root, you will need to change ~/ to /home/USER/ substituting USER for the actual cPanel user.

Import/Export messages from RoundCube?

You can import and export emails using the RoundCube webmail interface. However, the export is limited to one. message. at. a. time. This could work for a handful of messages, but can get quite tedious if you have a large number of emails.

Checking Email Blacklist and Getting Delisted

What do you do when your email server has been blacklisted and you are unable to send emails to certain domains? It’s best to be proactive and not get on the blacklists in the first place, but in the unfortunate event you do get blacklisted, here are some notes.

Checking Blacklists

First thing is we need to see which lists we are on. There are a couple of services that check multiple blacklists

https://mxtoolbox.com/blacklists.aspx

https://blacklistchecker.com/

These should give you an idea of which ones we need to go request a delisting.

att.net (yahoo.com, bellsouth.net)

AT&T is tricky as they don’t have an online site to show if you are blacklisted or not. They don’t seem very responsive and it can take awhile.

https://www.att.com/esupport/postmaster/

Send an email to “abuse_rbl@abuse-att.net” with your Mail Server IP address, the domain and ask to be delisted. You should get an auto-reply and then they usually will do something about it in 24-48 hours

More information below

https://pinpointe.com/blog/how-to-check-att-blacklist-request-ip-removal/

Other Blacklist

These are all fairly straight forward to check out. Some of them you will need to enter in an email, or maybe set up an account, others are as simple as requesting the IP to be delisted.

http://www.sorbs.net/menu.shtml

https://www.spamcop.net/

https://barracudacentral.org/rbl/removal-request

Send an Email with Node.JS

In this post, we will be using Node.JS and the nodemailer library to send email. We need to have an email account with an email provider to send email. Gmail or some other email provider should work.

Prerequisites

First lets install some tools

sudo apt install nodejs npm

Now lets install nodemailer

npm install nodemailer

Writing the Code to Send Email

Now that we have nodemailer installed, we can write or copy our code. Create a file called maill.js and make it look similar to the following.

// We can pass in the email text as an argument
const emailText = process.argv.slice(2);
// Or we can just have it as a variable
// const emailText = "NodeJS test email message."
console.log("args " + args)

const nodemailer = require("nodemailer");

const transporter = nodemailer.createTransport({
  host: "mail.emailserver.com",
  port: 465,    //  If your email server does not support TLS, change to 587
  secure: true, // If you are using port 587, change to false.  Upgrade later with STARTTLS
  auth: {
    user: "smtpuser@emailserver.com",
    pass: "notpassword)",
  },
});

const mailOptions = {
  from: 'user@emailserver.com',
  to: "touser@email.com",
  subject: 'Test Email using NodeJS',
  text: `${emailText}`
};

transporter.sendMail(mailOptions, function(error, info){
  if (error) {
    console.log(error);
  } else {
    console.log('Email sent: ' + info.response);
  }
});

Update the following variables

  • host: to your host email server
  • user: to the email user that is sending email. It should have an account on the email server
  • pass: password for your email user that is sending the email
  • from: email address that is sending the email
  • to: email account(s) you are sending email to
  • subject: subject of your email

Now we can proceed to send email

Sending Email

We can now run the code by saving our file and running it directly with NodeJS

nodejs ./mail.js "This is the body text for the email"

Hit Return and look for the email. If something went wrong, it should throw an error.

You can change the emailText variable if you would rather have the message body inside the code.

Code Explanation and Notes

A little explanation on the code.

The second line “const emailText = process.argv.slice(2);” is used to pass in a command line argument to use as the text for the body of the email. You can delete the line and uncomment line 4 if you would rather use a variable inside the code.

Your email server should support using SSL/TLS on port 465. If it does not, you may need to use STARTTLS which uses port 587, and then set secure to false. STARTTLS should upgrade the connection to be encrypted. But it’s opportunistic. You can read more about STARTTLS, SSL/TLS here https://mailtrap.io/blog/starttls-ssl-tls/

You can change the “to: ” in the mailOptions object to an array of email addresses to send the email to multiple people at once.

to: ["email1@email.com", "email2@email.com", "etc"],

Enable TLS 1.1 and 1.2 on Windows 7

Windows 7 does not support TLS 1.1 or 1.2 by default. This can be an issue if you are still trying to use Outlook 2010 on Windows 7.

Fortunately there is a way that we can enable TLS 1.1 and 1.2.

First we need to verify that we have the correct Windows update in place. Download the appropriate download and double click it to run.

For 64 bit systems download the update from here

http://download.windowsupdate.com/c/msdownload/update/software/updt/2016/04/windows6.1-kb3140245-x64_5b067ffb69a94a6e5f9da89ce88c658e52a0dec0.msu

or for 32 bit systems

http://download.windowsupdate.com/c/msdownload/update/software/updt/2016/04/windows6.1-kb3140245-x86_cdafb409afbe28db07e2254f40047774a0654f18.msu

After the update is finished, create a new text file (AKA PowerShell Script) with the following contents.

$arch=(Get-WmiObject -Class Win32_operatingsystem).Osarchitecture
$reg32bWinHttp = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp"
$reg64bWinHttp = "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp"
$regWinHttpDefault = "DefaultSecureProtocols"
$regWinHttpValue = "0x00000a00"
$regTLS11 = "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client"
$regTLS12 = "HKLM:SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client"
$regTLSDefault = "DisabledByDefault"
$regTLSValue = "0x00000000"

Clear-Host
Write-Output "Creating Registry Keys...`n"
Write-Output "Creating registry key $reg32bWinHttp\$regWinHttpDefault with value $regWinHttpValue"

IF(!(Test-Path $reg32bWinHttp)) {
    New-Item -Path $reg32bWinHttp -Force | Out-Null
    New-ItemProperty -Path $reg32bWinHttp -Name $regWinHttpDefault -Value $regWinHttpValue -PropertyType DWORD -Force | Out-Null
}
ELSE {
    New-ItemProperty -Path $reg32bWinHttp -Name $regWinHttpDefault -Value $regWinHttpValue -PropertyType DWORD -Force | Out-Null
}

IF($arch -eq "64-bit") {
    Write-Output "Creating registry key $reg64bWinHttp\$regWinHttpDefault with value $regWinHttpValue"
    IF(!(Test-Path $reg64bWinHttp)) {
        New-Item -Path $reg64bWinHttp -Force | Out-Null
        New-ItemProperty -Path $reg64bWinHttp -Name $regWinHttpDefault -Value $regWinHttpValue -PropertyType DWORD -Force | Out-Null
    }
    ELSE {
        New-ItemProperty -Path $reg64bWinHttp -Name $regWinHttpDefault -Value $regWinHttpValue -PropertyType DWORD -Force | Out-Null
    }
}

Write-Output "Creating registry key $regTLS11\$regTLSDefault with value $regTLSValue"

IF(!(Test-Path $regTLS11)) {
    New-Item -Path $regTLS11 -Force | Out-Null
    New-ItemProperty -Path $regTLS11 -Name $regTLSDefault -Value $regTLSValue -PropertyType DWORD -Force | Out-Null
    }
ELSE {
    New-ItemProperty -Path $regTLS11 -Name $regTLSDefault -Value $regTLSValue -PropertyType DWORD -Force | Out-Null
}

Write-Output "Creating registry key $regTLS12\$regTLSDefault with value $regTLSValue"

IF(!(Test-Path $regTLS12)) {
    New-Item -Path $regTLS12 -Force | Out-Null
    New-ItemProperty -Path $regTLS12 -Name $regTLSDefault -Value $regTLSValue -PropertyType DWORD -Force | Out-Null
    }
ELSE {
    New-ItemProperty -Path $regTLS12 -Name $regTLSDefault -Value $regTLSValue -PropertyType DWORD -Force | Out-Null
}

Write-Output "`nComplete!"

Save the file as “tls-reg-edit.ps1”

If saving it using notepad, change Save as type: All files (*.*)

Open a PowerShell. Change directories “cd” to the location you saved the above script to. ie. cd Downloads

Run the script with the follow command. Note you will most likely need to hit Y to allow the scripts to run.

Set-ExecutionPolicy Bypass -Scope Process ; .\tls-reg-edit.ps1

After the script runs, you’ll need to reboot your computer.

The script and information was taken from the following link. Thanks cPanel!

https://docs.cpanel.net/knowledge-base/security/how-to-configure-microsoft-windows-7-to-use-tls-version-1.2/

There is also more information at the following Microsoft link.

https://support.microsoft.com/en-us/topic/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-winhttp-in-windows-c4bd73d2-31d7-761e-0178-11268bb10392

How to Send an Email using Telnet

We’ll be using telnet to connect to a mail server and send ourselves an email.

The parts in bold are the commands to enter.

[bob@linux ~]$ telnet mail.website.com 25
Trying mail.website.com...
Connected to mail.website.com.
Escape character is '^]'.
220-mail.website.com ESMTP Exim 4.85 #2 Mon, 09 May 2022 22:12:59 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
HELO domainto.sendfrom.com
250 mail.website.com Hello domainto.sendfrom.com [192.168.1.2]
MAIL FROM: <bob@incredigeek.com>
250 OK
RCPT TO: <bob@incredigeek.com>
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
Subject: Test Message

This is a test

.
250 OK id=5a1g7i-1347MT-1p
QUIT
221 mail.website.com closing connection
Connection closed by foreign host.

Further links to read

https://github.com/maildev/maildev/issues/212

Adding Email Disclaimer for Entire Domain on WHM/cPanel

Email Disclaimer

Altermime is a small utility that allows you to append a disclaimer to all outbound emails on a cPanel server.

1. Installing altermime

You should be able to copy and paste the following commands in. You’ll need to be root.

cd /usr/local/src/ 
wget pldaniels.com/altermime/altermime-0.3.10.tar.gz 
tar xvfz altermime-0.3.10.tar.gz 
cd altermime-0.3.10 
make 
make install

2. Setup Disclaimer Text

Create two disclaimer files. One is text and the other is for HTML.

Text file

nano /usr/local/etc/exim/textdisclaimer

Add your disclaimer text.

-------------
incredigeek.com

HTML File

Create the HTML disclaimer file with

nano /usr/local/etc/exim/htmldisclaimer

And add your disclaimer HTML to the file. Example:

<p>
-----
<br />
  <a href="http://www.incredigeek.com">incredigeek.com </a>
</p>

3. Modify Exim Configuration

Now that we have the disclaimer files set up, we can move on to configuring Exim so the disclaimer text gets added to every email sent out.

Open up WHM and go to Exim Configuration Editor -> Advanced Editor

Exim Advanced Editor

A. Configuring Routers Configuration

Find the ROUTERS CONFIGURATION section. We will add some configuration in the “Section: PREROUTERS

Add disclaimer to Single Domain

Paste in the following to add the disclaimer to a single domain. Replace “incredigeek.com” with your domain.

disclaimer:
driver = dnslookup
domains = ! +local_domains
transport = ${if eq {$sender_address_domain}{incredigeek.com}{disclaimer_smtp}{remote_smtp}}
no_more
Add Disclaimer to Single Domain

Add Disclaimer to Entire Server (Optional)

If you would rather apply the disclaimer to the entire server, use the following.

disclaimer:
driver = dnslookup
domains = ! +local_domains
transport = disclaimer_smtp
Add Disclaimer to Entire Server

B. Configure Transports Configuration

Once we have that added we can find the “TRANSPORTS CONFIGURATION” section and under the first “Section: TRANSPORTSTART” add

disclaimer_smtp:
driver = smtp
transport_filter = /usr/local/bin/altermime  --input=- --disclaimer=/usr/local/etc/exim/textdisclaimer --disclaimer-html=/usr/local/etc/exim/htmldisclaimer
size_addition = 1
Add Disclaimer to TRANSPOTSTART

That should be everything that you need. Send a test email to an external email account to verify that it works.

Note that it looks like sending an email locally to email addresses on the same domain or to yourself bypass the filter and do not get the disclaimer added.

The following links were helpful for getting this set up.

https://forums.cpanel.net/threads/howto-footer-disclaimer-in-outgoing-mails.98465/

https://pldaniels.com/altermime/

How To tell if an email on a cPanel server has been read from the command line

All of the emails in the email directories contain one of the following at the end of the filename

$ ls cur/ | cut -d: -f 2 | sort | uniq -c
54 2,               <- Not Read
12 2,ab             <- Not Read
83 2,S              <- Read
61 2,Sab            <- Read

The first two “2, and 2,ab” mean that the message has not been read. The bottom 2 “2,S and s,Sab” mean that the message has been read or “seen?”. Guess that is what the S is for. Not sure what ab is for.