skip to content

IT Help and Support

University Information Services
 

During 2023 UIS will be replacing the current Hermes based Managed Mail Domain service with a new one based on Exchange Online. We will not accept any new requests to use the https method of updating a Managed Mail Domain.

The Hermes menu system is not designed to support automated updates to managed mail domains. If you want to change your mail domain without a manual upload step, there is a facility that can fetch your managed mail domain aliases file from a web server.

 

Note that if you choose this option then the menu system user interface will no longer be available for your managed mail domain.

You must provide us with an https URL that refers to a copy of your mail domain's aliases file on your web server. It must have an x.509 certificate that we can validate, in order to ensure that we are fetching from the correct server. We also need a username and password that we can use to log into your server using HTTP basic authentication, to ensure that your managed mail domain aliases file can only be fetched by us.

Aliases should be one per line, in the the traditional form, alias:address@domain, for example 
webmaster:xyz789@cam.ac.uk 
If the alias has multiple recipiens they must be separated by commas, for example
webmaster:xyz789@cam.ac.uk,abc123@cam.ac.uk

The hourly update job performs a few basic sanity checks after fetching your domain's aliases file. The alias file must contain aliases for postmasterwebmaster, and abuse. If our system is unable to fetch your file, or if any of its checks fail, or (for safety) if the file suddenly shrinks by more than 25%, then it will send an email to postmaster at your domain with details of the problem, and the live copy of your domain remains unchanged. If all the checks are passed the aliases file is installed on the live email relay servers.

Since the menu system is not available for you to request a detailed check of an https managed mail domain, we will automatically send you one each month unless there are no problems to report.

If you would like to use this facility or if you have any questions, please contact .

Background: how https domains relate to normal managed mail domains

There are roughly three parts to the managed mail domain system. The front end is the Hermes menu system, which provides a relatively friendly user interface for editing email aliases files. The back end is a set of configuration tables used by ppswitch to route email. There is an hourly cron job which fetches the aliases files from the menu system, builds the configuration tables, and copies them to the ppswitch servers.

The Hermes menu system front end is disabled for https managed mail domains. The hourly cron job is adjusted to fetch their aliases files from your web server. You provide whatever front end you want instead of the menu system.

Last updated: April 2023