Skip to content
  • There are no suggestions because the search field is empty.

How to setup Webmail, Remote Administration, ActiveSync, CalDav, CardDav, AutoDiscover, MDDP, Webmail API, and XML API services in IIS

This article covers how to setup Webmail, Remote Administration, ActiveSync, CalDAV, CardDAV, AutoDiscover, MDDP, Webmail API, XML API, to run under IIS instead of MDaemon's own built-in webservers.

The setup and support of these services under IIS are not supported by MDaemon Technologies' support team.  Those who choose to run any MDaemon related protocols or services under IIS must be aware of all security issues and ramifications of this configuration.

 

This configuration can be automatically configured using a Powershell script designed by MDaemon Technologies.  Please contact MDaemon Support if you would like information on using this script.

Contact Support

  1. Install the Web Server (IIS) Role with ISAPI Extensions on your Window's operating system.
  2. Install Microsoft's IIS URL Rewrite component.
    1. Navigate to http://www.iis.net/download/URLRewrite in a web browser.
    2. Run the installer to install the extension.
  3. Open the IIS Manager 
    1. Click Start
    2. Click All Programs
    3. Click Administrative Tools
    4. Click Internet Information Services (IIS) Manager
  4. On the Connections pane, expand the [Machine_name] node.
    1. Right click on Sites.
    2. Click Add Web Site.
      iis_add-website-01-07
    3. Enter a Site name (i.e. Webmail). This will also create an Application Pool by the same name as the web site.
    4. Click the browse button (the button with '...') by Physical path and browse to the 'MDaemon\WorldClient\HTML' directory
    5. Set up the Type, IP Address, and port bindings as desired in the Binding section.
      • A basic configuration will leave the IP address as All Unassigned unless a specific configuration is required.
      • The Host name can be left blank unless a specific host name is required. 
    6. Click OK
      mdaemon_iis_add_webmail_website

Add HTTPS and a valid certificate to the site bindings

If you do not have a valid certificate, see the article below on how to obtain a valid certificate at no cost from Let's Encrypt using MDaemon.

How do I get a free SSL certificate from Let's Encrypt?

  1. Select Webmail site from the Connections page.
  2. In the Actions menu on the right, select Bindings... under the Edit Site section.
  3. Click Add...
  4. Select https in the Type drop down box.
  5. Enter 443 on the Port (or enter the desired HTTPS port).
    • A basic configuration will leave the IP address as All Unassigned unless a specific configuration is required.
    • The Host name can be left blank unless a specific host name is required. 
  6. Choose an SSL certificate in the SSL Certificate drop box.
    mdaemon_iis_https_bindings
  7. Click OK to add the site binding.
  8. Click Close to close the Site Bindings.

Verify the Webmail Default Document

    1. Click on the Webmail site in the Connections pane. 
    2. Double click on Default Document 
      iis_default-document-03-13
    3. Verify the default document is worldclient.dll.
    4. Remove any existing Default Documents other than worldclient.dll.
    5. Click Add and enter 'worldclient.dll' if the entry does exist
      iis_worldclient-dll-04-16
  2. Edit website feature permissions 
    1. Click on the Webmail site in the Connections pane 
    2. Double click on Handler Mappings 
      iis_webmail-handler-mapping-05-18
    3. Click Edit Feature Permissions on the Actions pane. 
      iis_edit-feature-permissions-06-19
    4. Verify the boxes for Read and Script are selected (checked), and select (check) the box for Execute
    5. Click OK 
      iis_feature_permissions-07-21

Add CJS file name extension to MIME Types

MDaemon versions 22.0 and above will need to add another MIME type to the list.

  1. Select the Webmail site.
  2. Double click MIME Types
  3. Click Add... on the Actions menu.
  4. Enter .cjs in the File name extension textbox.
  5. Enter text/javascript in the MIME type textbox.
    mdaemon_mime_types_add_window
  6. Click Ok

Edit the Default Document of the Webmail folder

MDaemon versions 19.5 and above will need to perform additional steps to utilize the Pro theme in IIS.

  1. Select the Webmail folder (not to be confused with the Webmail site name in this example) 
  2. Double click Default Document
  3. Select the WorldClient.dll default document
  4. Click Remove
    iis_default-document-pro-10-29-4-2
  5. Click Add
  6. Enter index.html
  7. Click OK
    iis_index-html-11-29-7-2

Increase the Maximum Query String to 3072 bytes

  1. Select the Webmail site
  2. Double click on Request Filtering.
    mdaemon_iis_request_filtering
  3. On the Actions menu on the right, select Edit Feature Settings...
  4. Set Maximum Query String (Bytes) to 3072.
    mdaemon_iis_edit_feature_settings
  5. Click OK


Add Webmail API Handler Mapping to IIS

  1. Select the Webmail website
  2. Double click on Handler Mappings
  3. Select Add Script Map...
    iis_add-script-map-12-29-3
  4. Enter WorldClientAPI in the Request Path
  5. The Executable Path is the worldclient.dll in the \MDaemon\WorldClient\HTML directory
  6. Enter WorldClientAPI for the name
  7. Click Request Restrictions
    iis_add-script-map-13-29-2-7
  8. Remove the check mark in the Invoke handler only if request is mapped to:
    iis_request-restrictions-14-29-1-8
  9. Select the Verbs tab and verify All verbs is selected
    iis_request-restrictions-verbs-14-29-2-8
  10. Select the Access tab and select Execute
    iis_request-restrictions-access-15-29-2-9
  11. Click OK
  12. Click Yes
    iis_script-map-yes-16-29-2-10

Add XML API Handler Mapping to IIS

  1. Select the Webmail website
  2. Double click on Handler Mappings
  3. Select Add Script Map...
    iis_add-script-map-12-29-3
  4. Enter MDMgmtws in the Request Path
  5. The Executable Path is the MDMgmtws.dll in the \MDaemon\ISAPI\MDMgmtWS directory
  6. Enter XMLAPI for the name
    mdaemon_iis_xmlapi_handler
  7. Click Request Restrictions
  8. Remove the check mark in the Invoke handler only if request is mapped to:
    iis_request-restrictions-14-29-1-8
  9. Select the Verbs tab and verify All verbs is selected
    iis_request-restrictions-verbs-14-29-2-8
  10. Select the Access tab and select Execute
    iis_request-restrictions-access-15-29-2-9
  11. Click OK
  12. Click Yes
    iis_script-map-yes-16-29-2-10

Create the URL Rewrite Rule for Webmail Pro theme

  1. Select the Webmail folder (not to be confused with the Webmail site name in this example)
  2. Double Click URL Rewrite
  3. Select Add Rules from the Actions menu
  4. Select Blank rule
    iis_url-rewrite-add-rule-03-04a
  5. Click OK
  6. Enter a name for the Inbound Rule
  7. Select Matches the Pattern in the Requested URL
  8. Select Regular Expressions in the Using drop down
  9. Enter .* in the Pattern text box
    iis_edit-inbound-rule-03-08a-b
  10. Expand the Conditions section
  11. Click Add in the Condition section
  12. Select Is Not a Directory in the Check if input string section
  13. This changes the Condition to {REQUEST_FILENAME}
  14. Click OK
  15. Click Add in the Condition section
  16. Select Is Not a File in the Check if input string section
  17. This changes the Condition to {REQUEST_FILENAME}
  18. Click OK
  19. Select Rewrite for the Action Type
  20. Enter index.html in the Action Properties
  21. Check Append query string
  22. Check Log rewritten URL
    iis_log-rewritten-url-03-08a-d
  23. Click Apply to apply the Inbound rule



Add the ActiveSync Handler Mapping to IIS

  1. Select the Webmail site from the Connections panel.
  2. Double click Handler Mappings
  3. Click on 'Add Script Map...' 
    iis_mdairsync-handler-mapping-17-30-1
  4. In the Request Path field, enter 'MDAirSync.dll'
  5. Under Executable, click the browse button (the button with '...')
  6. Browse to 'MDaemon\WorldClient\HTML\MDAirSync.dll' (on the C:\ drive by default)
  7. In the Name field, enter 'MDAirSync.dll'
  8. Click the Request Restrictions button 
    iis_mdairsync-add-script-map-18-30-6
  9. Under the Access tab, select Execute
    iis_mdairsync-request-restrictions-19-30-7
  10. Click OK
  11. Click OK 
  12. Click Yes on the dialog that asks 'Do you want to allow this ISAPI extension...'

Add the AutoDiscover Handler Mapping to IIS

  1. Select the Webmail site from the Connections panel.
  2. Double click Handler Mappings
  3. Click on 'Add Script Map...' 
  4. In the Request Path field, enter '/autodiscover/autodiscover.xml'
  5. Under Executable, click the browse button (the button with '...')
  6. Browse to 'MDaemon\WorldClient\HTML\MDAutoDiscover.dll' (on the C:\ drive by default)
  7. In the Name field, enter 'MDAutoDiscover'
  8. Click the Request Restrictions button
    iis_autodiscover-add-script-map-20-31-6-edit 
  9. Under the Access tab, select Execute
    iis_autodiscover-request-restrictions-21-31-7
  10. Click OK
  11. Click OK 
  12. Click Yes on the dialog that asks 'Do you want to allow this ISAPI extension...'

Add the MDDP Handler Mapping to IIS

  1. On the Handler Mappings Actions menu on the right, click on 'Add Script Map...' 
  2. In the Request Path field, enter MDDP.
  3. Under Executable, click the browse button (the button with '...')
  4. Browse to '\MDaemon\ISAPI\MDDP.dll' (on the C:\ drive by default)
  5. In the Name field, enter 'MDDP'
    mdaemon_iis_mddp_handler
  6. Click the Request Restrictions button
  7. Under the Access tab, select Execute
  8. Click OK
  9. Click OK 
  10. Click Yes on the dialog that asks 'Do you want to allow this ISAPI extension...'

Add the CalDAV Handler Mapping to IIS

If IIS had been configured prior to MDaemon 22, please remove the URL Rewrite rule for CalDav and run through the steps below.

  1. Select the Webmail site from the Connections panel.
  2. Double click Handler Mappings
  3. Click Add Script Map...
  4. Enter /.well-known/caldav in the Request Path textbox.
  5. Enter C:\MDaemon\WebDAV\MDWebDAV.dll in the Executable textbox.
    (Modify the directory path if MDaemon was not installed on the C:\ directory)
  6. Enter a name in the Name field; i.e MDCalDav.
    mdaemon_caldav_script_map
  7. Click Request Restrictions
  8. Select the Verbs Tab and verify All Verbs is selected.
  9. Select the Access Tab and choose Execute
    mdaemon_caldav_script_map_execute
  10. Click OK
  11. Click OK
  12. Click Yes to allow the ISAPI extension.

Add the CardDav Handler Mapping to IIS

If IIS had been configured prior to MDaemon 22, please remove the URL Rewrite rule for CardDav and run through the steps below.

  1. Select the Webmail site from the Connections panel.
  2. Double click Handler Mappings
  3. Click Add Script Map...
  4. Enter /.well-known/carddav in the Request Path textbox.
  5. Enter C:\MDaemon\WebDAV\MDWebDAV.dll in the Executable textbox.
    (Modify the directory path if MDaemon was not installed on the C:\ directory)
  6. Enter a name in the Name field; i.e MDCardDav.
    mdaemon_carddav_script_map
  7. Click Request Restrictions
  8. Select the Verbs Tab and verify All Verbs is selected.
  9. Select the Access Tab and choose Execute
    mdaemon_caldav_script_map_execute
  10. Click OK
  11. Click OK
  12. Click Yes to allow the ISAPI extension.

Add the MDWebvDAV Handler Mapping to IIS

  1. Select the Webmail site from the Connections panel.
  2. Double click Handler Mappings
  3. Click Add Script Map...
  4. Enter webdav in the Request Path textbox.
  5. Enter C:\MDaemon\WebDAV\MDWebDAV.dll in the Executable textbox.
    (Modify the directory path if MDaemon was not installed on the C:\ directory)
  6. Enter a name in the Name field; i.e MDWebDav.
    mdaemon_iis_mdwebdav_mapping
  7. Click Request Restrictions
  8. Select the Verbs Tab and verify All Verbs is selected.
  9. Select the Access Tab and choose Execute
    mdaemon_caldav_script_map_execute
  10. Click OK
  11. Click OK
  12. Click Yes to allow the ISAPI extension.

Create an MDaemon Remote Administration (MDRA) Application Pool.

  1. Right click on Application Pools.
  2. Click Add Application Pool
  3. Enter MDRA in the Name text box.
  4. Select Classic in the Managed pipeline mode drop down.
    mdaemon_iis_mdra_application_pool
  5. Click OK

Add Remote Administration as an application in IIS.

  1. Right click on the Webmail application name.
  2. Select Add Application...
  3. Enter MDRA in the Alias text box.
  4. Click Select next to Application Pool and choose MDRA.
  5. Enter C:\MDaemon\WebAdmin\Templates in the Physical Path text box.
    (Modify the directory path if MDaemon was not installed on the C:\ directory)
    mdaemon_iis_MDRA_application_create
  6. Click OK

Verify/Edit the Default Document for Remote Administration

  1. Click on the MDRA application in the Connections pane.
  2. Double click on Default Document.
    mdaemon_iis_default_document_mdra_menu
  3. Remove any existing Default Documents other than login.wdm.
  4. Click Add
  5. Enter login.wdm
    mdaemon_iis_default_document_mdra
  6. Click Ok

Add Remote Administration Handler Mapping to IIS

  1. Select the Webmail site from the Connections panel.
  2. Double click Handler Mappings
  3. Click Add Script Map...
  4. Enter *.wdm in the Request Path textbox.
  5. Enter C:\MDaemon\WebAdmin\Templates\WebAdmin.dll in the Executable textbox.
    (Modify the directory path if MDaemon was not installed on the C:\ directory)
  6. Enter MDRA in the Name field.
    mdaemon_iis_mdra_handler_map
  7. Click Request Restrictions
  8. Select the Verbs Tab and verify All Verbs is selected.
  9. Select the Access Tab and choose Execute
    mdaemon_caldav_script_map_execute
  10. Click OK
  11. Click OK
  12. Click Yes to allow the ISAPI extension.

The next 7 steps apply to Windows 2008 R2 only!  Otherwise, do not edit the Enable 32-bit Applications section of the advanced settings and continue with the article. 

Configure the Webmail Application Pool for 64-bit

  1. Double-click on Application Pools on the Connections pane
  2. Select the Webmail application pool 
  3. On the Actions pane, click Advanced Settings... 
    iis_64-bit-advanced -settings-31-35-3
  4. In the General section, locate 'Enable 32-bit Applications'
  5. Select the field and choose False 
  6. In the Process Model section, set Identity to Network Service
  7. Click OK

Enable and configure HTTP Strict Transport Security (HSTS) in IIS 10.0 and above

  1. Select the Webmail Site
  2. Click HSTS on the right panel under Configure (IIS 10.0 and above)
    mdaemon_iis_hsts_click
  3. Click Enable
  4. Enter 2592000 for the Max-Age value (30 days).
    mdaemon_iis_edit_hsts
  5. Click OK

 

If an older version of IIS is running, HSTS can be configured manually by creating the HTTP Response Header in the section below.

  • Name - Strict-Transport-Security
    Value - max-age=2592000 

 

Create Additional HTTP Response Headers

  1. Select the Webmail Site
  2. Double click HTTP Response Headers
    mdaemon_iis_http_response_headers
  3. Click Add
  4. Name - Content-Security-Policy
    Value -  img-src * data: blob:;base-uri 'self';worker-src 'self' blob:;manifest-src 'self';frame-src 'self' data:
  5. Click OK
  6. Repeat the same steps to add the following response headers:
    • Name - Referrer-Policy
      Value - same-origin
    • Name - X-Frame-Options
      Value - sameorigin
    • Name - X-XSS-Protection
      Value - 1
mdaemon_iis_http_response_headers1

Grant the 'Network Service' account Full Control of the MDaemon LogFiles registry entry

  1. Open the Windows Registry (regedit).
  2. Navigate to HKLM:\SOFTWARE\Alt-N Technologies\MDaemon\LogFiles
  3. Right click on LogFiles
  4. Select Permissions
    mdaemon_iis_regedit
  5. Click Add
  6. Enter Network Service for the object name.
  7. Click Check Name to verify the NETWORK SERVICE name is selected.
    mdaemon_iis_network_service_reg
  8. Click OK
  9. Select Network Service 
  10. Click Full Control
    mdaemon_iis_logfiles_full_control
  11. Click OK

Update the NTFS permissions of the MDaemon directory

  1. Open Windows Explorer
  2. Navigate to the MDaemon directory (by default, 'C:\MDaemon'
  3. Right click on the MDaemon directory
  4. Choose Properties 
    iis_nfts_properties-32-36-4
  5. Choose the Security tab
  6. Click Edit 
    iis_nfts_mdaemon-properties-33-36-6
  7. Click Add 
  8. Type 'IUSR'
  9. Click OK to close the Select Users or Groups dialog 
    iis_nfts-select-users-groups-34-36-9
  10. Enable Full control under Allow for IUSR 
    iis_nfts-mdaemon-permissions-35-36-10
  11. Click Add... 
  12. Type 'Network Service'
  13. Click OK to close the Select Users or Groups dialog 
    iis_nfts-mdaemon-permissions-iusr-35-36-10
  14. Enable Full Control under Allow for Network Service
  15. Click OK to close the Permissions for MDaemon dialog and wait for the changes to take effect 
    iis_nfts-mdaemon-permissions-network-37-36-15
  16. Click OK to close the MDaemon Properties dialog 

Start the Webmail site configured in IIS

  1. Open the IIS Manager
  2. Right click on the Webmail site.
  3. Mouse over Manage Website.
  4. Select Start
    mdaemon_iis_start_webmail_site

Switch from MDaemon's built-in Webmail webserver to IIS

  1. Open the MDaemon configuration session. 
  2. Select Setup
  3. Select Web & IM Services... 
  4. Select Web Server
  5. Select Webmail runs using external webserver (IIS, Apache, etc)
    iis_mdaemon-webserver-38-7
  6. Click OK

Switch from MDaemon's built-in Remote Administration webserver to IIS

  1. Open the MDaemon configuration session. 
  2. Select Web & IM Services
  3. Expand Remote Administration
  4. Select Web Server
  5. Select Remote Administration runs using external webserver (IIS, Apache, etc)
    mdameon_iis_remote_admin_setup
  6. Click Ok

To revert the Webmail and Remote Administration configurations back to the default web servers:

  • Open the IIS Manager, right click on the Webmail site, select Manage Website, and select Stop.
  • Select Application Pools, right click on the Webmail application pool, and select Stop. Do the same for the MDRA application pools.
  • Open the Windows Services menu (services.msc) and stop the World Wide Web Publishing Service (W3SVC). If the World Wide Web Publishing Service is set to Automatic in the Windows Services menu, this service will restart when the server is rebooted.  The service can be set to Manual from Automatic to prevent the service from starting on reboot. 
  • Follow the prior two steps above to switch the Webmail and Remote Administration configuration from the external server (IIS) to the built-in web server. 

To completely remove the IIS website and configuration:

  • Open the IIS manager, right click on Webmail site, select Remove to delete the site. 
  • In the IIS manager, select Application Pools and remove the Webmail and MDRA application pools. 
  • To remove IIS, open the Windows Server Manager, click the Manage button, select Remove Roles and Features, and follow the wizard to remove IIS. 
  • Remove any web.config files from the \MDaemon\WorldClient\ and \MDaemon\WebAdmin\ directories and sub-folders. 
  • Restart the server, verify World Wide Web Publishing Service is not running and follow the prior two sections above to switch the Webmail and Remote Administration configuration from the external server (IIS) to the built-in web server.