Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Replace iTools with your own web and mail servers UNIX
Given the end of free iTools, I decided to post a guide on how to set up your own domain on your OS X box at home with an email and web server. This requires an always-on connection (though dynamic IP is okay). Also, it assumes the use of OS X 10.1.5, and some steps require the Developer Tools. Finally, a good understanding of UNIX would definitely be useful. I can't guarantee the success, as most of this was written in hindsight, so proceed at your own risk. I would suggest reading the comments by other people to make sure nothing extremely bad is done by following these instructions.

Read the rest of the artcile for the detailed how-to...

  1. Sign up for dynamic IP service: This service takes care of DNS and allows one to use a fixed domain name with a dynamic IP. Go to You have two options, either get a free domain that's restricted to being a sub-domain of a huge list of possibilities (for example, you could get where yourdomain is anything), or sign up for custom DNS to use any domain (for example where yourdomain is anything), which costs a $30 "donation" to Make sure to download an OS X compatible program to keep updated with the correct IP. I use If you use one of the free domain names skip the next step.

  2. Sign up for a domain name: This is the actual named address to access your box. You need to sign up at one of the places to register a domain. recommends, which is what I use. Make sure you pass in the DNS servers, and also make sure to register your domain with Within 48 hours, your domain should point to your computer.

  3. Set up router/firewall: This step is only needed if you have a router or firewall. Basically, you need to let information related to mail and web through to your server. Only allow the ports to services you actually use. The important ports that should be known about are:
     Port   Service
    22 ssh (remote login)
    25 smtp and mail (mail server)
    80 http (web server)
    143 imap (used for remote access of mail)
    548 afpovertcp (Apple File Server, for remote access of files)
    You might notice that FTP is missing. This is because the FTP server is often used for a Denial of Service attack, something that can drastically slow down your connection. Since I do not know how to defend against this, I figure it's better to just leave it off. I also leave SSH blocked by my router, as leaving it on can give complete access to a machine through hacking a password. By now SSH and afpovertcp should already work with your domain.

  4. Set up the server to use your domain: The remaining steps require the use of and sudo. I can not guarantee you won't mess up your system, so please only precede if you know what you is going on. Here we have to let the server know what it's domain name is. We will start with the unix side. Open Go into the /etc directory (sort of the "Preferences" folder for unix):
     % cd /etc
    Now edit the file "hostconfig", using sudo so that we can save: % sudo hostconfigThis should open up an editor window with this file. Find the line "HOSTNAME=-AUTOMATIC-" and replace "-AUTOMATIC-" with "". Now we need to turn on what services this server provides. Turn all "-NO-" to "-YES-" for each service. For example:
    Save the file (type Control-x Control-s) and exit emacs (Control-x Control-c). Now we need to take care of the OS X side of things. Open "NetInfo" in the Utilities folder. Authenticate. Browse to /machines/localhost. Edit the "name" property, so that it is a list with "" first and "localhost" second.

  5. Set Up Web Server: The Apache web server uses the traditional unix file system to store it's files. Therefore its configuration file is in /etc. Go to its configuration directory:
     % cd /etc/httpd/
    This directory holds the Apache config files. Open httpd.conf in emacs:
     % sudo emacs httpd.conf
    Search for the line with a commented out "ServerName", or in other words hit Control-s, type "ServerName", and hit return. The cursor should be in the correct place. Uncomment the line and replace "fisheye" with "". There are several other configuration details you may wish to do, so just look through this file and read the comments. Finally we need to turn on the web server. Simply open "System Preferences", go to "Sharing", and click the button to turn on "Web Sharing". That should be it. Your web documents should be placed in in "~/Sites", or "/Library/WebServer/Documents".

  6. Set Up Mail Server: Now comes what is probably the most difficult portion of the process, setting up the mail server. We will use the unix program "sendmail", which comes with OS X. I figured this out through various hints at, especially with the article "Update to Mac OS X Terminal, Part 3" at We need to generate the sendmail configuration file. Go to the directory with the default conf file and copy it for editing:
     % cd /usr/share/sendmail/conf/cf
    % sudo cp
    The default should work as is. So we need to compile it and put it in the correct place, but first backup the original configuration file:
     % sudo cp /etc/mail/ /etc/mail/
    % m4 ../m4/cf.m4 > /tmp/
    % sudo cp /tmp/ /etc/mail/
    We also need to tell NetInfo where to look for the configuration file:
     % sudo niutil -create . /locations/sendmail
    % sudo niutil -createprop . /locations/sendmail /etc/mail/
    This is the command line version of "NetInfo". Now do some other miscellaneous things that sendmail requires to work properly:
     % sudo chgrp smmsp /var/spool/clientmqueue
    % sudo chmod g-w /
    The last line will make the root directory uneditable. This is a security measure, though if this really is a problem, it is possible to get around it. Look at the various other sendmail articles to see how.

    Finally, we need to make sendmail start when the computer is turned on. This is done by fixing the corresponding System StartupItem file. Open the shell script that gets run at startup:
     % sudo emacs /System/Library/StartupItems/Sendmail/Sendmail
    Directly below the line "/usr/sbin/sendmail -bd -q1h", which is near the bottom, add the line:
    /usr/sbin/sendmail -C /etc/mail/ -q1h
    Restart. Now sendmail (which incidently also receives mail) should be working find. Try it out:
     % mail
    You can use any email address, and to finish the email type a line with a single '.' You should also be able to receive mail now. Try sending an email to, where username is the short name to any OS X User on the server computer. To read the email on the command line type:
     % mail
    A list of new emails will show up, and just type a number to read the corresponding email.

  7. Set Up "" to read your unix account: Unfortunately, "" has a bad bug that makes setting it up to read your UNIX mail unnecessarily difficult. I found this tip at as well. This step must be done for each user that wants to check unix mail with We need to create a folder for to use for the unix account:
     % cd ~/Library/Mail
    % mkdir
    % chmod 700
    Now we need to setup Open the preferences window. Click "Create Account". Choose Account Type: "UNIX Account". Fill out the remaining information using "localhost" for SMTP Server. Now go to the "Account Options" tab. Set "Account Directory: " to "~/Library/Mail/". This will add "Inbox" to your personal mailboxes, which should show all your unix mail.

  8. Set Up imap: I used this imap how-to site. imap is a protocol that allows you to access your mail remotely. Unfortunately, it is not included in OS X, so you need to download it first. imapd is a strange program in that it does not have a configuration file; all configuration is done in the actual source code. Luckily, this is pretty much taken care of for us. Now go to the place where you unzipped the tar.Z package, into the subfolder "imap-2002.RC2", and type "make osx" in Once it is finished, we need to place the newly compiled "imapd" into the correct directory, making sure "username" is your username:
     % mkdir -p /usr/local/libexec
    % sudo cp imapd/imapd /usr/local/libexec
    % sudo ./
    % sudo ./ username
    Finally, we need to setup imapd so it runs at startup. Open "/etc/inetd.conf" in emacs:
     % sudo emacs /etc/inetd.conf
    Uncomment (remove all # signs) the line:
      ##imap4 stream  tcp     nowait  root    /usr/libexec/tcpd               /usr/local/libexec/imapd
    Restart. Imap should now work.
As I stated earlier, this is all written with hindsight, so it should work but this set of instructions has not actually been tested yet.

[Editor's note: Please heed the warnings - if you don't understand the Terminal very well, you could potentially do some "Really Bad Things" to your machine with this hint, so proceed with caution! Also note that many ISPs, mine included, block server access on lower ports to prevent people from running their own servers. If this applies to you, you'll have to figure out how to remap your services onto higher port numbers; this hint should get you started...]
  • Currently 3.50 / 5
  You rated: 5 / 5 (4 votes cast)

Replace iTools with your own web and mail servers | 35 comments | Create New Account
Click here to return to the 'Replace iTools with your own web and mail servers' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Authored by: VEGx on Jul 28, '02 11:44:44AM

I was just thinking how to do this! As many others, I reckon.

Now, all I need is to get my cable company re'connect me to Internet at my new appartment and I'll be running my own mail server!

[ Reply to This | # ]
Authored by: ryan141 on Jul 31, '02 08:08:57AM
I have always wanted to set up a server such as this on my own. So, after following these steps, I have things working, all except the web server. So I started checking to see if my ISP (OptimumOnline) blocks port 80; it does, and I also found that by running these services, I am violating the EULA for OptimumOnline. It actually states that you can not run any type of server, FTP, web, mail or otherwise. So, if OptimumOnline ever decided to push the issue, wich, they are starting to look at ways of controlling what you do with your internet connection, I could lose my cable services.

Just my $0.02


[ Reply to This | # ]
Authored by: bluehz on Jul 31, '02 11:49:01PM
They all say that ....for what its worth....
I am violating the EULA for OptimumOnline. It actually states that you can not run any type of server, FTP, web, mail or otherwise.

[ Reply to This | # ]
imap issues
Authored by: Alex281 on Jul 28, '02 12:58:18PM
The entire thing went smoothly... until I got to setting up imap. I downloaded the source, compiled it, copied imapd to its directory. When I got to the lines:
%sudo ./ %sudo ./ username
it says files not found. I tried looking and searching for the files but i don't see them. I tried to connect through imap anyway and it displays my entire home directory contents! What did I do wrong here?

[ Reply to This | # ]
imap issues
Authored by: CaptCosmic on Jul 28, '02 02:01:09PM

This behavior is actually normal. By default, IMAP uses your home directory to store all of its folders, and reads the entire contents of the directory as mail folders.

To get around this, you can go into's Account settings. For the account on your machine, choose the Account Options tab, and set the Account Path Prefix to something like Mail_Folders. This will cause to look in a directory called Mail_Folders in your home directory. Just be sure to create this folder first.

Now, when you open up the account in, you'll see just the inbox, and any folders you have created.

[ Reply to This | # ]
imap issues
Authored by: fivefifty on Jul 28, '02 05:26:44PM

Sorry, this has to do with it being written in hindsight. Read the other comment someone else wrote for the reason your whole home directory shows up. As for the missing shell scripts, this is due to the tutorial I followed as a basis contained those extra shell scripts, that weren't part of the imap package.

[ Reply to This | # ]
Open Relay Testing...
Authored by: CaptCosmic on Jul 28, '02 02:05:34PM
If you are going to set this up, you should probably do one important thing when you get done. Run your new mail server through an Open Relay check to make sure that you aren't going to become a source of spam. One can be found at:

If your server fails any of the tests, then you either need to look into locking it down, or take it down. The world does not need any more open relays. There are enough of them in China.

[ Reply to This | # ]

Open Relay
Authored by: oculos on Jul 30, '02 11:07:38AM

How can I turn the opened relay down? Is there any check list available?



[ Reply to This | # ]
Check MacSlash for more info
Authored by: CaptCosmic on Jul 28, '02 02:16:48PM
This same article was posted on MacSlash and has generated some valuable responses. You might want to read over them before you jump into this. There are a number of security issues (other than spam relaying) which are brought up.

[ Reply to This | # ]

open relay
Authored by: aisikl on Jul 28, '02 03:34:06PM

you don't necessarily need open relay test sites -- just telnet into your own mailserver on port 25 and try to send a mail from a domain that is not your own own to a domain that is not your own -- if the mail is sent, your server is open relay, if it's not send, you have nothing to worry about --

[ Reply to This | # ]
open relay
Authored by: CaptCosmic on Jul 29, '02 11:12:56AM

The reason to use an open relay test site, though, is that they know all the valid, but obscure ways to form e-mail addresses. I believe Abuse.Net has like 17 different tests where they use obscure forms of e-mail addresses to try to get the server to relay.

[ Reply to This | # ]
WebDAV / iDisk replacement
Authored by: Moo0 on Jul 28, '02 04:16:40PM

which is probably much more interesting for 'regular' users.

I suppose that one would have to find the url for the iDisk location (some plist?) and set up mod_dav for Apache.
This, however, gave me problems when loading the module (Und symbols errors in dyld).

If I can get things running, maybe a swap-iDisk-for-own-disk would be possible (though not the iPhoto specific features probably, or not legaly anyways)

[ Reply to This | # ]
Authored by: vonleigh on Jul 28, '02 07:26:28PM


If anyone knows how to install webdav to share disks using this protocol, please post a comment.


[ Reply to This | # ]
Authored by: tknospdr on Jul 28, '02 10:05:33PM

Considering that Jaguar has FTP integration with the Finder, WebDAV isn't as important. You can just make an alias to an FTP account and put it somewhere convienent, then click on it and drag-n-drop to it just like WebDAV.

[ Reply to This | # ]
Authored by: bluehz on Jul 29, '02 12:05:21AM

Mod_dav installation and configuration:

[ Reply to This | # ]
Authored by: Moo0 on Jul 29, '02 02:12:34AM

It's quite easy; will tell you exactly how to get it running. This however won't work with "Apple's" Apache, you might need to compile another one - I'll try that later this week.

[ Reply to This | # ]
Authored by: bluehz on Jul 29, '02 03:08:16AM

I think you are right about Apple's Apache. I got WebDav up and running in about 5 mins on a Linux box (which is very similar to OS X). Thought I would try it on my OS X boxes - no luck. Thought it might be the mod_dav module so I recompiled it sever times - still no luck.

Let us know if you have any luck compiling Apache for OS X getting DAV working.

[ Reply to This | # ]
Authored by: Elander on Jul 29, '02 03:44:22AM
I wrote a "tutorial" on how to set up webdav in Mac OS X with the built in Apache server as a reply to another hint last week, about password protected file sharing. It also includes a brief explanation on how to set up "webmin" to administrate most of your servers. You can find it on my iDisk.

[ Reply to This | # ]
Good start...
Authored by: legacyb4 on Jul 29, '02 03:00:12AM

Good start to a tutorial. He's covered the basics and now only need to add in a security side to the tutorial to get cover all bases.

I've configured my home machine as a private access Web server as well as allowing for Timbuktu over SSH for remote access to my machine directly. However, I've stopped one step short of bringing my domain home due to sheer security and bandwidth issues; also, no matter how you look at it, do you really want the world on the doorstep of the machine that you use on a daily basis for personal affairs?

Even on a reasonably fast DSL line, upstream speeds are still limited compared to what a proper ISP can offer you... out here in Tokyo, NTT (the national phone company) is just starting to roll out FTTH (fiber to the home) with stated speeds of 100Mb (downstream) and 10Mb (upstream) for only a fraction more than ADSL which might make it worth considering.

[ Reply to This | # ]
An additional helpful hint for Apache
Authored by: ScooterComputer on Jul 29, '02 12:12:23PM

Since Apple seems HELLBENT on overwriting Apache config files with every update (at least they were, after this hint you won't care, like I don't, if they are still being idiots), I don't recommend making changes to the /etc/httpd.conf file.

Instead, Apple, quite conveniently, uses an include statement at the very bottom of the httpd.conf file to load the users' Sites folder configs from the /etc/httpd/users folder. Use this to your advantage!

I place a .overrides.conf file in the /etc/httpd/users folder to override any Apache statements made in Apple's default file. The way Apache loads configs, any statements put here WILL override the httpd.conf file. Likewise, I created a .vhosts.conf file to setup my server name and alias statements, as well as configuring for multiple IP addresses.

Of course, you wouldn't have to put a "." in front of the name...I do that to make sure they load first and are invisible in the Finder (not like they really need to be though).

[ Reply to This | # ]
no need to pay for a domain name...
Authored by: algritz on Jul 29, '02 03:14:03PM

If you don't want to pay for a domain name you can simply use your host name in your configuration.

I managed to configure my mac like this and it works fine.

so your email adresse will be

[ Reply to This | # ]
no need to pay for a domain name...
Authored by: bluehz on Jul 29, '02 05:51:18PM

webDav works fine in stock Mac OS 10.1.5

Anyone know how to create htaccess files (the files that allow/disallow access to web folders, etc) that will allow webdav access to the main folder asking for your login/password, yet allow unfettered (e.g. no login/password) to a subdirectory of the main folder (e.g. sites as in iDisk)?

[ Reply to This | # ]
Don't use .htaccess!
Authored by: Elander on Jul 30, '02 01:56:45AM
Use http.conf instead. A description on how to set up webdav with user authentication can be found on my iDisk. It also tells you how to install webmin to get a more user friendly way of administrating the site.

[ Reply to This | # ]
Don't use .htaccess!
Authored by: bluehz on Aug 01, '02 12:02:31AM

Thx - between your little tut and the link you gave to Apple/SSL instruction I actually got SSL up and running on my web site! Had it installed for a while - just never did anything with it. Matter of fact - the first thing I did was put the SSL to use on my WebMin. Like you - I am a BIG BELIEVER in WebMin - can't live without it. Unfortunately - the last couple of WebMin incarnations have seen some problems with runaway memory. I decide to give the instuction on the WebMin site about running WebMin from Apache a try. Solved ALL my problems AND it gave it a nice little speed boost! In the process though - since you are no longer running the built-in perl miniserver you lose your SSL connection to WebMin. So with your pointers - I managed to secure my WebMin again.

Couple of notes I discovered after several hours of tinkering. I run several name-based virtual servers on my box(es). For those that don't know - see hints on the MacOSXHints site about "virtual hosts". Basically its the ability to have one IP number and host several different named server and have everything directed to the proper location. Unfortunately SSL will not work with name based host - it will only recognize One. There's lots of technical info on why this won't work at both the Apache and mod_ssl sites if you care to dig.

In terms of my original problem - you're technique still does not allow me to offer unfettered (no login/password) access to a subfolder of a webdav-enabled dir. Like this:


I want any webdav access to take the user to the root level - /Main-Dir/ and require a login/pass. All other access (e.g. http/web) should take the user to the /Main-Dir/Sites/ dir without login/pass and not allow them to traverse back up the dir structure.

At least I have not been able to get it to work - and I tinkered with it all day. Still have not given up yet though.

[ Reply to This | # ]
Don't use .htaccess!
Authored by: Elander on Aug 01, '02 02:29:16AM

You say that you have a structure like this:


And you want any webdav access to take the user to the root level - /Main-Dir/ and require a login/pass. All other access (e.g. http/web) should take the user to the /Main-Dir/Sites/ dir without login/pass and not allow them to traverse back up the dir structure.

Well, that just won't work. WebDAV uses http, so there is no separation by protocol. The server doesn't treat a webdav client any different from a web browser, and it is not supposed to either. You have to rethink your strategy, i.e. move "/Main-Dir/Sites" somewhere else, or create a separate virtual server.

I would probably do something like this: set up a virtual server on another port (eg 8888), and use webdav to serve up "/Main-Dir/" on that server. Use the default server to serve normal web browsers and use the /Main-Dir/Sites folder as root folder on that.

I haven't tested it, but I can't see any reason why it should'nt work.

[ Reply to This | # ]
Don't use .htaccess!
Authored by: bluehz on Aug 01, '02 02:44:24PM
So far thats the only solution I have found also.
I would probably do something like this: set up a virtual server on another port (eg 8888), and use webdav to serve up "/Main-Dir/" on that server. Use the default server to serve normal web browsers and use the /Main-Dir/Sites folder as root folder on that.

[ Reply to This | # ]
Authored by: bluehz on Jul 30, '02 08:57:57AM

If you do have a real domain name you want to use - and they are cheap now (try - great registrar $15!) then you can use a DNS service like ZoneEdit or I personally prefer as they seem to offer more features - both are free.

[ Reply to This | # ]
Qmail Mail Server
Authored by: bluehz on Aug 01, '02 12:19:15AM
FYI - I have tried a lot of mailservers and so far the one I have used for the longest, has been the most stable, and easiest to maintain is definitely Qmail with Vpopmail. Its "fairly" easy to setup - not for the CLI newbie, but in general its not bad. Offers features most do not have like virtual domains, webmail, web admin, autoresponder, and is extremely modular by design. Don't dive into a Qmail or any other mailserver for that matter unless you have a couple of hours to spare and a bulldog attitude to identify and solve problems. Personally - I enjoy that activity - so Qmail works for me. After the initial setup - its a breeze!

If you plan on proceeding I would recommend:

Life With Qmail
Pretty much the definitive guide. Don't be alarmed by the breadth of documentation though.

Qmail Toaster
This is the step-by-step guide I used to install on a Linux box - basically same install on OS X box. When you come out the other end you get:

  • Qmail SMTP Mail Server with SMTP-AUTH (Plain, CRAM-MD5), TLS (SSL) support, and optional Virus Scanner.
  • POP3 Server with APOP and SSL support
  • IMAP Server with TLS (SSL) support
  • WebMail Server
  • Quota Support (usage viewable by webmail)
  • Autoresponder
  • Mailing Lists
  • Web-Based Email Administration

  • [ Reply to This | # ]
    m4 ?
    Authored by: cuddapah on Dec 22, '02 12:24:05AM

    % m4 ../m4/cf.m4 > /tmp/

    When I try to use m4 as in above, I get error msg:

    m4: Command not found.

    if I go to m4 directory and use cf.m4 > /tmp/ it gives a msg:

    ./cf.m4: line 1: syntax error near unexpected token `divert(-1)'

    Can anyone pls help.

    Thanx !

    [ Reply to This | # ]
    m4 ?
    Authored by: trippingbilly on Jan 27, '03 04:49:52PM

    I had this problem with m4 as well and have been unable to find a solution. Please help!

    [ Reply to This | # ]
    m4 ?
    Authored by: ykreutzer on Feb 13, '03 01:13:52AM

    I am receiving this same error. Do I not have m4 installed on my system? How do I add it? Can anyone please advise?

    [ Reply to This | # ]
    m4 ?
    Authored by: bluehz on Feb 13, '03 10:01:53AM

    On my machine - m4 is located initially at /usr/bin ... although in my case I also have it at /sw/bin - which takes precedence. So when I type "which m4" (to tellme where my m4 executable is) I get" /sw/bin/m4

    In your case your path variable may not have /usr/bin in it or /sw/bin in it or for that matter you may nothave Fink installed at all (thats where the /sw comes from). Try using the full command:


    and see if that helps any.

    [ Reply to This | # ]
    Can i resolve by name to machines inside the network?
    Authored by: digitalone on Mar 07, '03 01:42:08AM

    Is there anyway I can connect to machines inside my network by entering a URL like for a machine called machine2? I am considering running a straight Darwin webserver with webdav and IMAP, including webmail. Please advise.
    BTW: I'm also having a heck of a time getting webdav running on my laptop. If anyone has any advice let me know.


    [ Reply to This | # ]
    Replace iTools with your own web and mail servers
    Authored by: mstrnicegui on Mar 07, '03 03:27:43AM
    So, I have gone through setting up the sendmail portion and got to where I tried sending a message to myself and got this error:
    /etc/mail/ line 93: fileclass: cannot open '/etc/mail/local-host-names': World writable directory

    [ Reply to This | # ]
    Replace iTools with your own web and mail servers
    Authored by: mingking on Jun 14, '03 06:08:49AM

    I wanted to set up sendmail for various reasons and the steps posted worked exactly as hoped. I was a bit a wary of the number of required steps and the low level hacking. I've tried a number or these kinds of tips before (ftp issues, WebDAV config, CUPS config) and most of them were either riddled with typos that required lots of troubleshooting or just didn't work at all. This one worked first time. Great job!

    The only issue I have remaining is to get to read the incoming mail. It seems that 'UNIX Account' is no longer an option. That may have been a Jaguar change, as I'm pretty sure I saw it as an option in earlier releases. Does anyone know how to access the unix mail account in Jaguar?

    [ Reply to This | # ]