The Axigen WebAdmin Service - Admin Manual

From Axigen Wiki

WebAdmin overview

Axigen's WebAdmin is the recommended administration tool for Axigen. While alternative methods are provided (Command Line Interface, text-editable configuration file), WebAdmin is the most intuitive and user-friendly tool. WebAdmin is a web-based configuration interface, tested for Mozilla and Internet Explorer, which gives you access to all configuration parameters for all services in the Axigen messaging solution. Functionally, it is considered an Axigen service, and it can be started and stopped at any time.

WebAdmin is enabled by default in the latest versions of Axigen and can be accessed on the http://127.0.0.1:9000 address from the machine running Axigen.

This chapter is dedicated to configuration options provided in WebAdmin, acting as a complete Administration Guide for Axigen. It provides information on the configuration of all parameters included in the respective tabs.

Working with WebAdmin

WebAdmin has several tabs, listed on the left hand side, each of them corresponding either to a certain section (Global Settings, Domain & Accounts, Administrative Rights, etc). Sections can be expanded - to see the tabs they contain - and retracted by clicking the section name.

When first logged in, the "Overview" page displays a notifications area containing license related information, server summary (containing version, administrative permissions, running services and anti-virus/anti-spam information). It also displays a list of Quick Links for some of the most commonly used configuration pages, grouped under three main sections: Domain & Accounts, Server Maintenance and Services & Security.

Below are described some basic principles you should keep in mind while working with the Axigen WebAdmin.

Saving the configuration in WebAdmin

After changing any parameter value in WebAdmin, you need to save the new values in the configuration files. In order to do this, you need to press the "Save Configuration" button available on all tabs, pages and sub-pages where needed. In the example below, a random password set for a user account is being saved.

Confirmation / Error messages

After each command issued, you should check the confirmation message displayed in the upper section of the page. In the example below, parameters of an account have been changed successfully.

In the following example, an account creation operation has failed and you are informed on this status in the upper section of the WebAdmin page:

Displaying / Hiding the contextual help

Starting with version 5.0, the WebAdmin Interface implements a "Contextual Help" feature, which guides you through your daily actions by explaining all the available options and parameters. "Contextual Help" is activated by default and displayed in the right hand side of each page.

To close the "Contextual Help" window, hit the "question mark button" as shown in the above screenshot. Once deactivated, you can open it again by hitting the same button, as shown below:

When accessing the WebAdmin interface you will be presented with the Overview page which displays a notifications area containing license related information, server summary, containing the server version, administrative permission, running services and enabled anti-virus/anti-spam filters information. In the top-right part of this section the "View license info" link provides direct access to the "WebAdmin" -> "General Settings" -> "License Information" and the "Check for updates" link redirects you to the "Download" section from our website, where the latest Axigen packages are available for download.

You will also find a list of quick links for some of the most commonly used WebAdmin configuration pages, grouped under three main sections: Domain & Accounts, Server Maintenance and Services & Security.

The "Overview" page can be accessed at a later time from any context of the WebAdmin interface, by clicking the "Home" button found in the top-right section of the WebAdmin interface, next to the "Contact support" and "Logout" links.

The "Global Settings" tab gives access to general configuration parameters and to registering the Axigen messaging solution with your license key. It also displays all the information concerning the uploaded license key and premium account add-ons.

General

Since Axigen 7.2.1, a configurable "Server name" parameter has been added, which is used in LDAP synchronization for clustered setups as the mailHost field.

In the "Primary Domain" text field, the domain currently set as primary is displayed. Use this field to change it to another existing domain.

The "SSL Random File" text field is used to specify the path to the file with random seed data, used first by the SSL library to seed the random number generator.

To have the disk input/output buffering activated, please check the "Enable I/O Synchronization" option.

Default timezone and default language parameters are available in this section to allow you to control, at server level, how these attributes are set for newly created domains.

The available language options are Arabian, Chinese Simplified, Chinese Traditional, Czech, German, Danish, Estonian, English, Spanish, Finnish, French, Greek, Hindi, Croatian, Hungarian, Indonesian, Hebrew, Italian, Japanese, Lithuanian, Dutch, Norwegian, Polish, Portuguese, Romanian, Russian, Swedish, Serbian, Slovak, Slovenian, Turkish.

The default selected language is English.

The languages marked with "*" are only available in the Standard WebMail interface. If one of them is selected, the Ajax WebMail interface will be displayed in English instead.

The "Axigen Object Search" section allows you to obtain information about the existing accounts, mailing lists, groups or public folders for which the search string matches any of their possible names (full email address or domain).

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

License information

To upload a license key file in the WebAdmin interface, hit the "Upload new key" button and browse to its current location on your computer.

After successfully uploading it, which includes an automatic Axigen service restart, all the details relative to the license type - including company, expiry date, version, included add-ons and different counters for mailboxes, domains, etc. - will be displayed.

• The "License Details" table shows information related to the identity, the owner and the provider of the license.
• The "License Validity Periods" table shows expiration dates and statuses for the validity periods specified in the license.
• The "License Restrictions" table shows resources available through the license and their usage status.

Premium accounts

Starting with Axigen v7.4, the total number of users included in your Axigen license is split between basic users and premium users.

The "Premium Accounts" page gives you an overview of your premium users (accounts who have the right to access the premium add-ons in your license) and allows you to reserve or clear add-on seats in your license.

The "Info" section gives you a brief information about the usage of the add-ons included in your license. It shows how many seats are available and how many are used for each add-on.

The following add-ons are available:

• Personal Organizer - corresponding to Calendar / Tasks / Notes / Journal access;
• Sharing - allows the user to share his folders or open another user's folders;
• Outlook Connector - allows access to the account data while using an Outlook Axiolk profile;
• Active Sync - allows the synchronization of emails, contacts and Calendar / Tasks data via a mobile ActiveSync client;
• Kaspersky AntiVirus - this add-on allows you to protect your users with the Kaspersky AntiVirus filter;
• Kaspersky AntiSpam - this add-on allows you to protect your users with the Kaspersky AntiSpam filter;

In the "Premium Accounts" section, activate an add-on for one or more premium users to allow them to access that add-on. If you want to restrict a user's access to an add-on, deactivate the add-on for that user. Both the activation and deactivation operations can be performed by clicking the corresponding "Configure" button.

Additionally, for a premium user to be able to use a specific add-on, you should also make sure you enable that add-on from it's account configuration.

You can also use the "Premium Accounts Search" box to filter the displayed accounts list.

Licenses generated before Axigen v7.4 will be marked as "Legacy" (see the "License Information" tab) and you will not have the basic / premium accounts type split. However, even if you have such a license, you can still use this section to control the your users' rights to access specific add-ons, as well as obtain information about the usage of the add-ons in your license.

Services

The "Services" section enables you to manage and configure the SMTP Receiving, SMTP Sending, IMAP, POP3, WebMail, WebAdmin, DNR, Remote POP and CLI services of the Axigen messaging solution.

The subsequent configuration pages of this section contain information on logging, error control, thread management and other service-specific parameters.

Services management

The "Service Management" tab allows you to monitor and configure the Axigen's running services. By default, when installing the Axigen mail server, the following services will be running: SMTP, IMAP, POP3, WebMail and WebAdmin.

Use the "Start", "Stop" and "Restart" action buttons to manage the corresponding services. Axigen can run with any number of these services inhibited.

Services marked with the red icon are stopped and as such the "Stop" and "Restart" buttons are grayed out (not available for stopped services).

Services marked with the green icon are enabled and as such the "Start" button is grayed out (not available for enabled services).

Listeners and control rules

The Axigen mail server can use different Listeners for its TCP services (SMTP Receiving, POP3, IMAP, WebMail, WebAdmin, CLI, FTP Backup& Restore, POP3 Proxy, IMAP Proxy and WebMail Proxy) and UDP services (Log and Reporting).

Listeners are network points of entry associated with an interface address and port number that grant access to a specific TCP or UDP service.

Listeners add extra flexibility and configurability to each Axigen service as they can be used to grant differentiated access to the same services for different categories of users (e.g users within a specific domain). Moreover, listeners can be associated with a variety of rules that allow defining specific limitations for connections coming from IPs within specified IP sets.

Listeners can be defined, using various parameters corresponding to that TCP service, from the configuration file (as of type "TcpListener" OBJECT-SET) or through WebAdmin (the web configuration interface). UDP service listeners have fewer parameters associated as connection related parameters do not apply to them.

Listeners

In Axigen, it is possible to configure TCP listeners for all TCP services: SMTP Receiving, POP3, IMAP, WebMail, WebAdmin, FTP Back-up & Restore, CLI, POP3 Proxy, IMAP Proxy and WebMail Proxy.

To access listener configuration in WebAdmin, first click on the service tab (SMTP Receiving, POP3, IMAP, WebMail, WebAdmin, FTP Back-up & Restore, CLI, POP3 Proxy, IMAP Proxy or WebMail Proxy). A list of the already defined listeners (if any) will be displayed under the dedicated section Listeners, sorted by their IP addresses.

Editing one of the existing listeners will result in accessing two configuration pages: "General" and "SSL Settings". The same pages will also be displayed when hitting the "Add Listener" button and choosing the "Advanced Config" option.

Example:

SMTP Receiving listeners

No matter if you are adding or editing a TCP listener, no matter on what service tab you are on, the same parameters are available in two dedicated pages: "General" and "SSL Settings".

The "General" page enables you to set a list of general parameters relative to the listener being configured such as the listener bind address, connection parameters, access control rules.

General settings

To enable the currently configured listener check the box in front of the "Enable this listener" option. To edit or specify the listener address use the IP related text boxes. Listeners are uniquely identified by their address attribute. Two or more listeners cannot have the same address value - only the first object correctly defined is considered. The listener address will be the IP address followed by a colon and the port number.

Flow control

Within the "Flow Control" section you can enforce global access limitations to this listener by setting the maximum number of: simultaneous connections, concurrent connections from each remote IP address, new connections made in a defined time interval and connections from each remote IP address in a defined time interval. The default time interval is set to 1 minute. Use the up and down arrows and drop-drown menus to specify the necessary parameters and time values.

Access control

Under "Access Control" you can define simple access lists to restrict the access to this service trough the defined listener. By clicking the 'Add Rule' button, addresses can be entered in a Network/Mask, Single IP address or IP Range format and the actions that can be taken are "Allow" and "Deny".

Further use the up and down arrows (next to the "Delete" button) to set priorities between the rules and click the "Flow Control" button in order to enforce global access limitations to the rule, using the same options as the ones described in the above section. All defined listeners have created by default a rule allowing any IP address if no other rules match Service Rules.

Other settings

An inactivity period threshold can be defined for connections made to this listener to ensure that unused resources will be free and used to provide access for other clients. Check the box in front of the option under "Other" and then use the up and down arrows and drop-down menu to specify the time limit.

For each TCP listener created you can enable SSL support and further configure SSL settings using the "SSL Settings" page. Axigen implements OpenSSL compliant SSL settings for all TCP listeners.

SSL configuration

This context allows you to configure the SSL settings for this listener. To enable SSL on the configured listener, check the box in front of the "Enable SSL" for this listener option.

Use the check-boxes available under the "Allow the following SSL versions" section to specify the SSL versions to be used by the Axigen mail server. Possible values are: SSL2, SSL3 and TLS1. While SSL 3 and TLS1 are the most recent versions, you can use any combination of these you may find useful. All three versions are enabled by default.

Path to certificate file/authorities

For all SSL / TLS connections a certificate file (containing the certificate chain used for the current listener) is a mandatory field that must be addressed with the use of the Path to certificate file attribute. The certificate chain refers to a chain of intermediate certificate issuers, that is, Certificate Authority certificates that are followed while verifying the remote server certificate.

By default, Axigen's initscript will create, on all supported operating systems and platforms, at first run, a self-signed certificate automatically saved in the data directory with the axigen_cert.pem name.

If you have another certificate file, provided by an authority, you can enter the path to this certificate and also provide the Path to certificate authorities. Axigen must be able to access these locations.

Axigen uses a .pem (Privacy Enhanced Mail - Base64 encoded) file to store both the private key and the SSL certificate. Axigen only works with NULL passphrase certificates.

Additional attributes such as the Path to DH (Diffie-Hellman) parameter, Max chain verification depth, Cipher suite, Ephemeral Key and certificate-based authentication requests can be used for more specific implementations.

• Use the Path to DH (Diffie-Hellman) parameter file to specify the path in local file system to the file containing the (OpenSSL) Diffie-Hellman parameter used by this listener. If keyword value "none" is used no file will be used. The Diffie-Hellman key agreement protocol (also called exponential key agreement) allows two users to exchange a secret key over an insecure medium without any prior secrets. Find more information about this protocol and how to configure this protocol, on the RSA Laboratories website.
• Use the Max. chain verification depth field to specify the depth of verification for the certificate chain. The depth refers the maximum number of intermediate certificate issuers i.e. the maximum number of CA certificates which are allowed to be followed when verifying the remote server certificate. For instance, a depth of 1 means the remote server certificate can be self-signed or has to be signed by a CA which is directly known to the server. The default value of 4 means that 4 intermediate certificate issuers are accepted.
• Axigen implements cipher suites active in OpenSSL, except for idea, rc5 and mdc2. Click here to see the corresponding OpenSSL documentation file listing ciphers and their OpenSSL equivalents.
• Tick the Use ephemeral key check-box to specify whether ephemeral keys should be used or not. This option allows generating ephemeral keys which actually transform all keys exchanged during one connection session into ephemeral keys (valid only for the current connection).
• Use the Request certificate-based authentication from client option to specify if client certificate-based authentication should be requested or not.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Control rules

For each service, a list of "Allow Rules" and a list of "Deny Rules" must exist, prioritized, as for the listener. For each allowed rule, flow control parameters may be defined. "Access Rules" can be of two types (Allow/Deny) and may be defined on the following levels:

• listener
• service

Listener Access Rules take precedence, if both a listener-level rule and a service-level rule match an incoming connection, the listener-level rule will apply.

Access Rules are described by a set of 2 parameters (host:ip/range/subnet - action:allow/deny/service rule). "Service rule" means practically that the listener rule will be disregarded and further checks will be made based on service level rules. "Service rule" can be selected as an action ONLY for the "host:any" access rule.

Example:

Access Control rules for the SMTP Receiving module

Service Level: Use the options under "Service Level" to specify a set of rules for allowing specific IP addresses on the currently configured service. To edit/delete any of the already defined rules, hit their corresponding "Edit" or "Delete" buttons, on the right hand side of the listener. To add a new rule use the "Add Rule" button.

Editing or adding a new rule will result in displaying the same configuration fields: the action to be taken for connections made through the configured parameter (choose between allowing or denying them the access) and the type of the connections the specified action will apply to (connections from single IP, an entire IP range, or Network/Mask).

Use the drop-down menus to select the allowed/denied connections and fill in the corresponding IP values. To enable the newly-configured rule check the box in front of the "Enable this rule" option, then hit the "Save rule" button.

Further use the up and down arrows (next to the "Delete" button) to set priorities between the rules and click the "Flow Control" button in order to enforce global access limitations to the rule, using the same options as the ones described in the section below. All TCP services have created by default a rule allowing any IP address.

Flow control

Flow Control can be enforced per:

• listener;
• service;
• listener-level allow rule;
• service-level allow rule.

For the listener "Flow Control" parameters a check-box is available, which will make all definable boxes grey on selection and put zero values on all parameters, with the explanation that enabling this disregards all the limits on listener level and will enforce the ones on service level.

The per-listener configuration always has priority over the service configuration. In other words, for access lists, an "Access Rule" or a "Flow Control" that matches a certain connection, defined for a listener will always be stronger than any rule defined on the service level, if the last one also is matched.

Within the "Flow Control" section, you can enforce global access limitations to this listener by setting the maximum number of: simultaneous connections, concurrent connections from each remote IP address, new connections to the listener made in a defined time period and maximum connections from each remote IP address in a defined time interval. The default time interval is set to 1 minute.

Use the up and down arrows and drop-down menus to specify the desired parameters and values.

After making the configurations hit the "Save Configuration" button to preserve your changes.

SMTP Receiving

The "SMTP Receiving" tab allows you to configure parameters relative to this specific service's configuration, to add listeners and manage access to the service by adding rules applicable to all existing listeners.

Listeners and control rules

The first section in the SMTP Receiving tab is "Listeners". In this section you can add, delete or edit the TCP socket listeners for the SMTP Receiving service.

Editing one of the existing listeners will result in accessing two configuration pages: "General" and "SSL Settings". The same pages will also be displayed when hitting the "Add Listener" button and choosing the "Advanced Config" option.

By default the listener will be configured on 127.0.0.1 (localhost) and port 25, which is the standard port (non-SSL) for SMTP communication.

Access control

Access rules allow you to control connection to this service from specific Networks / IP Ranges / IPs.

Flow control

The service flow control context allows you to define the max connections, max connections/interval, max peer connections, max peer connections/interval values.

Service configuration

Logging

You can select several types of messages to be logged for the SMTP Receiving service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged, click the "Log Level" slider and move it to the left or to the right. The selected types of messages will change color from whiter to gray.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the Log drop-down menu to select where to have your log files saved.

Email loop protection

A looping message is an email sent from one mail server to another, without reaching its destination. Whenever it is received by a mail server, the email message will have a received header added. To prevent such email from increasing your mail server's traffic, check the "Email Loop Protection" option and set a number of maximum received headers for all received emails. This option allows you to avoid an infinite email loop that may be caused by a faulty configuration. Values range from 1 to 1000, however the default 30 value is recommended.

Error control

To set a maximum allowed number of errors caused by invalid commands received from clients or by failed authentication attempts, check the related options in the Error Control area. Use the up and down arrows corresponding to each of these options to set a specific number of errors.

Thread management

Thread management allows you to set different numbers of processing threads for the SMTP Receiving service, depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the SMTP Receiving service is started. To have a different number of threads for peak periods, check the overload option and use the up and down arrows to choose the thread number.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

SMTP Sending

The "SMTP Sending" tab allows you to configure parameters relative to the log service and thread control.

Service configuration

Logging

You can select several types of messages to be logged for the SMTP Sending service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged, click the "Log Level" slider and move it to the left or to the right. The selected types of messages will change color from whiter to gray.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the "Log" drop-down menu to select where to have your log files saved.

Thread management

Thread management allows you to set different numbers of processing threads for the SMTP Sending service, depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the SMTP Sending service is started. To have a different number of threads for peak periods, check the overload option and use the up and down arrows to choose the thread number.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

IMAP

The "IMAP" tab allows you to configure parameters relative to this specific service's configuration, to add listeners and manage access to the service by adding rules applicable to all existing listeners.

Listeners and control rules

The first section in the IMAP tab is "Listeners". Here you can add, delete or edit the TCP socket listeners for the IMAP service.

Editing one of the existing listeners will result in accessing two configuration pages: "General" and "SSL Settings". The same pages will also be displayed when hitting the "Add Listener" button and choosing the "Advanced Config" option.

By default the listener will be configured on 127.0.0.1 (localhost) and port 143, which is the standard port (non-SSL) for IMAP communication.

Access control

Access rules allow you to control connection to this service from specific Networks / IP Ranges / IPs.

Flow control

The service flow control context allows you to define the max connections, max connections/interval, max peer connections, max peer connections/interval values.

Service configuration

Logging

You can select several types of messages to be logged for the IMAP service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged, click the Log Level slider and move it to the left or to the right. The selected types of messages will change color from whiter to gray.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the "Log" drop-down menu to select where to have your log files saved.

Encryption and authentication

By checking the "Allow StartTLS", you allow the email clients to use the "STARTTLS" command to encrypt the connection.

Select the allowed authentication types the Axigen mail server should use for its IMAP secure connections (SSL/TSL) in the SECURE connections check list. Possible options are: normal login, plain, login, cram-md5, digest-md5 and gssapi. By default, all these methods are selected (all types of authentication are allowed on a secure connection). The methods are further divided into two categories: secure and unsecure.

Select the allowed authentication types the Axigen mail server should use for its IMAP unsecure connections in the UNSECURE connections check list. Possible options are: normal login, plain, login, cram-md5, digest-md5 and gssapi. By default, the secured authentication methods are selected (only secured types of authentication are allowed on an unsecure connection).

Error control

To set a maximum allowed number of errors caused by invalid commands received from clients or by failed authentication attempts, check the related options in the Error Control area. Use the up and down arrows corresponding to each of these options to set a specific number of errors.

Thread management

Thread management allows you to set different numbers of processing threads for the IMAP service, depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the IMAP service is started. To have a different number of threads for peak periods, check the overload option and use the up and down arrows to choose the thread number.

IMAP options

You are able to configure the greeting string at IMAP service level. When defining the greeting string, you use the following placeholders (note that the placeholders are case sensitive):

•  %H = network hostname of the server machine
•  %D = network hostname.domainname of the server machine (FQDN)
•  %A = listener IP
•  %P = listener port
•  %U = APOP ID in followin format number.number@hostname.domainname
•  %V = axigen version
•  %% = %

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

POP3

The "POP3" tab allows you to configure parameters relative to this specific service's configuration, to add listeners and manage access to the service by adding rules applicable to all existing listeners.

Listeners and control rules

The first section in the POP3 tab is "Listeners". Here you can add, delete or edit the TCP socket listeners for the POP3 service.

Editing one of the existing listeners will result in accessing two configuration pages: "General" and "SSL Settings". The same pages will also be displayed when hitting the "Add Listener" button and choosing the "Advanced Config" option.

By default, the listener will be configured on 127.0.0.1 (localhost) and port 110, which is the standard port (non-SSL) for POP3 communication.

Access control

Access rules allow you to control connection to this service from specific Networks / IP Ranges / IPs.

Flow control

The service flow control context allows you to define the max connections, max connections/interval, max peer connections, max peer connections/interval values.

Service configuration

Logging

You can select several types of messages to be logged for the POP3 service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged, click the Log Level slider and move it to the left or to the right. The selected types of messages will change color from whiter to gray.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the Log drop-down menu to select where to have your log files saved.

Encryption and authentication

By checking the "Allow StartTLS", you allow sending the STARTTLS command for encrypting the connection if the server supports this command.

Select the allowed authentication types the Axigen mail server should use for its POP3 secure connections (SSL/TSL) in the SECURE connections check list. Possible options are: normal login, plain, login, cram-md5, digest-md5 and gssapi. By default, all these methods are selected (all types of authentication are allowed on a secure connection). The methods are further divided into two categories: "secure" and "unsecure".

Select the allowed authentication types the Axigen mail server should use for its POP3 unsecure connections in the UNSECURE connections check list. Possible options are: normal login, plain, login, cram-md5, digest-md5 and gssapi. By default, only the secured authentication methods are selected.

Error control

To set a maximum allowed number of errors caused by invalid commands received from clients or by failed authentication attempts, check the related options in the "Error Control" area. Use the up and down arrows corresponding to each of these options to set a specific number of errors.

Thread management

Thread management allows you to set different numbers of processing threads for the POP3 service, depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the POP3 service is started. To have a different number of threads for peak periods, check the overload option and use the up and down arrows to choose the thread number.

POP3 options

The administrator is able to configure the greeting string at POP3 service level. This option is available as a service configuration from both CLI and WebAdmin. When defining the greeting string, the administrator uses the following placeholders (note that the placeholders are case sensitive):

•  %H = network hostname of the server machine
•  %D = network hostname.domainname of the server machine (FQDN)
•  %A = listener IP
•  %P = listener port
•  %U = APOP ID in followin format number.number@hostname.domainname
•  %V = axigen version
•  %% = %

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

WebMail

The "WebMail" tab allows you to configure parameters relative to this specific service's configuration, to add listeners and manage access to the service by adding rules applicable to all existing listeners.

Listeners and control rules

The first section in the WebMail tab is "Listeners". Here you can add, delete or edit the TCP socket listeners for the WebMail service.

Editing one of the existing listeners will result in accessing two configuration pages: "General" and "SSL Settings". The same pages will also be displayed when hitting the "Add Listener" button and choosing the "Advanced Config" option.

By default the listener will be configured on 127.0.0.1 (localhost) and port 80, which is the standard port (non-SSL) for HTTP communication.

Specific to the WebMail and WebAdmin listeners is the "Secure login" section available in the Listener configuration edit -> "SSL Settings" tab.

Here you can enable the "Display secure login option on login page" which will add a "Secure login" link on the WebMail login page. Also you can set a specific listener to be used when the users click the secure link.

Access control

Access rules allow you to control connection to this service from specific Networks / IP Ranges / IPs.

Flow control

The service flow control context allows you to define the max connections, max connections/interval, max peer connections, max peer connections/interval values.

Service configuration

Logging

You can select several types of messages to be logged for the WebMail service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged, click the "Log Level" slider and move it to the left or to the right. The selected types of messages will change color from whiter to gray.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the "Log" drop-down menu to select where to have your log files saved.

HTTP Protocol options

By checking the "Allow HTTP Keep-Alive" option, you allow permanent HTTP connections for the WebMail service.

Next, you can set the HTTP limits for WebMail requests. Use the "Limit HTTP Request" header to option in order to specify the maximum allowed size for incoming HTTP headers, and the "Limit HTTP Request" body to option in order to specify the maximum allowed size for incoming HTTP body. The third option, "Limit file uploads", can be used to set the maximum allowed size for incoming upload data. It applies to attachments, mail body and contact import operations. All size values can be set by using the up and down arrows, in KB or MB and only for the "Limit file uploads" option in GB.

Select the appropriate action to be taken when the incoming data is over the set limits by using the If any of the above limits is exceeded option. Use the drop-down menu in order to choose between closing the connection immediately or allowing all data to be sent.

WebMail options

Use the drop-down boxes in the "WebMail interface" section to choose the WebMail interface type that users can access and the default interface that will be used when accessing the WebMail service.

You can check the box related to the "Allow domain selection on login" option in order to display the domain list when logging in to WebMail. If you wish to allow access via iCal in order to manage Calendar folders and Free/Busy information, check the boxes related to the "Enable Calendar (ICS) access through iCal/HTTP" and "Enable Free/Busy (IFB) access through iCal/HTTP" options.

Set the parameters for WebMail sessions by using the two options in the Session section. You can specify after what interval an inactive (idle) / active WebMail session is closed. Values for these parameters can be entered in seconds, minutes, hours or days, by using the up and down arrows.

Virtual hosts template mapping

This section allows you to configure per domain virtual hosts, similar to the virtual hosts feature of the Apache web server. This provides the option of accessing the WebMail service by entering the URL of the respective domain in scenarios were multiple independent domains are hosted on the same Axigen server.

By using the settings under Virtual Hosts Template Mapping you can display customized WebMail templates for requests with specific virtual hosts in the URL (for example, you can add "mydomain.com" as virtual host and set the template name to "mydomaintemplate" if you want the WebMail to display, for requests of type "http://mydomain.com" or "http://*.mydomain.com", the interface rendered through custom HSP files in the "<axigen_working_directory>/webmail/mydomaintemplate/" directory). All of the other requests, that have no mapping enabled, will use the default templates in the "webmail/" folder.

Detailed tutorials of how Virtual hosts can be configured are available in the following knowledgebase articles:

• How to configure Webmail virtual hosts;
• How to set custom login page for each domain;
• How to prepare the webmail for future skinning.

Thread management

Thread management allows you to set different numbers of processing threads for the WebMail service, depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the WebMail service is started. To have a different number of threads for peak periods, check the overload option and use the up and down arrows to choose the thread number.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

WebAdmin

The "WebAdmin" tab allows you to configure parameters relative to this specific service's configuration, to add listeners and manage access to the service by adding rules applicable to all existing listeners. For details on listener and rule configuration, see the "Listeners" chapter.

Through "Service Configuration" you can manage logging, HTTP protocol, WebAdmin session and thread management parameters.

Listeners and control rules

The first section in the WebAdmin tab is "Listeners". Here you can add, delete or edit the TCP socket listeners for the WebAdmin service.

Editing one of the existing listeners will result in accessing two configuration pages: "General" and "SSL Settings". The same pages will also be displayed when hitting the "Add Listener" button and choosing the "Advanced Config" option.

By default the listener will be configured on 127.0.0.1 (localhost) and port 9000.

Specific to the WebMail and WebAdmin listeners is the "Secure login" section available in the Listener configuration edit -> "SSL Settings" tab.

Here you can enable the "Display secure login option on login page" which will add a "Secure login" link on the WebMail login page. Also you can set a specific listener to be used when the users click the secure link.

Access control

Access rules allow you to control connection to this service from specific Networks / IP Ranges / IPs.

Flow control

The service flow control context allows you to define the max connections, max connections/interval, max peer connections, max peer connections/interval values.

Service configuration

Logging

You can select several types of messages to be logged for the WebAdmin service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged, click the Log Level slider and move it to the left or to the right. The selected types of messages will change color from whiter to grey.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the Log drop-down menu to select where to have your log files saved.

HTTP Protocol options

By checking the "Allow HTTP Keep-Alive option", you allow permanent HTTP connections for the WebAdmin service.

Next, you can set the HTTP limits for WebAdmin requests. Use the "Limit HTTP Request" header to option in order to specify the maximum allowed size for incoming HTTP headers, and the "Limit HTTP Request" body to option in order to specify the maximum allowed size for incoming HTTP body. The third option, "Limit file uploads", can be used to set the maximum allowed size for incoming upload data. All size values can be set by using the up and down arrows, in KB or MB and specifically for the "Limit file uploads" options, in GB.

Select the appropriate action to be taken when the incoming data is over the set limits by using the If any of the above limits is exceeded option. Use the drop-down menu in order to choose between closing the connection immediately or allowing all data to be sent.

WebAdmin options

Set the parameters for WebAdmin sessions by using the two options under the "Session" section. You can specify after what interval an inactive (idle) / active WebAdmin session is closed. Values for these parameters can be entered in seconds, minutes, hours or days, by using the up and down arrows.

Thread management

Thread management allows you to set different numbers of processing threads for the WebAdmin service, depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the WebAdmin service is started. To have a different number of threads for peak periods, check the overload option and use the up and down arrows to choose the thread number.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

DNR

The "DNR" tab allows you to configure parameters relative to logging, "DNR Options" and "Nameservers".

Service configuration

Logging

You can select several types of messages to be logged for the DNR service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged, click the Log Level slider and move it to the left or to the right. The selected types of messages will change color from whiter to grey.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the Log drop-down menu to select where to have your log files saved.

DNR options

This section allows you to configure the general parameters relative to the DNR service.

Use the "First Query Timeout" option in order to specify after how many seconds the first DNR query is closed by the Axigen mail server. The values for this parameter can be entered by using the up and down arrows, and are only expressed in seconds, ranging from 1 to 120 seconds.

In the "Max. number of retries" field you can specify the maximum number of DNR queries retries to be executed by Axigen mail server. Use the up and down arrows to enter the values of the parameter.

The "No. of cached results" option enables you to specify the number of results (IP addresses) cached for each DNR query type to be executed by Axigen mail server. The default value is 1000 IPs.

Nameservers

You can edit the list of known name (DNS) servers (specified in the operating system configuration) used by Axigen when performing DNR searches.

To edit one of the defined name servers, just change the values of the corresponding fields and then save the configuration. In the Address field, specify the IP address of the name server. The parameters corresponding to the "Query Timeout" and "Retries" fields can be configured according using the guidelines in the "DNR Options" section, available above.

To add a new name server, hit the "Add Nameserver" button displayed in the upper right corner of the "Nameservers" section. Type the nameserver address in the text box then click on "Quick Add". The "Query Timeout" and "number of Retries" can be set when adding the nameserver or later.

The "Actions" column allows you to set the priority level for the defined name servers. Use the available up and down arrows to set the order in which name servers are queried (the ones with higher priority, to the top of the list, will be queried first). Also via the "Actions" column you can use the "Delete" button to remove an existing Nameserver from the list.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Remote POP

The "Remote POP" tab allows you to configure parameters relative to logging and thread management.

Service Configuration

Logging

You can select several types of messages to be logged for the Remote POP service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged, click the "Log Level" slider and move it to the left or to the right. The selected types of messages will change color from whiter to grey.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the "Log" drop-down menu to select where to have your log files saved.

Thread management

Thread management allows you to set different numbers of processing threads for the Remote POP service, depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the Remote POP service is started. To have a different number of threads for peak periods, check the overload option and use the up and down arrows to choose the thread number.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

CLI

The "CLI" tab allows you to configure parameters relative to this specific service's configuration, to add listeners and manage access to the service by adding rules applicable to all existing listeners. For details on listener and rule configuration, see the Listeners chapter.

Through "Service Configuration" you can manage logging, authentication and encryption, error and thread control parameters.

Listeners and control rules

The first section in the CLI tab is "Listeners". Here you can add, delete or edit the TCP socket listeners for the CLI service.

Editing one of the existing listeners will result in accessing two configuration pages: "General" and "SSL Settings". The same pages will also be displayed when hitting the Add Listener button and choosing the "Advanced Config" option.

By default the listener will be configured on 127.0.0.1 (localhost) and port 7000.

Access control

Access rules allow you to control connection to this service from specific Networks / IP Ranges / IPs.

Flow control

The service flow control context allows you to define the max connections, max connections/interval, max peer connections, max peer connections/interval values.

Service configuration

Logging

You can select several types of messages to be logged for the CLI service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged, click the "Log Level" slider and move it to the left or to the right. The selected types of messages will change color from whiter to grey.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the "Log" drop-down menu to select where to have your log files saved.

CLI options

To set a limit for the number of commands allowed to be issued before having authenticated on CLI, check the respective option under "CLI Options" and use the up and down arrows to choose the desired numbers. The default value is of 20 commands.

Error control

To set a maximum allowed number of errors caused by invalid commands received from clients or by failed authentication attempts, check the related options in the "Error Control" area. Use the up and down arrows corresponding to each of these options to set a specific number of errors.

Thread management

Thread management allows you to set different numbers of processing threads for the CLI service, depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the CLI service is started. To have a different number of threads for peak periods, check the overload option and use the up and down arrows to choose the thread number.

Mobility

The "Mobility" tab allows you to enable the "Mobile User Interface" and "ActiveSync" features.

General

By enabling "Mobile User Interface", the WebMail service will attempt to detect if the connecting browser is a mobile phone browser and, if so, will serve the light XHTML version instead of the standard/Ajax WebMail pages.

By enabling ActiveSync, synchronization requests will be properly served. If this option is not enabled, ActiveSync requests will be refused. ActiveSync must also be enabled at the domain level, via the in the Domain configuration, "Account defaults" -> "Quotas and Restrictions" -> "Mobility" section.

Once your changes are complete, click the "Save configuration" button to save them.

Tutorials on how to configure and connect to your Axigen accounts via ActiveSync can be found at:

• ActiveSync knowledgebase articles.

Domains and accounts

The "Domains and Accounts" section gives access to managing and configuring domains, accounts, mailing lists, groups, public folders and account classes.

Manage domains

When first entering the "Domains" tab, a list of the previously defined domains is displayed.

If you have defined a large number of domains, you can quickly locate a certain one using the "Domain Search" option. The domain list is filtered as you type.

Domain operations

To edit an already defined domain, hit the "Edit" button on the right side of its name. To enable/disable a domain, hit the corresponding "Enable" or "Disable" button. You cannot disable a Primary Domain.

To delete a domain, hit its respective "Delete" button. You cannot delete an enabled domain. In order to change the primary domain, click the corresponding button for the domain you want to set as primary.

Add a new domain by hitting the "Add Domain" button displayed in the upper right corner of the domains list.

In the "New domain" floating panel, type the domain name and select the Postmaster password. You can also let Axigen pick a random Postmaster password by clicking the "Set random" button. The chosen password will be displayed below the field for your reference.

By selecting the "Subdomain of" option, you can create subdomains to the already existing domains. This option is unavailable if no domains have been created yet.

By clicking the "Show" button corresponding to the "Storage location details", you can customize the domain and object storage locations, as well as define multiple message storage locations with predefined sizes and number of files.

You have the possibility, in conformity with your license, to choose here if your newly created domain will support groupware features or not, by checking/unchecking "enable groupware support".

Press the "Quick Add" button to create the domain using the default settings or hit the "Advanced Config" link to further configure it.

General

When pressing the "Edit" button for an existing domain or the "Advanced Config" link, you access the six pages shown in the below screenshot. The name of the configured domain is listed in the upper section of the screen at all times.

The "Manage Domains" -> "General" tab allows you to set the running services for a specific domain and other domain related parameters.

In the "Settings" section, you can edit the name or IP of the domain you are currently editing or creating by changing the corresponding text fields.

Starting with version 6.2.2, the option "Include this domain's accounts in the public address book" is available. It is possible to control which users can view domain contacts from the Postmaster account for servers which have the Groupware add-on.

To have the domain included in the WebMail interface domain selection list (in WebMail's login page), check the respective option.

The default language and default timezone used at account creation can be selected from the corresponding drop down lists.

In the domain services list, you can enable or disable a service by using the respective buttons corresponding to that service's name.

By configuring the Catch-all section, you can decide how to treat emails sent to non existing users in this domain. The available options in the selection box are to have them rejected, to redirect them to one of the existing public folders or to redirect them to a catch-all account. If you choose to have the emails redirected to a public folder, make sure you create that public folder first, so you can pick it from the list. If the emails are redirected to an account, you can also specify a folder for the emails to be stored in, using the "Change folder" button.

Click on the "Enable groupware support" button to enable groupware for this domain (a license add-on is required to enable this option). This setting will become active after the server is restarted. There is no need to use the "Save Configuration" button after enabling Groupware. Disabling Groupware also requires server restart.

By enabling LDAP Synchronization, all users in the domain will be synchronized with entries in an LDAP server through the selected LDAP connector. In order to enable this option, at least one LDAP connector must exist.

This behavior is meant to ensure that while Axigen is automatically creating accounts (as part of the automatic migration process) no synchronizing (creating/modifying) accounts from/to a LDAP server will be allowed.

The "Customer Reference" subsection allows you to set a custom field for any account or domain for your future reference. The maximum size of the field is 255 alphanumeric characters.

The "Info" section displays specific date and time details about domain creation, modification and the last login.

Once your changes are complete, save them by clicking the "Save Configuration" button.

Domain aliases

The "Manage Domains" -> "Domain Aliases" page allows you to create a list of aliases for a certain domain.

A domain alias is a secondary domain directing to the domain you are editing. For example, if you are currently editing "domain1" and you add "domain2" as an alias, all emails sent to "account@domain2" will be delivered to "account@domain1".

Each of the previously defined domain aliases can be edited using the text field listed under "Address". To delete an alias, use its corresponding "Delete" button. To add a new alias, type its name in the upper right corner text field and hit the "Add Alias" button.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Message filters

The "Manage Domains" -> "Message Filters" page helps you create and manage incoming message rules and AntiVirus / AntiSpam filters for a specific domain.

When first accessing the page, a list with the already defined rules and filters is displayed. Both lists can be minimized or maximized by clicking the list name bar. Each message and filter has a "Enabled" / "Disabled" status displayed and next to it, the "Enabled" / "Disabled" button displays the opposite action of the status. Priorities between enabled AntiVirus / AntiSpam filters or Message rules can be changed using the up and down arrows under the "Priority" section.

To add a new rule for the configured domain, click the "Add Message Rule" button. They can be deleted or further configured using the "Delete" and "Edit" buttons. Type a name for the incoming message rule in the Message rule name text filed and check the "Enable this incoming rule" option to activate it.

Incoming Message Rules at domain level allow you to apply custom actions to email messages received by all accounts, groups and mailing lists under this domain, provided they meet a certain set of conditions. Please note that these rules will only apply for the entities under this domain that are not overridden by another rule at that level (this domain's account defaults, account class, account, group or mailing list).

The AntiVirus / AntiSpam filters section allows you to enable or disable one or more already installed AntiVirus or AntiSpam applications. This provides additional email filtering to all accounts, groups and mailing lists under this domain.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Message appender

The "Manage Domains" -> "Message Appender" page allows you to create an appender that will be attached to all messages sent by the respective domain's users.

To have the text you want appended to all sent messages, check the "Enable Message Appender" for this domain option and enter the required text in the available text box.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Account defaults

The "Manage Domains" -> "Account Defaults" page defines default values for the parameters that will be automatically inherited by all new accounts and account classes, and can be explicitly set (overridden) in the advanced configuration of the respective account or account class.

This page gives access to four different sub-pages:

• General - allowing you to set running services and premium account settings to be inherited;
• Quotas and Restrictions - enabling you to set certain limits for mailbox level, folder level, notification, password policy, etc.;
• Message Filters - allowing the creation of message rules;
• Send / Receive Restrictions - restricting emails from being sent/received.

Storage

Domain storage configuration

The "Storage Locations" section allows domains administrators to modify their storage files parameters (domain, object and message stores) as well as temporarily setting any of these in read-only mode for maintenance purposes. New message stores can also be added.

You can also modify the parameters for the following: Domain storage, Object storage, Message Storage.

Disposable metadata

In this section you have a visual representation of the amount permitted to be used for the metadata information per a domain. The totality of the bar represents the entire storage space available for that domain; the light gray section represents the maximum storage capacity that can be used for metadata information; the dark gray represents the current used storage capacity for the metadata information. You can enforce the maximum percentage of the total available storage space to be used for the metadata information. When this threshold is exceeded the oldest metadata is replaced with the newest.

Manage accounts

When first accessing the "Manage Accounts" tab a list of existing domains is displayed. To be able to manage the accounts first select one of the existing domains.

After selecting a certain domain, the list of previously created accounts is displayed. To run a search for a specific account use the "Account Search" field.

Account operations

To edit an existing account use its corresponding "Edit" button, to delete it hit the Delete button. In order to create a new account, hit the "Add Account" button.

The domain you are creating the account in is displayed in the "Domain name" field if you have already selected a certain domain. If you press the "Add Account" button prior to the domain selection you will have to type the desired domain. Specify a name for the account you are creating in the "Account Name" text field. Type a password of choice in the "Account password" text field or click the "Set Random" button to select a random password combination. When using this button the randomly assigned password is displayed under it.

Starting with Axigen 7.4.x a new licensing format was introduced. If you are using Axigen 7.4.x or subsequent versions and you have a license generated based on the new format, then the "Basic account type" option is available. Check the box related to it, if you want to create the new account as basic (the user will not have access to any premium features). Leaving the box unchecked will mean that the account is created as premium.

If you are done configuring the account hit the "Quick Add" button. Alternatively, should you prefer to further fine tune it click the "Advanced Config" link. This link and the "Edit" button corresponding to an already created account gives access to six configuration pages:

• General;
• Contact information;
• Account Aliases;
• Quotas and Restrictions;
• WebMail Options;
• Message Filters;
• Send / Receive Restrictions.

General

The "Manage Accounts" -> "General page" allows you to configure basic account settings such as the account name, password and also displays general information regarding the account in question.

Use the "First name" and "Last name" text fields to modify the name of the person the account is created for. The account name can also be edited in its respective text field.

To change an account's password, either type another one in the "Account password" text field or click the "Set Random" button to select a random password combination. When using this button the password randomly assigned is displayed under it.

You can choose via the "Publish this account's contact info in the public address book" option, if the respective account and it's contact information will be displayed in the "Domain Contacts" public folder.

To select whether the default settings established at domain level should be inherited by the account you are currently managing or if the account should be associated with an already defined account class use the "Inherit configuration details from" drop down menu.

The "Services" section displays the list of account services and their current status. To enable or disable a service, use the respective buttons corresponding to that service's name. Please note that at account level only services affecting account behavior are displayed - SMTP Receiving, SMTP Sending, POP3, IMAP, Remote POP and WebMail.

The first option in the "Services" section displays the account type (Basic or Premium) and allows you to switch between the account types using the corresponding button.

Depending on the used license type, the available services are divided in "Basic services" and "Premium services". This applies for SmallSP and LargeSP licensing models. For other licensing models all services are represented as basic.

Below these sections you can find the "Premium add-ons" section which lets you configure the access to each premium feature, as presented in the screenshot below.

For basic accounts, even if the premium options are enabled, they will not be available. To make them available to the user, his account must be switched to premium.

The following premium add-ons are available:

• Personal Organizer - corresponding to Calendar / Tasks / Notes / Journal access;
• Sharing - allows the user to share his folders or open another user's folders;
• Outlook Connector - allows access to the account data while using an Outlook Axiolk profile;
• Active Sync - allows the synchronization of emails, contacts and Calendar / Tasks data via a mobile ActiveSync client;
• Kaspersky AntiVirus - this add-on allows you to protect your users with the Kaspersky AntiVirus filter;
• Kaspersky AntiSpam - this add-on allows you to protect your users with the Kaspersky AntiSpam filter;

Check the box corresponding to a specific add-on to allow the user to access the related features. If you want to restrict a user's access to an add-on, un-check the box related to that add-on.

The "Auto Migration" section allows you to enable/disable the migration for the edited account. The present migration implementation is stateful. While enabled on each user login, the migration process can be resumed from the point where it left previously.

If the migration is "complete" and the auto migration option is still enabled, the migration will continue, thus achieving a "sync" functionality to the old server for the account.

This option enables or disables the initial welcome message for the current user only. The message can be customized via the "Welcome email content" section.

This field can be used for easier identification of the account by external billing systems. It is a customizable field with a maximum of 255 alphanumeric characters.

The Info section of the account displays details referring to the creation date of the account, used quota and time, date and IP coordinates of the last logins to the respective accounts through IMAP, POP3 and WebMail.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Contact information

The Contact Information tab allows you to set specific details regarding the respective account. There are four sections available: "General Info", "Personal Details", "Business Details" and "Notes".

In the "General Info" section, you can customize the contact's full name and mobile phone. The email address field is greyed out, as it corresponds to the account name.

The "Personal Details" section allows the customization of the nickname, home phone and address, birthday, spouse's name, personal email and voip address. Also general instant messaging account details are available.

In the "Business Details" section, you can set work related details such as company, position, work phone, business address, manager's name and more.

The "Notes" section allows the introduction of any custom details that are not covered in the other contact information sections.

Account aliases

The "Manage Accounts" -> "Account Aliases" page allows you to create a list of aliases for a certain user account.

Account aliases management

An account alias is a secondary account pointing to the account you are editing. For example, if you are currently editing the account test@mycompany.com previously created and you add alias@mycompany.com as an alias, all emails sent to alias@mycompany.com will be delivered to test@mycompany.com.

Each of the previously defined account aliases can be edited in the text field or deleted using their corresponding "Delete" buttons. To add a new alias, type its name in the upper right corner text field and hit the "Add Alias" button.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Quotas and restrictions

At mailbox level, the total mailbox size, the total number of folders and the total number of messages can be limited by selecting the respective options in the "Mailbox" area and using the up and down arrows to adjust the limits to the desired value. For the total size limit, use the available drop-down menu to select if you want it calculated in KB, MB or GB.

At folder level, you can set limits for the size of each folder and the total number of messages per each folder by checking the respective options in the Folders section and using the up and down arrows to adjust the limits to the desired value. For the folder size limit, use the available drop-down menu to select if you want it calculated in KB, MB or GB. The maximum possible value for "total size limit" is 1KB lower than 4096 GB.

To notify the account user (through a pop-up displayed when accessing the WebMail interface) when a certain level of the allowed quota is reached, check the respective option in the 'Notifications' area and edit the default percentage. You can also choose to have the user notified at every login via an email and control the frequency of these login notifications. The frequency of these login notifications can be set using the up and down arrows corresponding to this additional option. To select if the respective value is calculated in minutes, hours or days use the respective drop-down menu.

You can further edit the notification content in the "Notification email content" section. This section will only be displayed after checking the box related to the "Also send a notification email each time the user logs in..." option. Edit the text displayed using the "Subject" and "Body" text fields. To insert more values in the email body, use the available buttons - Domain, Account, Full name, Notification threshold percentage, Size quota, Size used, Size used (%), Count Quota, Count Used, Count Used (%).

Another option is to restrict the user from sending any new emails when he reaches a specific used quota percentage. By default this is set to 0%, so the user will be able to send emails until he reaches his quota. The percentage you set for this option must be higher than the quota usage warning percentage.

Contact information

In this section you can disallow the user from changing it's personal contact information, restricting access to the corresponding contact details.

Password policy enforcement

You can define a Password Policy to be enforced for the currently created account. First of all, a minimum and maximum number of characters for each password can be set using the up and down arrows or directly editing the Password length parameters text field. Further select from the Password must include drop-down menu if passwords should include letters, letters and numbers or letters, numbers and special characters. You can also set specific password changing options like the number of previous passwords that should not be accepted as the new password, a minimum period between two password changes and if the user is allowed to change the password.

Password expiration

In this section you can enable, by checking the related box, the "Enable password expiration" option and then customize the password expiration and related notifications in compliance with your requirements.

Session restrictions

The number of POP3, IMAP and WebMail sessions can be limited for the respective account. To do so select the desired value, use the up and down arrows or directly edit the text fields pertaining to each type of session.

WebMail Advertising

In the "WebMail Advertising" area you can configure the three advertising sections of the interface (only pertaining to AJAX WebMail interface) by inserting appropriate HTML code in the corresponding parts. We recommend respecting the maximum size specified for each section.

WebMail message limits

To limit the size of email message attachments uploaded via the WebMail interface, check the respective option in the WebMail section and use the up and down arrow to select the desired size. To have the size measured in KB, MB or GB use the available drop-down menu.

Use the up and down arrows of the "Limit number of attachments per message" option or edit its corresponding text field to set a maximum number of attachments allowed to email messages sent or received using the WebMail interface.

Check the "Limit message size" option to set a maximum size for sent and received messages through the WebMail interface. To do so either use the up and down arrows to select the desired size or edit the corresponding text field.

The "Limit number of recipients" option allows you to configure a maximum number of recipients for WebMail email messages using the up and down arrows to select the desired size or editing the corresponding text field.

To set the HTML Body Filtering Level for this specific account when connected via WebMail use the available slider. The HTML filtering levels stand for the following:

• No Filtering;
• Low level filtering - converts the message to standard XHTML;
• Medium level filtering - generates the email body based on a list of known/allowed attributes and tags. Anything that is not on this "allowed list" is removed. This level removes java script, styles, etc.;
• High level filtering - generates the email body based only on text components. This means that only plain text components remain in the message. This forth level is the strictest and may actually damage some formatting, but it is also the safest.

A minimum email body filtering restriction can be applied by dragging the "Mimimum allowed HTML Body Filtering Level" slider to the desired setting. This will not allow the user to set the email body filtering level (from WebMail) to a lower value than the one specified in WebAdmin.

Identity Confirmation

The permission to use Identity Confirmation can be enabled or disabled from this section, by checking/un-checking the related boxes.

Message sending restrictions

Limits imposed to sent messages offer you an easy possibility to prevent account users from generating spam. They can thus set a maximum number of messages, their total size and the period in which these are sent using the up and down arrows to select the desired size or editing the corresponding text field. To have the message size calculated in KB, GB or MB use the respective drop-down menu. The time frame for the maximum number of messages can be set to be calculated in seconds, minutes, and hours using the corresponding drop-down menu.

Remote POP restrictions

You can limit the number of remote POP accounts defined by a certain user. To do so, use the up and down arrows to select the desired size or edit the corresponding text field. Additionally, a minimum interval between two email retrievals for each RPOP connection can be specified. Use the "Minimum message retrieval interval" drop-down menu to have it calculated in minutes, hours or days.

Temporary email addresses restrictions

You can set some limits regarding the usage of temporary email addresses. A user may request maximum 16 temporary email addresses (aliases), if the limit is set to "0" the "Add" button in WebMail (in the "Temporary Email Addresses" section) will be disabled but old temporary email address will still be available until they expire or are deleted. The time period from the creation of a temporary email address to its automatic deletion can be set between 10 minutes and 1 year.

Parameter inheritance: the parameters or parameter groups that are inherited from the domain's account defaults are automatically marked with the "Inherited from domain's account defaults" icon, while the ones inherited from an account class are marked with the "Inherited from account class" icon. When explicitly setting the value of an inherited parameter, it will be marked with the Set explicitly icon. Moreover, any further changes at parent level (domain's account defaults or account class) will only affect inherited parameters, while explicitly set ones will keep their value. You can revert the explicit parameters to their inherited value at any time by clicking the "Inherit" link related to the explicitly set parameter (orange) icon.

Icons:

Once your changes are complete, save them by clicking the "Save Configuration" button.

WebMail options

The "Manage Accounts" -> "WebMail Options" page allows you to configure an account's appearance, preferences, contact details and signature. These options can also be set by each account user from the WebMail Ajax Interface -> "Settings" menu -> "Interface" tab or Webmail Standard -> "Settings" -> "Webmail Data".

Appearance options

Use the "WebMail Skin name" drop down menu to select the WebMail skin that should be used for this account. To configure the WebMail language settings for the respective account use the WebMail Language drop-down menu. The available options are Arabian, Chinese Simplified, Chinese Traditional, Czech, German, Danish, Estonian, English, Spanish, Finnish, French, Greek, Hindi, Croatian, Hungarian, Indonesian, Hebrew, Italian, Japanese, Lithuanian, Dutch, Norwegian, Polish, Portuguese, Romanian, Russian, Swedish, Serbian, Slovak, Slovenian, Turkish.

The default selected language is English.

You can specify the number of messages to be displayed on a WebMail page for the currently edited mailbox using the "Display <nr> messages per page" option.

Account preferences

You can have a confirmation requested before deleting a message via WebMail from the currently edited account by checking the "Ask for confirmation on email deletion" option.

Check the "Ask for confirmation on empty folder" option to request a confirmation on emptying a folder in WebMail for the currently edited account.

To have messages deleted through the WebMail interface sent to Trash check the "Move deleted emails to Trash" option. If left unchecked messages will be permanently deleted.

Allow the WebMail interface to check for new emails automatically for the configured account by checking the "Automatically check for new emails" option. Use the available text field or its up and down arrows to define the time frame and the drop-down menu to have the period measured in minutes, hours or days. Check the "Display notification when new email arrives" option so the user receives a pop-up warning when a new email arrives.

You can enable the "Request read receipt" options in order to request a notification email when the recipient reads the message. Select, from the "Send read receipts" related drop-down box, the implicit behavior you wish to set for the user account when a read receipt is requested for an incoming message.

To set the "HTML Body Filtering Level" for this specific account when connected via WebMail use the available slider. The HTML filtering levels stand for the following:

• No Filtering;
• Low level filtering - converts the message to standard XHTML;
• Medium level filtering - generates the email body based on a list of known/allowed attributes and tags. Anything that is not on this 'allowed list' is removed. This level removes java script, styles, etc.;
• High level filtering - generates the email body based only on text components. This means that only plain text components remain in the message. This forth level is the strictest and may actually damage some formatting, but it is also the safest.

Contacts settings

You can select which contacts to be used for the account they are currently editing. They can either use contacts from the public address-book and/or employ domain contacts. To do so please choose from (or both) available options: "Use contacts from public address-book" and "Use contacts from domain".

Defining a signature

To have a signature defined for all messages sent from the configured account via WebMail type it in the "Message Signature" text field. The text you define will then be appended to all outgoing email sent from the WebMail interface.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Message filters

The "Message Filters" page enables you to configure a set of rules to be applied to messages received by the edited account, as well as to view and change any of the similar rules created by the user. The page gives access to other 2 sub-pages:

• Admin Filters - containing the parameters relative to incoming message rules and filters.
• User Filters - containing the parameters relative to incoming message rules and filters set by user in WebMail -> "Settings" -> "Filters" page.

The "Message Filters" -> "Admin Filters" sub-page enables you to configure incoming message rules and filters for the edited account. Filters defined in this section will not appear in the user's WebMail filters list and as such cannot be edited by the user.

Incoming message rules

To configure a new message rule, hit the "Add Message Rule" button and then fill in the specific parameters in the new sub-page, "New Message Rule". Each message rule has an Enabled/Disabled status displayed, the action displayed by the button next to it is the opposite of the status. Each rule can be deleted or further configured using the "Delete" and "Edit" buttons.

To set the order in which defined rules should apply, use their corresponding up and down arrows available under the "Priority" section.

General settings for the new message rule

Use the text box under "General Settings" in order to specify the name of the new rule then enable the new rule by checking the box in front of the option called "Enable this incoming rule".

New message rule conditions

In the "Matches" section, first select if the Conditions should be applied in an AND / OR manner. This means that if you select for the "For incoming messages that match" option, the "ANY of the conditions below" entry, the rule will apply to messages that match at least one of the imposed conditions. If you choose the "ALL of the conditions below", the rule will be applied only to messages that match all of the set conditions.

Next, choose the conditions you want to apply to those messages (e.g. for messages from "abc@domain.com").

Use the drop-down menu to select the type of the new condition. Available options include setting conditions relative to the subject, sender, receiver, Cc, To or Cc, body, size of the email, as well as a customization option, accessible by clicking on "Custom". To delete one of the newly-added criteria hit its corresponding trash-bin shaped like button.

New message rule actions

By editing the "Actions" section you can decide what you want to do with the messages that match the above conditions. Use the drop-down menu to specify the actions corresponding to the mail message i.e. moving, copying, deleting, or redirecting it to a certain email address etc.

To add a new action, click on the "Add Action" button and then fill in all the corresponding details in the newly-displayed menus. To delete an action hit the trash-bin shaped like button displayed on the right hand side of the action in question.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Send/Receive restrictions

The "Manage Accounts" tab -> "Send/Receive Restrictions" sub-page enables you to define and enable or disable sending and receiving restrictions that can limit the domains and subdomains emails are sent to or received from. Additionally, you can create exception lists for the set restrictions.

From the "Send" context you can allow emails to be sent to all domains, only to local domains, only to local domains and subdomains or to disallow the sending of emails regardless of the recipient's domain. For a higher degree of flexibility, specific exceptions can be defined for any of the options you choose.

From the "Receive" context you can allow emails to be accepted from all domains, only from local domains, only from local domains and subdomains or to disallow the receiving of emails regardless of the sender's domain. For a higher degree of flexibility, specific exceptions can be defined for any of the options you choose.

The exceptions are defined as a pattern which supports "*" and "?" wildcards, the first one replacing any character for any number of occurrences, the second one replacing any character for only one occurrence. It is possible to specify multiple exceptions by adding them one by one, creating a list of exceptions.

A complete list of the options that can be set is:

• Enable/Disable sending restrictions
  • "Allow only local domain" / "Allow only local domain and subdomains" - allows sending only to the same domain / allows sending to the same domain and its subdomains
  • "Allow all domains" / "Disallow all domains"

• Enable/Disable receiving restrictions
  • "Allow only local domain" / "Allow only local domain and subdomains" - allows receiving only from the same domain / allows receiving from the same domain and its subdomains
  • "Allow all domains" / "Disallow all domains"

Restrictions apply for messages sent from:

• WebMail: An NDR will be returned if the destination address is not allowed.

• SMTP/Outlook Connector: The "RCPT TO" command will yield a permanent error, if matched.

• Sendmail wrapper: An NDR will be returned if the destination address is not allowed.

The rejection error in the NDR will be: postmaster@test.org : Permission denied

Once your changes are complete, save them by clicking the "Save Configuration" button.

Groups

When first accessing the "Groups" tab, a list of the existing domains is displayed. To be able to manage the groups you have to first select one of the existing domains.

After selecting a certain domain the list of previously created groups is displayed. To run a search for a specific group use the "Group Search" field.

Group operations

To edit an existing group use its corresponding "Edit" button, to delete it hit the "Delete" button. In order to create a new group press the "Add Group" button.

The domain you are creating the group in is displayed in the "Domain name" field if you have already selected a certain domain. If you press the "Add Group" button prior to the domain selection you will have to type the desired domain. Specify a name for the group you are creating in the "Group Name" text field. After specifying these two parameters the groups email address will be displayed (generic address is Groupname@Domainname).

Check the "Enable this group" option if you want to render the group active. If you are done configuring the group hit the "Quick Add" button. Alternatively, should you prefer to further fine tune it, click the "Advanced Config" link. This link and the "Edit" button, corresponding to a previously created group, gives access to two configuration pages: "General" and "Message Filters".

General

The "Groups" -> "General" page allows you to add and delete group members and also provides information on the group currently edited.

Use the "Group Name" text field to edit the name you have previously assigned to your group.

Check the box related to the "Publish this group's contact info in the public address book" to display the respective group in the "Domain Contacts" folder.

To add a group member type his/her email address in the "Group members" text field. To add more than one member hit the "Add member" button which will generate additional text fields for email addresses. To delete an already added member use the "Delete" button. Check the "Enable this group" option if you want to render the group active.

The "Info" section displays details referring to the creation and last modification date and time of the group.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Message filters

The "Groups" -> "Message Filters" page enables you to create and manage incoming message rules for a specific group.

When first accessing the page a list with the already defined rules and filters is displayed. Both lists can be minimized or maximized by clicking the list name bar.

Each message rule has an "Enabled" / "Disabled" status displayed, the action displayed by the button next to it is the opposite of the status. Each rule can be deleted or further configured using the "Delete" and "Edit" buttons.

To set the order in which defined rules should apply use their corresponding up and down arrows available under the "Priority" section. To configure a new message rule hit the "Add Message Rule" button and then fill in the specific parameters in the new sub-page, "New Message Rule".

General settings for the new message rule

Use the text box under "General Settings" in order to specify the name of the new rule then enable the new rule by checking the box in front of the option called "Enable this incoming rule".

New message rule conditions

In the "Matches" section, first select if the Conditions should be applied in an AND / OR manner. This means that if you select for the "For incoming messages that match" option, the "ANY of the conditions below" entry, the rule will apply to messages that match at least one of the imposed conditions. If you choose the "ALL of the conditions below", the rule will be applied only to messages that match all of the set conditions.

Next, choose the conditions you want to apply to those messages (e.g. for messages from "abc@domain.com").

Use the drop-down menu to select the type of the new condition. Available options include setting conditions relative to the subject, sender, receiver, Cc, To or Cc, body, size of the email, as well as a customization option, accessible by clicking on "Custom". To delete one of the newly-added criteria hit its corresponding trash-bin shaped like button.

New message rule actions

By editing the "Actions" section you can decide what you want to do with the messages that match the above conditions. Use the drop-down menu to specify the actions corresponding to the mail message i.e. moving, copying, deleting, or redirecting it to a certain email address etc.

To add a new action, click on the "Add Action" button and then fill in all the corresponding details in the newly-displayed menus. To delete an action hit the trash-bin shaped like button displayed on the right hand side of the action in question.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Mailing lists

Use the "WebAdmin Mailing Lists" tab to manage the mail lists in the Axigen mail server. When selecting this tab the currently existing mailing lists are displayed.

If you have defined a large number of mailing lists you can quickly locate a certain one by using the "Mailing list Search" available in the upper right corner. This field enables you to search by the name of the mailing list, on a filter as you type basis.

You can also search for a mailing list by using the "Domain search" menu available on the left of the screen. Just fill in the domain name in order to see all the corresponding mailing lists and they will be filtered out as you type. Clicking directly on one of the listed domains will result again in displaying all the mailing lists defined for that specific domain.

Mailing lists operations

To edit an already defined mailing list hit the "Edit" button on the right side of its name, to delete it hit its respective "Delete" button. Should you like to add a new mailing list click the "Add mailing list" button.

Fill in the requested details: domain name, list name, list full name, administrator email, then specify a password for the mailing list you wish to create. Hit the "Quick Add" button in order to create the list using the default settings or the "Advanced Config" link to further fine tune it.

When pressing the "Edit" button for an existing mailing list or the "Advanced Config" link you access the six pages shown in the screen-shot below. The name of the configured mailing list is displayed in the upper section of the screen at all times.

General

The "Manage Lists" -> "General" tab allows you to set the running services for a specific domain and other domain related parameters.

Settings

Use the "List name" and "List Full Name" fields in order to edit the name of the mailing list. The complete name will appear as displayed under these fields.

You can choose via the "Publish this list's contact info in the public address book" option, if the respective mailing list account will be displayed in the "Domain Contacts" public folder.

Use the "Account Password" text area to manually specify the password for accessing the mailbox of this list, or generate one randomly by hitting the "Set Random" button. The new randomly generated password will be displayed in the field below: wsUPNUiC, in this case.

Subscription and unsubscription confirmations are automatically accepted for the mailing list displayed under "Account Password". Leave blank in the text box if you wish these requests to be confirmed by you.

Services

Use the "Services" field to specify what services are enabled for this mailing list. To enable or disable a service use the respective buttons corresponding to that service's name. Greyed out options are the ones active.

Info

The "General" page also displays specific details about the currently edited mailing list in the "Info" section. The information refers to the account creation date, as well as time details for the last modification and login.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Members

The "Mailing Lists" -> "Members" page allows you to specify the parameters regarding the members of the mailing lists.

The members list is displayed alphabetically taking into account the first letters of the members' email address. You can also use the searching field in order to create a filter and thus be able to locate a certain account faster.

To edit the details of a member address click the "Edit" button on the right side of its name, to delete it hit its respective "Delete" button. Should you like to add a new mailing list member hit the "Add Member" button.

Adding and editing a member address is done by filling in the requested details: the members' email and full name, and then clicking on the "Quick Add" button.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Subscription and posting

The "Mailing Lists" -> "Subscription and Posting" page allows you to set rules regarding subscriptions and unsubscriptions, posting rights, define message headers and templates for mailing lists.

Subscription/Unsubscription

In this section, you can set the rules regarding subscriptions and unsubscriptions from a defined mailing list. When checking the "Allow subscription/unsubscription" via email option you can also decide whether the administrator needs to approve subscriptions and set special email addresses to be used especially for subscribing or unsubscribing.

Message posting

Use the drop down menu from the Messages can be posted by field in order to select who has the right to post messages. Choose one from the three available options: Anyone, Subscribers and Moderator, Moderator Only. Check the Require moderation for option to choose what messages should be moderated: all or those from non subscribers.

Use the content slider available in this section in order to define the type of content a message can have. Move the slider to the left or to the right, in order to make the selection. Enabled types of messages will then change color from whiter to grey.

Message headers

Here you can list or modify the headers you wish to remove/add from each message. To edit a header hit the "Edit" button on the right side of its name, to delete it click its respective "Delete" button. Should you like to add a new header to be removed hit the "Define" button.

Whether editing or adding a new header you will need to fill in the name of the header, then hit the "Quick Add" button.

In the "Insert Header / Footer" section you can edit a custom content that will be added before/after the message body. Use the predefined variables buttons to automatically insert details related to specific list messages. A list of the variables significance can be found below:

•  %l - List Name
•  %d - Domain name
•  %r - List Full Name
•  %o - Request
•  %e - Sender address
•  %f - Sender
•  %i - Confirmation code
•  %M - Original Message
•  %w - Original Message Date
•  %s - Original Subject
•  %m - Original Message ID

Message templates

This section enables you to edit the message templates. You can edit the automated responses for error messages (NDR) and RFC2822 reply messages such as confirmation requests, subscription denied, welcome message and more. Click the button corresponding to the template you are interested in and make the change in the related text box.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Quotas and restrictions

The "Mailing Lists" -> "Quotas and Restrictions" page contains parameters relative to parameters at mailbox and folder level, notifications to be sent to the list members and restrictions imposed to the mailing list being edited.

Managing mailing list quotas

At mailbox level, the total mailbox size, the total number of folders and the total number of messages can be limited by selecting the respective options in the "Mailbox Level" area and using the up and down arrows to adjust the limits to the desired value. For the total size limit use the available drop down menu to select if you want it calculated in KB, MB or GB.

At folder level you can set limits for the size of each folder and the total number of messages per each folder by checking the respective options in the "Folder Level" section and using the up and down arrows to adjust the limits to the desired value. For the folder size limit use the available dropdown menu to select if you want it calculated in KB, MB or GB.

To have the account user notified when reaching a certain level of their allowed quota, through a pop-up displayed when accessing the WebMail interface, check the respective option in the "Notifications" section and use the up and down arrows to increase or decrease the default percentage of the quota.

Session restrictions

The number of POP3, IMAP and WebMail sessions can be limited using the up and down arrows or directly editing the text fields pertaining to each type of session. POP3 and IMAP sessions take values from 1 to 16, while WebMail sessions take values from 1 to 2048.

WebMail restrictions

To limit the attachment and message size check the respective options in the WebMail section and use the up and down arrows to select the desired size. To have the size measured in KB, MB or GB use the available drop down menu.

Use the up and down arrows of the Limit number of attachments per message and Limit number of recipients options or edit their corresponding text field to set the maximum number of attachments and recipients in an email message.

Message sending restrictions

Limits imposed to sent messages offer you an easy possibility to prevent account users from generating spam. They can thus limit the total number of messages to be sent and their size in a time interval. Use the up and down arrows to select the desired size or edit the corresponding text field. To have message size calculated in KB, GB or MB use the respective drop down menu.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

WebMail options

The "Mailing Lists" -> "WebMail Options" page allows setting up of the mailing list's appearance, preferences, contact details and signature.

Appearance options

Use the "WebMail Skin name" drop down menu to select the WebMail skin to be used for this account. To configure the WebMail language settings for the respective account use the "WebMail Language" dropdown menu.

The available options are Arabian, Chinese Simplified, Chinese Traditional, Czech, German, Danish, Estonian, English, Spanish, Finnish, French, Greek, Hindi, Croatian, Hungarian, Indonesian, Hebrew, Italian, Japanese, Lithuanian, Dutch, Norwegian, Polish, Portuguese, Romanian, Russian, Swedish, Serbian, Slovak, Slovenian, Turkish.

The default selected language is English.

The languages marked with * are only available in the Standard WebMail interface. If one of them is selected, the Ajax WebMail interface will be displayed in English instead.

You can specify the number of messages to be displayed on a WebMail page for the currently edited mailbox using the "Display <no> messages per page" drop-down menu.

Preferences

You can have a confirmation requested before deleting a message via WebMail from the currently edited mailing list by checking the "Ask for confirmation on email deletion" option.

Check the "Ask for confirmation on empty folder" option to request a confirmation on emptying a folder in WebMail.

To have messages deleted through the WebMail interface sent to Trash by check the "Move deleted emails to Trash" option. If left unchecked, messages will be permanently deleted.

Allow the WebMail interface to check for new emails automatically for the configured mailing list check the "Automatically check for new emails" option. Use the available text field or its up and down arrows to define the time frame and the drop-down menu to have the period measured in minutes, hours or days.

To set the "HTML Body Filtering Level" for this specific account when connected to via WebMail, use the available slider. The HTML filtering levels stand for the following:

• No Filtering;
• Low level filtering - converts the message to standard XHTML;
• Medium level filtering - generates the email body based on a list of known/allowed attributes and tags;
• Thorough filtering - generates the email body.

To have a signature defined for all messages sent from the configured mailing list via WebMail type it in the "Message Signature" text field. The text you define will then be appended to all outgoing email sent from the WebMail interface.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Message filters

The "Mailing Lists" -> "Message Filters" page enables you to create and manage incoming message rules for a mailing list.

When first accessing the sub-page a list with the already defined rules is displayed. Each message rule can be deleted or further configured using the "Delete" and "Edit" buttons.

Each message rule has a "Enabled" / "Disabled" status displayed and next to it, the "Enabled" / "Disabled" button displays the opposite action of the status. To set the order in which defined rules should apply use their corresponding up and down arrows available under the "Priority" section.

To configure a new message rule, hit the "Add Message Rule" button and then fill in the specific parameters in the new sub-page, "New Message Rule".

General settings for the new message rule

Use the text box under "General Settings" in order to specify the name of the new rule then enable the new rule by checking the box in front of the option called "Enable this incoming rule".

New message rule conditions

In the "Matches" section, first select if the Conditions should be applied in an "AND" / "OR" manner. This means that if you select for the "For incoming messages that match" option, the "ANY of the conditions below" entry, the rule will apply to messages that match at least one of the imposed conditions. If you choose the "ALL of the conditions below", the rule will be applied only to messages that match all of the set conditions.

Next, choose the conditions you want to apply to those messages (e.g. for messages from "abc@domain.com").

Use the drop-down menu to select the type of the new condition. Available options include setting conditions relative to the subject, sender, receiver, Cc, To or Cc, body, size of the email, as well as a customization option, accessible by clicking on "Custom". To delete one of the newly-added criteria hit its corresponding trash-bin shaped like button.

New message rule actions

By editing the "Actions" section you can decide what you want to do with the messages that match the above conditions. Use the drop-down menu to specify the actions corresponding to the mail message i.e. moving, copying, deleting, or redirecting it to a certain email address etc.

To add a new action, click on the "Add Action" button and then fill in all the corresponding details in the newly-displayed menus. To delete an action hit the trash-bin shaped like button displayed on the right hand side of the action in question.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Public folders

Use the "Public Folders" tab to manage public folders in the Axigen mail server. When selecting this tab the currently existing public folders and sub-folders are displayed.

If you have defined a large number of public folders, you can quickly locate a certain one by using the "Domain search" menu available on the left of the screen. Just fill in the domain name in order to see all the corresponding public folders and they will be filtered out as you type. Clicking directly on one of the listed domains will also result in displaying all the public folders defined for that specific domain.

Public folders operations

To add a new public folder hit the "Add Public Folder" button at the top. To delete an already defined public folder click its respective "Delete" button.

Fill in the folder name, select the parent folder from the drop-down menu and specify the email address for this public folder. You can insert multiple email addresses: fill in the email address and then click on the "Add Address" button. Should you like to delete one of the listed email addresses, click on the trash bin icon available on the right of the email address. Hit the "Quick Add" button in order to complete the creation of the public folder with these settings or use the "Advanced Config" link to further fine tune it.

When pressing the "Edit" button for an existing public folder or the "Advanced Config" link when creating it, you will be able to make more settings in the "General" and "Quotas configuration" pages.

The name of the configured public folder will be displayed in the upper section of the screen at all times.

General

The "Public Folders" -> "General" page allows you to begin the configuration of a public folder.

Settings

You can choose if the contact information corresponding to this public folder will be displayed in the "Domain Contacts" folder and specify the email address associated with this public folder. Multiple email addresses can be defined: fill in the email address and then click on the "Add" button. Should you like to delete one of the listed email addresses, click the "Delete" button available on the right of the email address.

General settings for the Public Folders Root allow you to only edit this folder's generic name. This name will appear in WebMail on the same level with the default folders (e.g. Inbox, Sent) and all the public folders created for this domain will be displayed under the Public Folders Root. By default, this folder has the generic name of "Public Folders".

Quotas

The "Public Folders" -> "Quotas" page contains parameters relative to the mailbox and folder levels of the public folder being edited.

When setting the Quotas for the root "Pubic Folders" you will have specific options regarding Quotas that apply to all public folders or quotas concerning the default values for each public folder.

All public folders

In this section you can set a maximum size occupied by all the public folders, the maximum number of allowed folders and the maximum number of allowed messages in all public folders.

Each folder

You can set limits for the size of each folder and the total number of messages per each folder by checking the respective options and using the up and down arrows to adjust the limits to the desired value. For the folder size limit, use the available drop-down menu to select if you want it calculated in KB, MB or GB.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Account classes

Use the "Account Classes" tab to manage the account classes in the Axigen mail server. When selecting this tab the currently existing account classes are displayed.

If you have defined a large number of account classes you can quickly locate a certain one by using the "Domain search" menu available on the left of the screen. Just fill in the domain name in order to see all corresponding account classes, they will be filtered out as you type. Clicking directly on one of the listed domains will also result in displaying all the account classes defined for that specific domain.

Account classes operations

To edit an already defined account class hit the "Edit" button on the right side of its name, to delete an already defined account class click its corresponding "Delete" button. Should you like to add a new account class hit the "Add Account Class" button displayed in the upper right corner of the screen.

Add a new account class for the currently selected domain, in our case the mycompany.com domain, which is also automatically filled in the "Domain Name" field and can be edited.

For successfully creating a new account class fill in its name in the "Account Class Name" field, then hit the "Quick Add" button in order to create it using the default domain inherited parameters or the "Advanced Config" link to explicitly define account parameters. When pressing the "Edit" button for an existing account class or the "Advanced Config" link, you access the three pages shown in the below screenshot. The name of the configured account class is listed in the upper section of the screen at all times.

General

The "Account Class" -> "General" page provides four sections: Settings, Services, Auto Migration and Welcome email.

The admin can change the Account Class name via the "Settings" section -> "Account Class Name" text box.

The services section displays the list of account services and their current status. To enable or disable a service, use the respective buttons corresponding to that service's name. Please note that at account class level only services affecting account class behavior are displayed - SMTP Receiving, SMTP Sending, POP3, IMAP, Remote POP and WebMail.

Depending on the used license type, the available services are divided in "Basic services" and "Premium services". This applies only for SmallSP and LargeSP licensing models. For other licensing models all services are represented as basic.

Below these sections you can find the "Premium add-ons" section which lets you configure the access to each premium feature, as presented in the screenshot below.

The following premium add-ons are available:

• Personal Organizer - corresponding to Calendar / Tasks / Notes / Journal access;
• Sharing - allows the user to share his folders or open another user's folders;
• Outlook Connector - allows access to the account data while using an Outlook Axiolk profile;
• Active Sync - allows the synchronization of emails, contacts and Calendar / Tasks data via a mobile ActiveSync client;
• Kaspersky AntiVirus - this add-on allows you to protect your users with the Kaspersky AntiVirus filter;
• Kaspersky AntiSpam - this add-on allows you to protect your users with the Kaspersky AntiSpam filter.

Check the box corresponding to a specific add-on to allow the user to access the related features. If you want to restrict a user's access to an add-on, un-check the box related to that add-on.

The "Auto Migration" section allows you to enable/disable the migration for the edited account. The present migration is stateful. While enabled on each user login, the migration process can be resumed from the point where it left previously.

If the migration is "complete" and the auto migration option is still enabled, the migration will continue, thus achieving a "sync" functionality to the old server for the account.

The account class settings will be applied to all the accounts that have the inherit option pointing to this specific account class.

In the "Welcome email" section you can enable or disable the initial welcome message, for the users that inherit their settings from this account class, via the "Enable welcome email" option.

You can also customize the "Subject" and "Body" of the Welcome message in the related "Welcome email content" sub-section.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Quotas and restrictions

The "Account Classes" -> "Quotas and Restrictions" page contains parameters relative to mailbox and folder level, notifications to be sent to users and restrictions imposed for all created account classes.

Managing account quotas

At mailbox level, the total mailbox size, the total number of folders and the total number of messages can be limited by selecting the respective options in the "Mailbox" area and using the up and down arrows to adjust the limits to the desired value. For the total size limit, use the available drop-down menu to select if you want it calculated in KB, MB or GB.

At folder level, you can set limits for the size of each folder and the total number of messages per each folder by checking the respective options in the "Folders" section and using the up and down arrows to adjust the limits to the desired value. For the folder size limit, use the available drop-down menu to select if you want it calculated in KB, MB or GB. The maximum possible value for "total size limit" is 1KB lower than 4096 GB.

To notify the account user (through a pop-up displayed when accessing the WebMail interface) when a certain level of the allowed quota is reached, check the respective option in the 'Notifications' area and edit the default percentage. You can also choose to have the user notified at every login via an email and control the frequency of these login notifications. The frequency of these login notifications can be set using the up and down arrows corresponding to this additional option. To select if the respective value is calculated in minutes, hours or days use the respective drop-down menu.

You can further edit the notification content in the "Notification email content" section. This section will only be displayed after checking the box related to the "Also send a notification email each time the user logs in..." option. Edit the text displayed using the "Subject" and "Body" text fields. To insert more values in the email body, use the available buttons - Domain, Account, Full name, Notification threshold percentage, Size quota, Size used, Size used (%), Count Quota, Count Used, Count Used (%).

Another option is to restrict the user from sending any new emails when he reaches a specific used quota percentage. By default this is set to 0%, so the user will be able to send emails until he reaches his quota. The percentage you set for this option must be higher than the quota usage warning percentage.

Contact information

In this section you can disallow the user from changing it's personal contact information, restricting access to the corresponding contact details.

Password policy enforcement

You can define a Password Policy to be enforced for the currently created account. First of all, a minimum and maximum number of characters for each password can be set using the up and down arrows or directly editing the "Password length parameters" text field. Further select from the Password must include dropdown menu if passwords should include letters, letters and numbers or letters, numbers and special characters. You can also set specific password changing options like the number of previous passwords that should not be accepted as the new password, a minimum period between two password changes and if the user is allowed to change the password.

Password expiration

In this section you can enable, by checking the related box, the "Enable password expiration" option and then customize the password expiration and related notifications in compliance with your requirements.

Session restrictions

The number of POP3, IMAP and WebMail sessions can be limited for the respective account. To do so select the desired value, use the up and down arrows or directly edit the text fields pertaining to each type of session.

In the WebMail advertising area you can configure the three advertising sections of the interface (only pertaining to AJAX WebMail interface) by inserting appropriate HTML code in the corresponding parts. We recommend respecting the maximum size specified for each section.

To limit the size of email message attachments, check the respective option in the WebMail section and use the up and down arrow to select the desired size. To have the size measured in KB, MB or GB use the available drop-down menu.

Use the up and down arrows of the "Limit number of attachments per message" option or edit its corresponding text field to set a maximum number of attachments allowed to email messages sent or received using the WebMail interface

Check the "Limit message size" option to set a maximum size for sent and received messages through the WebMail interface. To do so either use the up and down arrows to select the desired size or edit the corresponding text field.

The "Limit number of recipients" option allows you to configure a maximum number of recipients for WebMail email messages using the up and down arrows to select the desired size or editing the corresponding text field.

To set the "HTML Body Filtering Level" for this specific account when connected via WebMail use the available slider. The HTML filtering levels stand for the following:

• No Filtering;
• Low level filtering - converts the message to standard XHTML;
• Medium level filtering - generates the email body based on a list of known/allowed attributes and tags. Anything that is not on this "allowed list" is removed. This level removes java script, styles, etc.;
• High level filtering - generates the email body based only on text components. This means that only plain text components remain in the message. This forth level is the strictest and may actually damage some formatting, but it is also the safest.

A minimum email body filtering restriction can be applied by dragging the "Mimimum allowed HTML Body Filtering Level" slider to the desired setting. This will not allow the user to set the email body filtering level (from WebMail) to a lower value than the one specified in WebAdmin.

The permission to use Identity Confirmation can be disabled or enabled from this section, by checking/un-checking the related boxes.

Message sending restrictions

Limits imposed to sent messages offer you an easy possibility to prevent account users from generating spam. They can thus set a maximum number of messages, their total size and the period in which these are sent using the up and down arrows to select the desired size or editing the corresponding text field. To have the message size calculated in KB, GB or MB use the respective drop-down menu. The time frame for the maximum number of messages can be set to be calculated in seconds, minutes, and hours using the corresponding drop-down menu.

Remote POP restrictions

You can limit the number of remote POP accounts defined by a certain user. To do so, use the up and down arrows to select the desired size or edit the corresponding text field. Additionally, a minimum interval between two email retrievals for each RPOP connection can be specified. Use the "Minimum message retrieval interval" drop-down menu to have it calculated in seconds, minutes or hours.

Temporary email addresses restrictions

You can set some limits regarding the usage of temporary email addresses. A user may request maximum 16 temporary email addresses (aliases), if the limit is set to "0" the "Add" button in WebMail (in the "Temporary Email Addresses" section) will be disabled but old temporary email address will still be available until they expire or are deleted. The time period from the creation of a temporary email address to its automatic deletion can be set between 10 minutes and 1 year.

Parameter inheritance: the parameters or parameter groups that are inherited from the domain's account defaults are automatically marked with the "Inherited from domain's account defaults" icon, while the ones inherited from an account class are marked with the "Inherited from account class" icon. When explicitly setting the value of an inherited parameter, it will be marked with the Set explicitly icon. Moreover, any further changes at parent level (domain's account defaults or account class) will only affect inherited parameters, while explicitly set ones will keep their value. You can revert the explicit parameters to their inherited value at any time by clicking the "Inherit" link related to the explicitly set parameter (orange) icon.

Icons:

Once your changes are complete, save them by clicking the "Save configuration" button.

Message filters

The "Account Classes" -> "Message Filters" page enables you to create and manage incoming message rules for an account class.

To configure a new message rule, hit the "Add Message Rule" button and then fill in the specific parameters in the new sub-page, "New Message Rule". Each message rule has an "Enabled" / "Disabled" status displayed, the action displayed by the button next to it is the opposite of the status. Each rule can be deleted or further configured using the "Delete" and "Edit" buttons.

To set the order in which defined rules should apply, use their corresponding up and down arrows available under the "Priority" section.

General settings for the new message rule

Use the text box under "General Settings" in order to specify the name of the new rule then enable the new rule by checking the box in front of the option called "Enable" this incoming rule.

New message rule conditions

In the "Matches" section, first select if the Conditions should be applied in an "AND" / "OR" manner. This means that if you select for the "For incoming messages that match" option, the "ANY of the conditions below" entry, the rule will apply to messages that match at least one of the imposed conditions. If you choose the "ALL of the conditions below", the rule will be applied only to messages that match all of the set conditions.

Next, choose the conditions you want to apply to those messages (e.g. for messages from "abc@domain.com").

Use the drop-down menu to select the type of the new condition. Available options include setting conditions relative to the subject, sender, receiver, Cc, To or Cc, body, size of the email, as well as a customization option, accessible by clicking on "Custom". To delete one of the newly-added criteria hit its corresponding trash-bin shaped like button.

New message rule actions

By editing the "Actions" section you can decide what you want to do with the messages that match the above conditions. Use the drop-down menu to specify the actions corresponding to the mail message i.e. moving, copying, deleting, or redirecting it to a certain email address etc.

To add a new action, click on the "Add Action" button and then fill in all the corresponding details in the newly-displayed menus. To delete an action hit the trash-bin shaped like button displayed on the right hand side of the action in question.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Send/Receive restrictions

The "Send/Receive Restrictions" sub-page enables you to define and enable or disable sending and receiving restrictions that can limit the domains and subdomains emails are sent to or received from. Additionally, you can create exception lists for the set restrictions.

From the "Send" context you can allow emails to be sent to all domains, only to local domains, only to local domains and subdomains or to disallow the sending of emails regardless of the recipient's domain. For a higher degree of flexibility, specific exceptions can be defined for any of the options you choose.

From the "Receive" context you can allow emails to be accepted from all domains, only from local domains, only from local domains and subdomains or to disallow the receiving of emails regardless of the sender's domain. For a higher degree of flexibility, specific exceptions can be defined for any of the options you choose.

The exceptions are defined as a pattern which supports "*" and "?" wildcards, the first one replacing any character for any number of occurrences, the second one replacing any character for only one occurrence. It is possible to specify multiple exceptions by adding them one by one, creating a list of exceptions.

A complete list of the options that can be set is:

• Enable/Disable sending restrictions
  • "Allow only local domain" / "Allow only local domain and subdomains" - allows sending only to the same domain / allows sending to the same domain and its subdomains
  • "Allow all domains" / "Disallow all domains"

• Enable/Disable receiving restrictions
  • "Allow only local domain" / "Allow only local domain and subdomains" - allows receiving only from the same domain / allows receiving from the same domain and its subdomains
  • "Allow all domains" / "Disallow all domains"

Restrictions apply for messages sent from:

• WebMail: An NDR will be returned if the destination address is not allowed.
• SMTP/Outlook Connector: The "RCPT TO" command will yield a permanent error, if matched.
• Sendmail wrapper: An NDR will be returned if the destination address is not allowed.

Once your changes are complete, save them by clicking the "Save configuration" button.

Security & Filtering

The "Security & Filtering" section comprises tabs relative to Axigen's integration with anti-virus / anti-spam applications, as well as the management of its global access control, acceptance and routing policies, Sieve filtering and message rules. The comprised configuration options allow you to define and maintain a comprehensive security policy by employing anti-virus and anti-spam applications, the incoming message rules wizard, custom blacklists and other filtering tools.

AntiVirus and AntiSpam

The "Security & Filtering" -> "AntiVirus and AntiSpam" tab allows you to view and configure the anti-virus and anti-spam applications supported by the Axigen mail server.

Accessing this tab leads to the following 6 sub-pages:

• Kaspersky AntiVirus
• Kaspersky AntiSpam
• Kaspersky Logging
• Supported Applications
• AntiVirus Actions
• AntiSpam Configuration

Kaspersky AntiVirus

In the "Licensing" section you can "Enable" / "Disable" the KAV filter (at server level) via the related button.

In the "Configuration & Updates" section you can set the working directory for KAV via the related text box.

Click on the "Configure" button under "Updates" in order to set the proxy server for retrieving the updates of the Kaspersky AntiVirus application. A new window will open, allowing you to specify the IP and port of the proxy server, as well as the login details (username and password) for authentication. To enable the "NTLM authorization on proxy server", check the corresponding option. Hit "Save Configuration" to save the changes.

Use the "Update now" button to get the latest AV database updates. The "Update status" and "Last update on" provides you with information on the performed upgrades.

The "AntiVirus Scanning" section allows you to configure the general parameters relative to the scanning of email messages and attachments with Kaspersky. Set the maximum size of emails to be scanned, the maximum time to be spent on scanning an email message, whether scanning should be also performed on attached archives containing executable files and unpack nested archives up to a desired level.

You can also set the maximum number of emails queued for scanning and the number of threads that should be used to scan the en-queued messages.

The "Heuristic Scanning Level" will be imposed to the heuristic analyzer, an advanced technology employed by Kaspersky to detect viruses which are not yet described by existing anti-virus databases.

To set the "Heuristic Scanning Level", click on the slider and move it to the left or to the right. The selected level will be highlighted in orange. Please note that scan level values are cumulative (i.e. setting the level to "Medium" scanning will automatically include the "Shallow" level of scanning).

Also, the detail level chosen for the scanning process provides the balance between the thoroughness of the searches for new threats, the load on the operating system's resources and the duration of the scan. The higher the log level, the more system resources will be required and the longer it will take.

Available scan levels: the "Shallow" option is recommended for on-demand scanning, and not for file monitoring as it can significantly affect the system performance. The "Medium" option is also not recommended for file monitoring, for the same reason. The "Detail" option is recommended for POP3 monitoring, but can affect the system performance. For file monitoring, it is recommended to turn this option off.

Under "AntiVirus Actions", enable the "Attempt disinfection on infected email parts" option, then use the drop-down menus in order to select the actions to be taken when infected or suspicious emails are found, or when the scanning process fails. Available options include allowing the message to be delivered, discarding it, rejecting it or quarantining it.

Once your changes are complete, save them by clicking the "Save Configuration" button.

Kaspersky AntiSpam

In the "Licensing" section you can "Enable" / "Disable" the KAS filter (at server level) via the related button.

In the "Configuration & Updates" section you can set the working directory for KAS via the related text box.

Click on the "Configure" button under Updates in order to set the proxy server for retrieving the updates of the Kaspersky AntiSpam application. A new window will open, allowing you to specify the IP and port of the proxy server, as well as the login details (username and password) for authentication. To enable the "NTLM authorization on proxy server", check the corresponding option. Hit "Save Configuration" to save the changes.

Use the "Update now" button to get the latest AV database updates. The "Update status" and "Last update on" provides you with information on the performed upgrades.

Under "AntiSpam Scanning", set the maximum size of emails to be scanned, and the number of threads to be used for scanning. To enable the scanning of messages with internationalized content or having a specific type of file as attachment (Text, HTML, PDF, MS Office or RTF), simply check their corresponding check-boxes.

You can also set the maximum number of emails that can be queued for scanning.

The "Spam Identification Methods" section allows you to select the technologies to be used by Kaspersky for AntiSpam filtering. Use the available check-boxes in order to enable the scanning of messages based on the analysis of their content (Kaspersky's Content Filtration technology), attached graphics (Image Recognition technology), Kaspersky's default DNSBL lists (Kaspersky's built-in Domain Name Server Black Lists delivered with updates), Kaspersky's default SURBL lists (built-in Spam URL Real-time Black Lists received with updates), Urgent Detection System or Heuristic Analyzer. Learn more here.

Messages with obscene content or in languages such as Chinese, Korean, Thai and Japanese can also be automatically treated as Spam by enabling their associated check-boxes.

You can set additional situations when the Kaspersky AntiSpam application should consider messages as Spam in the "Additional Spam Indicators" section. E.g. when the "From" and/or "To" email headers contain digits, the "From" header does not contain a domain name, the "Subject" email header exceeds 250 characters or contains a digital identifier etc.

Recognition Strictness allows you to set the "Level of strictness in considering email messages Spam" by simply moving the related slider to the left or to the right. The selected level will be highlighted in orange. Please note that the filtering level values are based on the enabled Spam indicators and that they are cumulative (i.e. setting the level to "High" will automatically include the "Minimum" and "Standard" levels).

Once your changes are complete, save them by clicking the "Save Configuration" button.

Kaspersky Logging

To set the log level for the Kaspersky filters, click the 'Log Level' slider and move it to the left or to the right. The selected types of messages will change color from transparent to gray.

Please note that the log level values are cumulative (i.e. setting the log level to 'Warning messages' will also log 'Critical messages' and 'Error messages')

Use the Log drop-down menu to select where to have your log files saved.

Once your changes are complete, click the Save configuration button to save them.

Supported applications

The "AntiVirus & AntiSpam" -> "Supported Applications" page allows you to view and enable the anti-virus and anti-spam applications that you wish to run with the Axigen mail server.

Under "Supported Applications" choose which of the available anti-virus and anti-spam applications should run by simply clicking on their corresponding "Enable" or "Disable" buttons.

To set the order in which enabled AntiVirus and AntiSpam filters should apply, use the up and down arrows available under the "Priority" column. This will help you prioritize the AV/AS filters. To update the AntiVirus and AntiSpam detection status use "click here" link, found at the bottom of the page.

Enabled applications will run simultaneously and act according to the general settings made in the next pages: "AntiVirus Actions" and "AntiSpam Configuration". Anti-virus/Anti-spam filters can also be enabled for specific resources such as a domain or account, by enabling one or more extra applications only for that resource in its "Message Filters" section.

AntiVirus actions

The "AntiVirus & AntiSpam" -> "AntiVirus Actions" page enables you to set the actions to be taken by enabled anti-virus applications in the Axigen messaging solution.

Use the drop-down menus in this section to set the specific actions that enabled anti-virus applications should take when detecting a suspicious email or one that cannot be cleaned. Choose between allowing the email to be delivered, discarding it or moving it to the "Trash" folder.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

AntiSpam configuration

The "AntiVirus & AntiSpam" -> "AntiSpam Configuration" page allows you to configure lists of safe email addresses (whitelists) and spam threshholds.

Setting a whitelist

Use this section in order to configure the whitelist - a list of email addresses from which emails should not be considered spam (delivered to Spam or Trash based on the "Spam thresholds" actions). To edit the details of an already set email address, hit the "Edit" button on the right side of its name, to delete it hit its respective "Delete" button. Should you like to add a new email address hit the "Add Email" button, type it and then click "Quick Add".

The asterisk symbol ( * ) can be used as a substitution of any characters in an email address (e.g.: *sale*@mycompany.com, *@mycompany.com, etc.). For example setting *@mycompany.com, will result in delivering all emails received from any email address in mycompany.com domain.

Spam thresholds

Use the sliders or the up and down arrows to set the maximum value for the "Spam Thresholds". Available values range between 1 to 10, where 1 is associated to legitimate emails (Not Spam) and 10 to clearly spam emails (Spam). Exceeding the set values will result in moving the respective email to the "Spam" folder, respectively in deleting the email.

When a message is received by the Axigen mail server, the message is filtered by the anti-spam application and receives a spam score. Based on the anti-spam application result the message is considered more or less a spam message. The spam score is then computed by Axigen using a function which will return a value between 1 and 10. This is the value of the "X-AxigenSpam-Level" header which can be viewed in the message source.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Additional AntiSpam methods

The "Additional AntiSpam Methods" tab gives you access to additional anti-spam filters such as email and DNS blacklists, Sender Policy Filters and Domain Keys filters, lists of safe IPs and DNS checks.

Blacklist

Use this section in order to configure the blacklist, the list of email addresses from which emails should always be rejected. To edit the details of an already set email address hit the "Edit" button on the right side of its name, to delete it click its respective "Delete" button. Should you like to add a new email address, hit the "Add Email" button and then "Quick Add".

The asterisk symbol ( * ) can be used as a substitution of any characters in an email address (e.g.: *sale*@example.com, *@example.com, etc.). For example setting *@example.com, will result in rejecting all emails received from any email address in the example.com domain.

Country filtering

The "Country Filtering" feature allows you to configure, for the SMTP Incoming service, restrictions based on the country name of the connecting peer IP. To enable this feature click the "Enable country filtering" option.

In order to identify the country for a given IP use the "Upload database" button in order to upload an IP to country mapping database (in CSV format). The database can be downloaded from sources like MaxMind. A free version is available at GeoIPCountryCSV-lite

Use the "Accept exclusively" / "Block all" option to allow (whitelist) or ban (blacklist) connections from the countries in the list.

Configure the list of IPs or IP ranges to be skipped by the GeoIP lookup by adding the respective IPs in this section. To edit the details of an already added IP or IP range hit its corresponding "Edit" button, to delete it click its respective "Delete" button.

Should you like to add a new safe IP or IP range, hit the "Add IP/Range" button, select one of the available options: Network/Mask, IP Range or Single IP and fill in its corresponding details in the displayed text box.

SPF

Sender Policy Framework (SPF) is an email validation system designed to prevent email spam by addressing a common vulnerability, source address spoofing. SPF allows you to specify which hosts are allowed to send email from a given domain by creating a specific DNS SPF record in the public DNS. Mail exchangers then use the SPF DNS records to check that mail from a given domain is being sent by a host sanctioned by that domain's administrators.

Enable SPF checking by checking the box in front of it, then use the drop-down menus in order to select the actions to be taken if no SPF records are published or if SPF records cannot be checked. Choose between allowing to deliver the message or deleting the message.

Domain Keys

DomainKeys is an email authentication system, based on message signing, designed to verify the validity of an email sender and the message integrity.

Enable the DK (Domain Keys) verification by checking the box in front of it, then use the drop-down menus in order to select the actions to be taken when no DK records are published and if DK records cannot be checked. Choose between allowing to deliver the message, deleting the message or moving the message to the "Spam" folder.

DNSBL

A DNSBL (DNS-based Blackhole List, Block List, or Blacklist) is a list of IP addresses published through the Internet Domain Name Service in a particular format. DNSBLs are most often used to publish the addresses of computers or networks linked to spamming.

Use the options in this section in order to configure the DNS blacklist. To edit the details of an already added DNS Blacklist, hit its corresponding "Edit" button, to delete it click its respective "Delete" button. Available DNS BlackLists can be enabled or disabled by simply clicking on their corresponding "Enable" or "Disable" buttons.

Should you like to add a new DNS Blacklist press the "Add DNS BlackList" button, fill in the "Operator Name" and "DNS BlackList" text boxes, then check the "Enable this Blacklis"t option and hit the "Quick Add" button.

Safe IPs/IP ranges

Configure the list of IPs or IP ranges to be skipped by the DNS BlackList lookup by adding the respective IPs in this section. To edit the details of an already added IP or IP range hit its corresponding "Edit" button, to delete it click its respective "Delete" button.

Should you like to add a new safe IP or IP range, hit the "Add IP/Range" button, select one of the available options: Network/Mask, IP Range or Single IP and fill in its corresponding details in the displayed text box.

DNS checks

Available actions for this section include rejecting emails received from domains with no MX entry or emails from an originating IP with no reverse DNS entry. Just check the box in front of the option that you want to enable in order to activate it.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Global access control

The "Security & Filtering" -> "Global Access Control" tab allows you to configure the parameters relative to the global access control such as access restrictions and others.

Access restriction

Use the options in this section to configure the IP/IP Ranges for which all services are to be denied access. To edit the details of an already set IP/IP Range hit its corresponding "Edit" button, to delete it click its respective "Delete" button.

Should you like to add a IP/IP Range hit the "Add IP/Range" button, select one of the available options: Network/Mask, IP Range or Single IP and fill in its corresponding details in the displayed text box, then hit the "Quick Add" button.

From the drop-down box select:

• Network / Mask if you wish to allow unauthenticated relay for a certain subnet (for example: Network: 10.0.0.0 ; Mask: 255.255.255.0).
• IP Range if you wish to allow unauthenticated relay for certain IP ranges (for example: From: 10.0.0.1 ; To: 10.0.0.101).
• Single IP if you wish to allow unauthenticated relay only for a certain IP. (for example: IP: 10.0.0.2).

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Acceptance and routing

The "Security & Filtering" -> "Acceptance & Routing" tab allows you to configure the message acceptance settings and routing rules. This tab gives access to three pages:

• Acceptance Basic Settings - containing the basic policies for emails acceptance;
• Routing Basic Settings - containing the basic policies for emails routing;
• Advanced Settings - containing the advanced policies for emails acceptance and routing.

Acceptance basic settings

The "Acceptance & Routing" -> "Acceptance Basic Settings" page allows you to configure a set of basic acceptance policies at SMTP-connection level such as the maximum size for received emails, the allowed ESMTP commands, rules for local delivery and settings relative to the default SMTP banner.

Incoming connections established via SMTP and the message flow can be easily managed using the established policies.

Received messages

Edit the "Limit message size" option using the up and down arrows or fill in the text box in order to specify the maximum size for received messages. Then use the drop-down menu to select one of the available options: KB, MB or GB as necessary. Maximum value: 2048MB.

Edit the "Limit no. of received headers to" option using the up and down arrows or fill in the text box in order to specify the maximum number of received headers. This will result in denying looping emails when the number of received headers exceeds the specified value (30 in this example). Available values range from 1 to 999.

Use the "Limit no. of recipients per message" option in order to specify the maximum number of recipients for received emails. Fill in the text box or use the corresponding up and down arrows in order to set the specific value, between 1 and 1000.

Allowed ESMTP commands

Specify the allowed ESMTP Commands using the options in this section. Enable the StartTLS, 8-bit MIME, binary or pipelining extensions by simply checking their corresponding boxes.

Allow/Disallow local delivery

Set the parameters for local delivery using the options under "Allow/Disallow local delivery". Here you can choose to enable/disable the local delivery and mandatory authentication. Check the box for the option that you want to activate.

Override default SMTP banner

Should you like to set a new SMTP banner check the box in front of the "Override default SMTP banner" option and then fill in the details of the new SMTP banner in the corresponding text box. The newly-added SMTP banner will automatically override the parameters of the default one.

Greylisting

When receiving a message from an unrecognized recipient, the server rejects the first attempt with a temporary error and caches the sender's IP, the sender's address and the recipient address(es). The message will only be accepted when the sender's server attempts to resend it for the first time.

To enable Greylisting check the box related to the "Activate Greylisting" option. By default the IP of the sender will be kept in the Greylisting Cache for 10 minutes. This can be configured via the CLI interface.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Routing basic settings

The "Acceptance & Routing" -> "Routing Basic Settings" page allows you to configure message relaying and customize SMTP Outgoing actions for all or part of the email communication.

Allow/Disallow relaying

Servers that Allow relaying from any IP will accept and try to deliver email messages no matter the destination or sender. This is called an "open relay" server. It is necessary to restrict relaying in order to avoid the server being flooded by spammers. Make sure you check the "Require authentication" option so relaying is possible only for users that have accounts on the server and can authenticate using a username and password.

You can configure a list of IPs or IP ranges with specific delivery settings by adding them via the "Exceptions" section. To edit the details of an already added IP or range hit its corresponding "Edit" button, to delete it click its respective "Delete" button.

Should you like to add a new IP or IP range, hit the "Add IP/Range" button, select one of the available options: Network/Mask, IP Range or Single IP and fill in its corresponding details in the displayed text box.

An example on how to use the "Exceptions" section is available in our related article: How to allow unauthenticated relay from a specific subnet.

Outgoing delivery settings

Select message delivery either trough DNS MX entry or a smart host. If you choose the second option fill in the requested details in the "Host/IP" and "Port" text-boxes and all messages will be sent to the specified host. To make sure the message transmission is secure check the "Use SSL connection" option.

Enable authentication

Should you like to enable username/password authentication when delivering messages trough smart host check the box in front of the "Enable authentication" option and fill in the username and password details in the available text boxes.

You can also specify the authentication mechanism to be used. Available types are: Plain, Login, CramMD5 and/or DigestMD5 (all types of authentication are allowed).

Connection settings

Enable the "Use StartTLS" if available option to establish a secured session before transferring any sensitive data (such as authentication details or message text when authentication is not required) if this type of encrypted session is supported by the peer server.

Should you like to have messages sent through a specific network interface check the box in front of the option called Local network interface, then use the drop-down menu to select between using the system default network interface or a custom one. In the latter case fill in the corresponding IP in the available text box.

To set a SMTP connection timeout for outgoing messages check the box in front of the "Outgoing SMTP connection timeout", then use the up and down arrows to specify the value. Use the drop-down menu to select the value of the timeout (seconds, minutes or hours).

Domain specific configuration

Set up custom routing settings for certain domains in the "Domain specific configuration" section. To edit the details of an already added domain hit its corresponding "Edit" button, to delete it click its respective "Delete" button.

Should you like to add a new domain, hit the "Add Domain" button and choose the desired options fill in the corresponding details.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Advanced settings

The "Acceptance & Routing" -> "Advanced Settings" page allows you to configure a set of advanced message acceptance and routing policies for incoming and outgoing SMTP modules.

Advanced settings

Use the options under "Advanced Settings" to further tune any of the already set SMTP filters. Advanced acceptance rules will override the basic acceptance policy settings for the specified conditions.

To edit or delete a specific acceptance/routing rule, just use the "Edit" or the "Delete" buttons available on the right side of the filter in question. To set the order in which available rules will be applied use the up and down arrows under "Priority".

Adding a new acceptance / routing rule

Hitting the "Add Acceptance/Routing Rule" button will lead you to another page called "New Acceptance/Routing Rule".

Use the text box under "General" in order to specify the name of the new rule, then enable the new rule by checking the box in front of the "Enable this acceptance/routing rule" option.

Use the options under "Conditions" in order to specify the type of the new condition you wish to create, then hit the "Add condition" button and use the available text boxes and menus to configure the parameters of the newly-added condition. To delete one of the newly-added conditions click the recycle bin shaped icon on its right. Created conditions can match all or just part of the specified criteria according to your choice.

Use the options under "Conditions" in order to specify the type of the new action that you wish to add, then hit the "Add action" button and use the available text boxes and menus to configure the parameters of the newly-added condition. To delete one of the newly-added conditions, hit the "x" button.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

A detailed description on how to prioritize and create advanced acceptance and routing rules can be found in our article: How to create and organize advanced acceptance and routing rules.

Incoming message rules

The "Security & Filtering" -> "Incoming Message Rules" tab allows you to configure a set of message rules instructing the Axigen mail server to take certain actions on processed email messages based on pieces of information contained by the message headers.

To edit or delete any of the available rules just use the "Edit" or the "Delete" buttons, available on the right side of the rules in question. To add a new message rule click the "Add Message Rule" button and fill in the requested details. To set the order in which available rules will be applied use the up and down arrows under the "Priority" section.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Incoming rule wizard

The "Incoming Message Rules" -> "Add Message Rule" button allows you to specify a new rule for incoming messages.

Use the text box under "General" in order to specify the name of the new rule, then enable the new rule by checking the box in front of the "Enabled" option.

New rule conditions

In the "Matches" section, first decide the incoming messages for which you want the rule to apply. Next, choose the conditions you want to apply to those messages (e.g. for messages from "abc@domain.com").

Use the drop-down menu to select the type of the new condition. Available options include setting conditions relative to the subject, sender, receiver, Cc, To or Cc, size of the email, as well as a customization option, accessible by clicking on "Custom". To delete one of the newly-added criteria hit its corresponding trash-bin shaped like button.

Actions

By editing the "Actions" section you can decide what you want to do with the messages that match the above conditions. Use the drop-down menu to specify the actions corresponding to the mail message i.e. moving, copying, deleting, or redirecting it to a certain email address etc.

To add a new action, click on the "Add Action" button and then fill in all the corresponding details in the newly-displayed menus. To delete an action hit the trash-bin shaped like button displayed on the right hand side of the action in question.

When you are done configuring these parameters remember to hit the "Save Configuration" button to preserve your changes.

View quarantine

Starting with 7.5.0, Axigen introduced the Kaspersky Antivirus and Antispam integration. As a result a quarantine action was added. This tab allows you to manage emails that have been quarantined based on the anti-virus actions settings for the Kaspersky AntiVirus configuration. These can be set via WebAdmin -> "Security & Filtering" -> "Antivirus & Antispam" -> "Kaspersky AntiVirus" tab -> "Antivirus Actions" section.

You can use the "From", "To", "Size" and "Age" search options to locate specific quarantined messages. Two actions can be applied for the selected messages:

• Deliver from quarantine - the email is placed normally into the queue;
• Discard from quarantine - the email is discarded (silently, with no NDR).

Queue

The "Queue" section gives access to settings, defining, processing and viewing options for messages within the queue and also allows you to take specific actions on certain emails.

Processing

The "Processing" tab allows you to adjust mail scheduling parameters according to your needs.

Logging

You can select several types of messages to be logged: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged click the "Log Level" slider and move it to the left or to the right. The selected types of messages will change color from whiter to grey.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the "Log" drop-down menu to select where to have your log files saved.

Email delivery

Use the options in the "Email Delivery" area in order to set the parameters for rescheduling emails in case of a non-critical delivery error in the Axigen mail server.

The "First delivery retry timeout for an email" field allows you to specify the time interval for rescheduling a message in case of a non-critical delivery error in the Axigen mail server. The default value corresponds to 5 minutes, this means that the queue is rechecked after 5 minutes in order to attempt sending the message. The value for this parameter can be entered in seconds, minutes or hours. For each subsequent retry this timeout is doubled.

You can also specify the maximum time interval when the retry timeout is no longer doubled. This option is available in the "Stop doubling retry timeout when it reaches" field. The default value corresponds to 8 hours, meaning that once the retry timeout reaches 8 hours all subsequent retries will still be made after 8 hours and not after 16. The value for this parameter can be entered in seconds, minutes or hours.

Use the "Max. number of retries" field to specify the number of times Axigen server should try to deliver a mail message in case of a non-critical delivery error in the Axigen mail server.

Delivery reports

The "Temporary delivery error reports" area enables you to specify when you should first be notified about the failed attempts to deliver a message. The default value is 4. Change this value by using the up and down arrows or by simply entering the new parameter in the text box available after the "Send notification after" field.

The notification format can also be defined by filling in the "Notification Sender", "Notification Subject", "Notification Body begins with", "Append this text for each failed recipient" and "Notification body ends with" text fields.

Check the "Also attach to notification" option so the notification email will include either entire original message or just its header.

In the "Permanent delivery error reports" area, you can also define the the NDR (Non-Delivery Receipt) text and the conditions when such a message is returned. As an example, NDR responses are sent when the specified recipient of an email message is invalid.

You can further define the content of the error notification by inserting a number of variables covering the recipient address, failure reason, sender address, email size, as well as the text to be added to the end of the notification body. Use the drop down menu to also select whether to include the header of the original message or the entire original message.

Queue parameters

The "Queue path" field allows you to specify the path to the internal server queue. If the string does not represent a valid path the queue will not be stored. By default the Axigen server queue is stored in /var/opt/axigen/queue. Changing the already set path will take effect only after restarting the server. The path you enter may be absolute/full or relative to the Axigen working directory.

Use the "Max. number of queue subdirectories" field in order to specify the upper limit for the number of subdirectories in the internal queue. The default value is 64, the maximum is 256.

In the "Processing queue size" field specify the size of the internal processing queue. When too many messages have to be processed and this queue is full the next messages will be rescheduled.

Use the "Local delivery threads" field to specify the number of threads handling the local SMTP delivery. Thus you can fine tune the server behavior to your usage scenario. If you want to use your server mainly for local delivery you can set a higher number of delivery threads, top limit is 128.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

View queue

The "Queue" -> "View Queue" tab allows you to view the email processing queue with extensive information relative to the emails in the queue.

Viewing the queue

When first accessing this tab a list of emails in the queue is displayed. Email filtering options include searching the queued emails depending on their sender, receiver, email size, sending date, retry data, status. Next "Retry" field has the following format: dd mmm yyyy (e.g. 1 Jan 1970).

Use the drop-down menus and text boxes to specify the filtering parameters, then hit the "Go" button to activate them. As a result all emails meeting the specified criteria will be displayed.

To view all emails in the queue again or set different filters click the "Reset Filter" button and then fill in your new searching criteria.

Detailed message information

For details related to a specific email in the queue hit the Info button on the right hand of the email in question and check the fields of the displayed text box.

Actions to be taken for selected items

Several actions can be applied to a specific email or number of emails. These include retrying their delivery on the spot, deleting them or sending NDRs (non-delivery receipts) for the selected items.

Hitting the "Force Queue" button will result in forcing the delivery of all emails in the queue no matter their retry schedules.

Status and Monitoring

The "Status & Monitoring" section gives access to configuring the reporting service, viewing charts reflecting different server parameters and extensive details on overall and domain-specific storage:

• Reporting Service - for configuring the Axigen mail server logging service, including the logging levels and logging types.
• Charts - containing the basic policies for emails routing.
• Storage Charts - containing the advanced policies for emails acceptance and routing.

An example of Charts configuration and integration with a SNMP monitoring product can be found in our article: AXIGEN Reporting Service Configuration & Integration with Cacti.

Reporting service

The "Status & Monitoring" -> "Reporting Service" tab allows you to configure the Axigen mail server logging service including the logging levels and logging types.

SNMP is a networking management protocol used to monitor network-attached devices. SNMP allows messages (called protocol data units) to be sent to various parts of a network. Upon receiving these messages SNMP-compatible devices (called agents) return data specific to certain parameters that are monitored to the SNMP manager.

Listeners and control rules

To access SNMP listener configuration in WebAdmin, go to the "Status & Monitoring" module -> "Reporting Service" tab. A list of the already configured listeners (if any) will be displayed, sorted by their IP addresses (lowest first). To enable/disable any of the existing listeners just click on the corresponding button under Status. To edit/delete any of them click on the corresponding "Edit" or "Delete" buttons under "Actions".

To add a new listener hit the "Add Listener" button and then fill in the text boxes with the IP address and port details. Should you like the new listener to have the "Enabled" status check the box in front of the "Enable this listener" option. To finalize the adding of the new listener click on "Quick Add".

For a detailed view of listeners usage in Axigen see the "Listeners" section.

Service configuration

Logging

The log level can be set in the "Logging" section with the use of the slider, by moving it to the left or to the right, depending on how much detailed the logging information should be. The selected types of messages will change color from transparent to grey. Please note that the log level values are cumulative (i.e. setting the log level to Warning messages will also log "Critical messages" and "Error messages").

Log types

Use the drop-down menu under Log to select one of the available logging types. You can log (internally, remotely or using the system log) the activity of all services available in Axigen.

Use remote log option: Axigen Log Service can log internal data coming from other Axigen modules/services or data coming from the UDP port 2000 (default option). Use the drop-down menu to select the custom option if you wish to specify another port.

Data collection

You can "Enable" / "Disable" data collection for domain/domain objects, relevant for the corresponding chart parameters.

Use the up and down arrows in order to specify the time interval when the logging information should be collected. The collected samples will be aggregated and stored according to each chart's configuration.

SNMP parameters

In this section SNMP can be enabled by checking the box in front of it. Version 6.0 of Axigen now supports SNMP Traps that can be set either for connected managers or specific IPs by checking the "SNMP Send Traps To All Managers" option or defining a SNMP Community and adding IP:Port combinations to it. To add a new trap destination fill the details in the corresponding text field and click the "Add" button. "Trap Destinations" can be edited directly in the field they are displayed in or deleted by clicking their corresponding "Delete" button.

Download "Axigen MIB File" to see all parameters monitored by the reporting service, their description and other relevant details.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Charts

The "Status & Monitoring" -> "Charts" tab allows you to configure sets of parameters to be monitored and view their corresponding graphical activity charts.

Defined charts

When accessing the "Charts" tab a list of the already configured graphics is displayed, if none has been previously created the list will be empty.

Charts operations

To edit or delete any of the already defined charts use the options under the "Actions" section: to edit the details of an already defined chart hit the "Edit" hit its button on the right side of its name, to delete it click the corresponding "Delete" button. You can view the full size chart by clicking the magnifying glass button.

Should you like to add a chart hit the "Add Chart" button and fill in the requested details.

Use the drop-down menu to select one of the available chart groups or create a new one by filling in its name in the corresponding text box. This will help you to categorize the created charts, thus providing a proper structure for charts organization. Then specify the desired name for your chart and hit the Next step button. This will result in displaying two new pages: "Chart Parameters" and "Display Settings". The same pages will also appear when wishing to edit the parameters of an already defined chart.

Chart groups

The defined "Chart Groups" allow quick and comprehensive browsing through all the displayed graphs: clicking on one of the available groups will result in displaying all the charts defined for that specific group to ease the search and configuration.

Refresh options

For an accurate representation an automatic refresh option is available alongside a manual refresh button.

Chart parameters

The "Charts" -> "Chart Parameters" page allows you to specify the parameters relative to a new or an already defined chart.

General settings

Use the options under the "General Settings" section in order to configure the parameters relative to the "Chart Group" and "Chart Name".

Use the drop-down menu on the right side of the "Chart Group" option in order to specify the name of the group within which the new chart will be created. Choose one of the already defined charts or use the "Custom group" option. The latter option will allow you to create a new chart group and fill in its name in the accompanying text-box on the right.

Data collection

Use the options under the "Data Collection" section in order to specify the start date and the end date for the respective chart, which also defines the relevance interval for the collected data.

The export options include a summary, CSV data and XML data.

Counters

The "Parameters" tab allows you to add/edit/delete chart counters. Use the "Add chart counter" button to add a new parameter that will be graphically represented on the chart.

In the "General" tab, use the options under the General Settings section in order to specify the parameter ID, the parameters to be collected, the "Chart Group", as well as the "Aggregation Function" used in representing the values for the counter.

Use the drop-down menu available on the right hand side of the "Parameter to collect" option in order to select the new parameter to be monitored.

Bellow is a brief description of the Reporting Parameters.

Service Parameters

1. SMTP Incoming Parameters
   • SMTP_InboundConnection - monitors the number of inbound connections on any of the SMTP Receiving listeners.
   • SMTP_InboundConnectionAuthenticated - reports the number of connections that try to authenticate on any of the SMTP Receiving listeners.
   • SMTP_InboundConnectionAuthenticatedSuccess - monitors the number of connections that authenticate successfully on any of the SMTP listeners.
   • SMTP_InboundMessage - reports the number of emails sent using the SMTP service.
   • SMTP_InboundMessageBytes - monitors the size (in bytes) of the emails sent through the SMTP service.
   • SMTP_InboundMessageTOcommandsAccepted - reports the number of accepted recipients for emails sent through the SMTP service.
   • SMTP_InboundMessageTOcommandsRejected - monitors the number of failed "rcpt to" commands (rejected recipients) on the SMTP service.
   • SMTP_InboundMessageFROMAccepted - reports the number of accepted "mail from" commands on the SMTP service.
   • SMTP_InboundMessageDATAUsed - monitors the total number of DATA commands used on the SMTP service.
   • SMTP_InboundMessageDATAAccepted – reports the number of successful DATA commands used on the SMTP service.
   • SMTP_InboundMessageBDATAccepted - monitors the number of emails sent using SMTP BDAT commands.
   • SMTP_InboundMessageBodyAccepted - reports the total number of accepted email bodies sent through the SMTP service.
2. SMTP Outgoing Parameters
   • SMTP_OutboundConnection - monitors the total number of outbound connections performed by the SMTP Sending service.
   • SMTP_OutboundConnectionAuthenticated - reports the total number of outbound connections that try to authenticate.
   • SMTP_OutboundConnectionAuthenticated - monitors the total number of successfully authenticated outbound connections.
   • SMTP_OutboundConnectionErrorFinish - reports the total number of outbound connections that terminate with an error.
   • SMTP_OutboundMessage - monitors the total number of emails sent by the SMTP Sending service.
   • SMTP_OutboundMessageMessageBytes - reports the size of the emails sent by SMTP Sending.
   • SMTP_OutboundMessageTOcommandsAccepted - monitors the number of accepted TO commands executed by the SMTP Sending service.
   • SMTP_OutboundMessageTOcommandsRejected – reports the number of rejected TO commands performed by SMTP Sending.
   • SMTP_OutboundMessageFROMAccepted - monitors the total number of accepted FROM commands executed by the SMTP Sending service.
   • SMTP_OutboundMessageDATAUsed - reports the number of DATA commands used by the SMTP Sending service.
   • SMTP_OutboundMessageDATAAccepted - monitors the number of accepted DATA commands executed by SMTP Sending.
   • SMTP_OutboundMessageBDATAccepted - reports the number of accepted BDAT commands performed by the SMTP Sending service.
   • SMTP_OutboundMessageBodyAccepted - monitors the number of accepted email bodies sent by SMTP Sending.
3. POP3 Inbound Connection Parameters
   • POP3_InboundConnection – reports the number of inbound connections on any of the POP3 listeners.
   • POP3_InboundConnectionMessagesDelivered - monitors the number of successful RETR commands executed on POP3 connections.
   • POP3_InboundConnectionToppedMessagesDelivered - reports the total number of TOP commands performed on POP3 connections.
   • POP3_InboundConnectionMessagesDeleted - monitors the total number of messages deleted using the POP3 protocol.
4. HTTP Inbound Connection Parameters
   • HTTP_InboundConnection - reports the number of inbound connections on any WebAdmin or WebMail listener.
   • HTTP_InboundConnectionAuthenticated - monitors the number of connections that try to authenticate on any HTTP listener.
   • HTTP_InboundConnectionAuthenticatedSuccess - reports the total number of successful authentication attempts on any of the HTTP listeners.
   • HTTP_InboundConnectionProtocolError - monitors the total number of protocol errors triggered on HTTP connections.
   • HTTP_User parameter - reports the total number of authenticated users on any of the WebMail listeners.
   • HTTP_UserMessagesRead - monitors the total number of emails read by authenticated users using WebMail.
   • HTTP_UserMessagesComposed - reports the total number of composed messages using WebMail.
   • HTTP_UserFinishInError - monitors the total number of sessions that terminate with errors.
5. IMAP Inbound Connection
   • IMAP_InboundConnection - monitors the number of inbound connections on any of the IMAP listeners.
   • IMAP_InboundConnectionAuthenticated - reports the number of connections that try to authenticate on any of the IMAP listeners.
   • IMAP_InboundConnectionAuthenticatedSuccess - monitors the total number of successful authentication attempts tried on any of the IMAP listeners.
   • IMAP_InboundConnectionSyntaxError - reports the total number of syntax errors triggered on IMAP connections.
   • IMAP_InboundConnectionCloseConnectionForced - monitors the total number of IMAP connections forcibly closed by the server.
   • IMAP_InboundConnectionConnectionTimeout - reports the total number of expired IMAP connections.
   • IMAP_FetchRequest - monitors the total number of FETCH requests preformed on IMAP connections.
   • IMAP_FetchRequestSentBytes - reports the total number of bytes sent by the server in reply to FETCH requests.
   • IMAP_FetchRequestTimeSpan - monitors the total number of seconds elapsed while the server replied to FETCH requests.
   • IMAP_FetchRequestError- reports the total number of FETCH requests that triggered an error.
   • IMAP_SearchRequest - monitors the total number of SEARCH requests executed on IMAP connections.
   • IMAP_SearchRequestSentBytes - reports the total number of bytes sent by the server in reply to SEARCH requests.
   • IMAP_SearchRequestTimeSpan - monitors the total number of seconds elapsed while the server replied to SEARCH requests.
   • IMAP_SearchRequestError - reports the total number of SEARCH requests that triggered an error.
   • IMAP_AppendRequest - monitors the total number of APPEND requests performed on IMAP connections.
   • IMAP_AppendRequestSentBytes - reports the total number of bytes sent by the server on IMAP connections in reply to the APPEND requests.
   • IMAP_AppendRequestError - monitors the total number of APPEND requests that triggered an error.
   • IMAP_ListRequest - reports the total number of LIST requests executed on IMAP connections. \
   • IMAP_ListRequestSentBytes - monitors the total number of bytes sent by the server on IMAP connections in reply to the LIST requests.
   • IMAP_ListRequestTimeSpan - reports the total number of seconds elapsed while the server replied to LIST requests.
   • IMAP_ListRequestError - monitors the total number of LIST requests that triggered an error.

System Parameters

• QUEUE_Size - monitors the number of messages in the Axigen's processing queue.
• SYSTEM_LoadAverage – reports the system's load average for 1min.

Filter Parameters

All filter objects have an associated AFSL file. Filter parameters are in fact counters for the various resulting actions generated by the AFSL files. For each available socket filter (active or not) 7 parameters are available: Pass, Discard, Match, Reject, Successful, Error and Total. This means that the total number of filter related parameters is the number of filters * 7.

• <filter_name> Pass - each time a PASS returning code is generated for a message this counter is incremented.
• <filter_name> Discard – this counter is incremented each time a DISCARD returning code is generated for a message.
• <filter_name> Match – each time a MATCH returning code is generated for a message this counter is incremented, as such the "actionOnMatch" value will be returned (depending on the filter this can mean pass / discard / reject).
• <filter_name> Reject – this counter is incremented each time a REJECT returning code is generated for a message (NDR will also be sent for that message)
• <filter_name> Successful – each time a message was successfully tested and either passed, matched or was discarded / rejected (no errors were triggered) this counter is incremented.
• <filter_name> Error – this counter is incremented each time a message triggered an AFSL or any processing related error.
• <filter_name> Total - each time a message was processed (Error or Successful) this counter is incremented.

Example: Built-in Filter: SpamAssassin

Built-in Filter: SpamAssassin Pass - a message passed the SpamAssassin tests.
Built-in Filter: SpamAssassin Discard - a message was discarded.
Built-in Filter: SpamAssassin Match - a message was marked as spam (the corresponding actionOnMatch action will be taken).
Built-in Filter: SpamAssassin Reject - a message was rejected (with NDR).
Built-in Filter: SpamAssassin Successful - a message was successfully tested and either passed, matched or was discarded / rejected.
Built-in Filter: SpamAssassin Error - a message generated an error (in AFSL, SpamAssassin or Processing).
Built-in Filter: SpamAssassin Total - a message was processed (either Error or Successful counters have been incremented). 

The "Chart Group" drop-down box allows you to choose the level for which data will be collected in reference to the above set parameter.

Use the drop-down menu to select one of the available Aggregation Functions: average, maximum, minimum or total.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Display settings

The "Charts" -> "Display Settings" page allows you to specify the parameters relative to a new or an already defined chart.

Predefined styles

To choose one of the predefined graphic types use the "Chart Type" drop-down box. Available options are bars, discrete dots, discrete lines, fill, fill with outline, and outline types.

You can further customize the colors of your defined graphic using the "Fill color" and "Outline color" drop-down menus. Available options include black and white, grey, as well as red, orange, blue, magenta and green and their darker and lighter nuances.

Live preview

Preview the display of the selected chart type by checking the "Live Preview" section. In this case, for example, you can view the Discrete lines chart type.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Storage charts

The "Status & Monitoring" -> "Storing Charts" tab allows you to view graphical charts of the Axigen mail server space usage for both overall storage and per domain storage.

The storage charts indicate the exact space that is allocated and occupied on the disk, for the Axigen storage. This means that the respective storage size, shown in the chart is not the maximum allowed, but only the currently allocated size and the used size of that allocated space. If these two values are almost the same (the related percentage will be closer to 100%) it will indicate that Axigen uses almost all the information that is written on the disk, meaning the disk space usage is efficient.

Overall storage

Check this chart to view the aggregated disk storage and space usage information. Storage values will be displayed in KB and percentages.

Per domain storage

This section displays the space usage information for each of the domains hosted by Axigen. To ease the search use the "Domain Search" option and fill in the name of the domain that you want to check. The information available for that specific domain will be displayed on a filter as you type basis.

Check the graphical bars to view the total storage information and space usage percentage for the selected domain. Should you like to view additional storage information click the "Detailed Info" button on the right side of the domain in question, in the "Actions" section.

This will result in accessing another page with "Detailed Storage Info", meaning the storage charts for the selected domain (such as localdomain.com in this example).

If needed Axigen will dynamically increase the allocated disk space until it reaches the maximum allowed storage size for that domain. By default this is 32 GB.

Detailed storage info

The "Storage Charts" -> "Detailed Storage Info" page allows you to view the storage information for the selected domain: the total storage files as well as details relative to the domain, object and message storages.

All storage files & domain storage

To view the information related to all the storage files for the selected domain check the details under the "All Storage Files" section. Should you like some detailed information about the domain storage only look in the "Domain Storage" section. You will thus be able to see the location of the domain storage files as well as the maximum number and size of domain storage files. The "Domain Storage" and "Overall Usage Information" are also available as a graphical bar with the corresponding values in KB and percentages.

For additional information about the location and name of the domain storage files hit the "Show domain storage files" button. To hide this option click the Hide domain storage files button.

Object storage & message storage

For detailed information about the object and message storage check the details available under the corresponding sections: "Object Storage" and "Message Storage". Again you will be able to see the location of the corresponding storage files as well as the maximum number and size allowed for such files.

The "Domain Storage" and "Overall Usage Information" are also available as a graphical bar with the corresponding values in KB and percentages. For more information about the location and name of the corresponding storage files with the use of the "Show" button.

To get back to the previous page, "Storage Charts", use the "Back to: Storage Charts" button available at the top of the current page.

Logging

The "Logging" section gives access to viewing, deleting, downloading log information for each Axigen mail server module and adding or configuring log collection rules.

Local services log

The "Logging" -> "Local Services Log" tab allows you to view the log information for each of the Axigen services.

Local services log overview

Check the options under the "Local Services Log Overview" section to view the Axigen modules and their logging levels and files. "Displayed Log Levels" are the ones configured into the "Reporting Service" tab from the "Status & Monitoring" section.

For each Axigen module information messages related to the processed data and connections are stored by default under the "default.txt" file. To change the implicit location of the file click the "Change" button, then fill in the new file name and click on "Save".

Log collection rules

The "Logging" -> "Log Collection Rules" tab allows you to view or add log collection rules.

Log collection rules

When accessing this page, a list of the already defined log collection rules will be displayed. To edit one of the rules use the "Edit" button available on the right side of the rule in question, to delete it use its corresponding "Delete" button.

To set the order in which the defined log collection rules will be applied use the up and down arrows displayed on the right hand of the "Delete" option.

The default rule found in this context will store the data logged from all the Axigen modules into the "default.txt" file. This cannot be edited or removed. For specific logging needs additional collection rules can added by clicking on the "Add Rule" option. Adding or editing a log collection rule implies configuring the same set of parameters available in a new page that will be displayed: "Configure Log Collection Rule".

Log collection rule configuration

The "Log Collection Rules" -> "Configure Log Collection Rule" page contains the parameters relative to the configuration of new log collection rules including the services for which logs are to be created, log levels and rotation criteria.

Settings section

Use the drop-down menu under the "Collect messages from" option in order to select the general type of services for which logs are to be kept. Available options include local services and remote host. When choosing the latter option you will also have to specify the remote host details in an additional text box.

The "Collect logs from service" option enables you to select the specific service for which logs are to be created. Use the drop-down menu to make your choice.

Use the in file option to view or change the file that will store all the information messages related to the processed data and connections. To change it just fill in the new details in available the text box.

Logging

The log level can be set in the Logging section with the use of the slider, by moving it to the left or to the right, based on how detailed the logged information should be. The selected types of messages will change color from transparent to grey.

Rotation parameters

In the "Rotation parameters" section options such as destination file size, maximum lifetime for the destination file and also the limit number of old log files kept can be defined. To enable any of these options check the boxes in front of them, then use the up and down arrows to set their specific values. Note that that the default setting for the "Limit no. of old log files kept to" option indicates that all old rotated log files will be kept.

When you are done configuring these parameters remember to hit the "Save Configuration" button to preserve your changes.

To go back to the "Log Collection Rules" tab hit the Back to: Log Collection Rules option available in the top left corner of this page.

View log files

The "Logging" -> "View Log Files" tab enables you to view, delete or download all the log files storing the information for defined log collection rules.

Log files

When accessing this tab a list of all the available log files will be displayed. To change the number of displayed logs use the drop-down menu available for the Show...files per page option. To view another page of logs click on its corresponding number or on the "Next" option.

Viewing, deleting or downloading a log file

To see the contents of a log file click the "View" option available on its left side. A new section with the logged information will appear and useful scrolling options to be used for viewing the entire content of the log file.

To delete a specific log file click on its corresponding "Delete" button. To download a certain log file hit the button available on the right side of its "Delete" option. A helpful note will also appear to announce you that you can use this button with the purpose to "Download the log file in question".

Log server settings

The "Logging" -> "Log Server Settings" page allows you to configure parameters relative to this specific service's configuration, to add listeners and further manage and define logging parameters.

Listeners and control rules

Currently, UDP listeners are only available for the Logging service, the only Axigen UDP Service. A list of the already configured listeners (if any) will be displayed, sorted by their IP addresses (lowest first). They are used to specify the socket to listen to for connecting to the Log service. To enable/disable any of the existing listeners just click on the corresponding button under "Status". To edit/delete any of them hit the corresponding "Edit" or "Delete" buttons under "Actions".

To define a new listener, use the "Add Listener" button and fill in the text boxes with the IP address and port details.. The default value for this parameter is 127.0.0.1:2000.

Should you like the new listener to have the "Enabled" status check the box in front of the Enable this listener option. To finalize the adding of the new listener click on "Quick Add".

For more information consult 3.2.2.2 Listeners and Control Rules section.

Service configuration

Logging settings

To set the "Log Level" click the slider and move it to the left or to the right. The selected types of messages will change color from transparent to grey. Please note that the log level values are cumulative (i.e. setting the log level to "Informational Messages" will also log Critical messages, Error messages and Warning Messages.)

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the "Log" drop-down menu to select where to have your log files saved.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Back-up and Restore

The "Back-up & Restore" section provides the administrator with built-in backup services that can be used to retrieve the Axigen domain storage data. Currently the Axigen domain storage can be backed-up using the FTP Backup service or by using File System Access - FUSE.

FTP back-up and restore

The "FTP Backup & Restore" tab allows you to configure parameters relative to this specific service's configuration, add listeners and manage access to the service by adding rules applicable to all existing listeners. For details on listeners and rule configuration, see "TCP Listeners and Control Rules" chapter.

Listeners and control rules

By default the listener will be configured on 127.0.0.1 (localhost) and port 21 which is the default port for the FTP protocol.

For more information on general service listeners information consult the Listeners & Rules section.

Access Control

FTP Back-up & Restore access rules allow you to control connection to this service from specific Networks / IP Ranges / IPs.

For more information on service access control consult the 1.2.2 Multi-layer access control

Flow Control

The service flow control context allows you to define the max connections, max connections/interval, max peer connections, max peer connections/interval values.

Service configuration

Through "Service Configuration" you can manage logging, error and thread control parameters.

Logging

You can select several types of messages to be logged for the Backup & Restore service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged click the Log Level slider and move it to the left or to the right, the selected types of messages will change color from whiter to grey.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the Log drop-down menu to select where to have your log files saved.

Message packaging

If disabled messages in the folder will be displayed each one individual under the directory corresponding to the email folder and if enabled then a TAR archive with name messages.tar containing all messages in the folder will be presented.

The purpose of the messages.tar is to reduce the number of transfers and connections (and thus the communication overhead) on FTP connection in case of a large number of messages in a folder.

Error control

To set a maximum number of errors caused by invalid commands received from clients or by failed authentication attempts check the respective options in the "Error Control" area of the Backup & Restore service. Use the up and down arrows corresponding to each of these options to set a specific number of errors.

Thread management

Thread management allows you to set different numbers of processing threads for the Backup & Restore service depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the Backup & Restore service is started. To have a different number of threads for peak periods check the overload option and use the up and down arrows to choose the thread number.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

File system access

"File System Access" allows back-up and restore processes through file system mounts. Tutorials on how to access the Axigen domain storage via FUSE can be found in our related articles:

• How to mount the Axigen storage in a virtual file system on a Linux platform;
• How to mount the Axigen storage in a virtual file system on a Windows platform.

FUSE mount point

In the "Mount Object" quick add interface the following elements appear:

• the mount point option;
• the mount scope option.

The mount scope type drop-down contains the options:

• Domain (default): select this option to mount the entire domain

• Object: select this option to mount only an account by specifying the email address

• Public Folder: select this option to mount a public folder by specifying the public folder's path and the domain containing the public folder

• Folder: select this option to mount an account's folder by specifying the email address of the account and the folder's path

Automatic Migration

The "Automatic Migration" tab allows you to enable and configure the automatic migration of domains previously managed with a different mail server to the Axigen mail server. When first accessing the tab an alphabetical list of existing domains is displayed. The current status of the migration is displayed - Migration Enabled/Disabled - and the opposite action button - Disable/Enable - is available for each domain.

If the domain list is quite large and you need to locate a certain domain type its name in the "Domain Search" text field and hit "Enter" on your keyboard. Should you like to return to the prior alphabetical list click the "Reset Filter" button displayed after the search filter has been successfully applied.

Migration from another mail server

In order to enable the migration process for a certain domain you have to first configure its parameters. To do so, first hit the "Configure" button corresponding to each domain name. The options in the below screen capture will appear:

To turn on the migration process please check the "Enable automatic migration for this domain" option. For the migration process to work you should also configure the connection to the old mail server. Therefore please specify the IP/Hostname of the priorly used server and its SMTP and IMAP Ports in the corresponding text fields. To preserve these connection details please hit the "Quick Save" button.

Account creation based on LDAP authentication

Enable this feature to auto create Axigen users with the credentials from LDAP if they authenticate successful with the LDAP structure.

This behavior is meant to ensure that accounts will not be automatically created (as part of the automatic migration process) when the Axigen service is synchronizing (creating/modifying) accounts from a LDAP server.

Clustering

The "Clustering" section allows you to setup the Axigen mail server clustering support. Clustering support is based on OpenLDAP / Active Directory integration with Axigen providing SMTP routing and proxy services via the Axigen POP3 Proxy, IMAP proxy and WebMail proxy services. This feature enables you to spread mailboxes on several Axigen servers and have a separate machine that routes POP3/IMAP/WebMail connections to the appropriate mailbox server. It also supports the LDAP Authentication mechanism for the Axigen mail server.

Clustering setup

The "Clustering Setup" tab gives access to three different pages:

• LDAP Connectors - allows you to create and manage LDAP Connectors and to also set some general parameters relative to logging and connection threads.
• User Maps - the page gives access to creating, editing and deleting user maps.
• Routing and Authentication - containing parameters relative to routing possibilities for POP3 Proxy, IMAP Proxy and SMTP.

LDAP connectors

The "LDAP Connectors" page allows you to manage existing LDAP connectors and to create new ones as well as to configure some general parameters that direct logging and threading behavior for the connectors.

When first accessing the "LDAP Connectors" page a list of already defined connectors is displayed. To change the settings for an already defined LDAP connector hit its corresponding "Edit" button, to delete it use the "Delete" button.

To create a new LDAP connector click the "Add Connector" button. Whether adding or editing a connector the same configuration window pops up.

The connector options should be entered based on the settings of your LDAP server and the Axigen LDAP connector intended usage.

First enter a name for the connector in the "LDAP Connector name" field.

In the "LDAP Server Parameters" enter:

• the IP/Hostname and Port on wich the LDAP server is listening. By default the port is 389;
• from the "Server type" drop-down box select the server type you wish to use the connector with: OpenLDAP or ActiveDirectory;
• if you are setting up the Axigen server for a cluster environment check the box related to the "Enable Clustered Operations" option, which when enabled will determine Axigen to match entries based on the backend hostname attribute).

• in this section you can also set the "Timeout" counter (interval corresponding to the timeout on an Axigen <-> LDAP connection) which is by default set to 4 seconds and can take values between 1-600 seconds, the "Polling interval" (time period between two automatic Axigen to LDAP queries) which is by default set to 10 seconds and can take values between 2-600 seconds and "Transient error retry interval" counter which is by default set to 5 seconds and can take values between 2-600 seconds.
• select the required synchronization method from the drop-down box related to the "Synchronization direction" entry. You can choose to use Axigen to LDAP, LDAP to Axigen or Both ways. If you choose both ways synchronization you will then have to choose a winner for the situations when there is a parameter synchronization conflict (LDAP and Axigen have a different value for a parameter).

In the "LDAP Search Parameters" you can set:

• enable the "Use Administrative DN" - This option instructs Axigen to authenticate, using the defined user, to the LDAP server before requesting information. This user is the admin user defined in the LDAP rootdn configuration;
• enter the proper "Admin DN" and "Admin DN Password";
• in the "Account base DN" field enter the DN of the LDAP organizational unit where the user accounts are defined. For example: ou=Users,dc=example,dc=test. You can also use the %x parameter, to create a connector that can be used in a multiple domain setup, which will expand depending on the name of the synchronized domain.
• if you wish to also synchronize the Axigen Groups with the LDAP server, you can optionally check the box related to "Enable Group Synchronization" and enter in the "Group base DN" field the DN of the LDAP organizational unit where the group accounts are defined. For example: ou=Groups,dc=example,dc=test. You can also use the following placeholders, to create a connector that can be used in a multiple domain setup, which will expand depending on the name of the synchronized domain:

   %d: domain name => axigen.com                  ; Usage example for "Account base DN": ou=Users,dc=%d,dc=base
   %x: expanded domain name => dc=axigen,dc=com   ; Usage example for "Account base DN": ou=Users,%x,dc=base

• if you wish to use a custom correspondence between the Axigen account parameters and the LDAP parameters, you can check the box related to the "Use custom schema" option. Then enter the custom schema file name in the related text box. To obtain a custom schema for your setup, please contact our support line, making sure you provide them with your requirements and examples of what custom account parameters you wish to use.

In the "LDAP Routing Configuration" section you can set the "Hostname attribute" which has to point to the LDAP account parameter that holds the hostname of the server where the account is located (ex: mailHost). This parameter is used by Axigen when you configure SMTP or WebMail/IMAP/POP3 proxy routing, to determine to which server it will route the respective connection. This is useful in a clustered environment.

Other LDAP integration related information is available in our knowledgebase LDAP articles.

Logging parameters

You can select several types of messages to be logged for the Clustering module: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged click the "Log Level" slider and move it to the left or to the right. The selected types of messages will change color from transparent to grey.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the "Log" drop-down menu to select where to have your log files saved.

Thread management

Thread management allows you to set different numbers of processing threads for the LDAP Connectors depending on your traffic load. Set a number of threads to be allotted when the LDAP Connectors are started using the up and down arrows.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

User maps

Through the "User Maps" page you can manage existing user maps and also add new ones. When first accessing this page a list of already defined user maps is displayed.

To modify an existing user map use the corresponding Edit button, to delete it click the Delete button. To add a new one simply hit the "Add User Map" button. Whether adding a new map or editing and existing one the same configuration window pops up.

Specify a name for the map you are currently configuring in the "User Map name" text field. Then select a type for your user map using the "User Map type" drop down menu. Available options are local file, LDAP Password and LDAP Bind. Should you choose local file you have to specify the path to the respective file's location in the second text field of this parameter. For "LDAP Password" and "LDAP Bind" the text field turns into a second drop down menu used to select one of the LDAP connectors defined on the "LDAP Connectors" page.

After configuring these parameters, hit the "Quick Add" button (if adding a new user map) or the "Update" button (if editing an existing one) to save your settings.

Routing and authentication

The "Routing and Authentication" page allows you to select the authentication type performed for all services of the Axigen mail server and to also set parameters managing routing behavior at POP3 Proxy, IMAP Proxy, WebMail Proxy and SMTP level.

The authentication can be of three types (available in a drop down menu) - internal, LDAP Password and LDAP Bind. When selecting internal the authentication will be performed through the internal user database. If "LDAP Password" or "LDAP Bind" is chosen, one of the LDAP connectors defined on the "LDAP Connectors" page must be selected.

Routing and proxy redirect requests are performed through one of the user maps previously defined. Therefore, please select one of the existing user maps using the corresponding drop down menu from the "Routing configuration" section. In some cases no match will be found for a certain request within the selected user maps. For these particular cases please specify an IP/port combination to redirect POP3, IMAP and WebMail requests to.

Enable the Append domain feature and fill in the primary domain name on the server so that all unqualified logins will automatically have the @domain_name appended.

To have routing at SMTP level enabled check the respective option in the "Routing configuration" section and select an existing user map in the dedicated drop down menu.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

POP3 Proxy

The "POP3 Proxy" tab allows you to configure parameters relative to this specific service's configuration, add listeners and manage access to the service by adding rules applicable to all existing listeners.

Listeners and control rules

The first section in the "POP3 Proxy" tab is "Listeners". Here you can add, delete or edit the TCP socket listeners for the POP3 Proxy service.

Editing one of the existing listeners will result in accessing two configuration pages: "General" and "SSL Settings". The same pages will also be displayed when hitting the Add Listener button and choosing the "Advanced Config" option.

By default the listener will be configured on 127.0.0.1 (localhost) and port 8110.

Access control

Access rules allow you to control connection to this service from specific Networks / IP Ranges / IPs.

Flow control

The service flow control context allows you to define the max connections, max connections/interval, max peer connections, max peer connections/interval values.

Service configuration

Through "Service Configuration" you can manage logging, authentication and encryption, error and thread control parameters and backend server connection settings.

Logging

You can select several types of messages to be logged for the POP3 Proxy service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged click the "Log Level" slider and move it to the left or to the right. The selected types of messages will change color from transparent to grey.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the "Log" drop-down menu to select where to have your log files saved.

Encryption and authentication

The POP3 Proxy service allows only one authentication method which is PLAIN. Therefore as it is recommended to use StartTLS or SSL to enhance connection security, please check the "Allow StartTLS" option in the "Encryption and Authentication" section. Should you like your proxy to handle the authentication, check the "Perform authentication on proxy" option. Alternatively, the authentication will be performed on the back-end server.

Error control

To set a maximum number of errors caused by invalid commands received from clients or by failed authentication attempts check the respective options in the "Error Control" area of the POP3 Proxy service. Use the up and down arrows corresponding to each of these options to set a specific number of errors.

Thread management

Thread management allows you to set different numbers of processing threads for the POP3 Proxy service depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the POP3 Proxy service is started. To have a different number of threads for peak periods check the overload option and use the up and down arrows to choose the thread number.

Back-end server connection settings

To set a specific sending and receiving timeout first check the respective option in the "Back-end Server Connection Settings" section. The timeout is computed in milliseconds (use the up and down arrows or edit the respective text field to increase or decrease the default value) and ranges between 10 and 65535.

The total number of connections established on the back-end server can be limited by checking the corresponding option. Use the up and down arrows or edit the respective text field to increase or decrease the default value - possible values range between 1 and 65535 connections.

In order to overwrite the default local network interface used for back-end server connections check the corresponding option and type the respective interface in the "Local network interface IP address" field.

Use a secure (SSL enabled) connection when accessing the back-end server by checking the corresponding option in the "Back-end Server Connection Settings" section.

POP3 Proxy options

You are able to configure the greeting string at POP3 Proxy service level. This option is available as a service configuration from both CLI and WebAdmin. When defining the greeting string, you can use the following placeholders (note that the placeholders are case sensitive):

•  %H = network hostname of the server machine
•  %D = network hostname.domainname of the server machine (FQDN)
•  %A = listener IP
•  %P = listener port
•  %U = APOP ID in followin format number.number@hostname.domainname
•  %V = axigen version
•  %% = %

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

IMAP Proxy

The "IMAP Proxy" tab allows you to configure parameters relative to this specific service's configuration, add listeners and manage access to the service by adding rules applicable to all existing listeners. For details on listener and rule configuration, see "TCP Listeners and Control Rules" chapter.

Listeners and control rules

The first section in the IMAP Proxy tab is "Listeners". Here you can add, delete or edit the TCP socket listeners for the IMAP Proxy service.

Editing one of the existing listeners will result in accessing two configuration pages: "General" and "SSL Settings". The same pages will also be displayed when hitting the "Add Listener" button and choosing the "Advanced Config" option.

By default the listener will be configured on 127.0.0.1 (localhost) and port 8143.

Access control

Access rules allow you to control connection to this service from specific Networks / IP Ranges / IPs.

Flow control

The service flow control context allows you to define the max connections, max connections/interval, max peer connections, max peer connections/interval values.

Service configuration

Through "Service Configuration" you can manage logging, authentication and encryption, error and thread control parameters and backend server connection settings.

Logging

You can select several types of messages to be logged for the IMAP Proxy service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged, click the "Log Level" slider and move it to the left or to the right. The selected types of messages will change color from transparent to grey.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the "Log" drop-down menu to select where to have your log files saved.

Encryption and authentication

The IMAP Proxy service allows only one authentication method which is PLAIN. Therefore, as it is recommended to use StartTLS or SSL to enhance connection security check the "Allow StartTLS" option in the "Encryption and Authentication" section. Should you like your proxy to handle the authentication check the "Perform authentication on proxy" option, alternatively the authentication will be performed on the back-end server.

Error control

To set a maximum number of errors caused by invalid commands received from clients or by failed authentication attempts check the respective options in the "Error Control" area of the IMAP Proxy service. Use the up and down arrows corresponding to each of these options to set a specific number of errors.

Thread management

Thread management allows you to set different numbers of processing threads for the IMAP Proxy service depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the IMAP Proxy service is started. To have a different number of threads for peak periods check the overload option and use the up and down arrows to choose the thread number.

Back-end server connection settings

To set a specific sending and receiving timeout first check the respective option in the "Back-end Server Connection Settings" section. The timeout is computed in milliseconds (use the up and down arrows or edit the respective text field to increase or decrease the default value) and ranges between 10 and 65535.

You can limit the total number of connections established on the back-end server by checking the corresponding option. Use the up and down arrows or edit the respective text field to increase or decrease the default value - possible values range between 1 and 65535 connections.

In order to overwrite the default local network interface used for back-end server connections check the corresponding option and type the respective interface in the Local network interface IP address field.

To use a secure (SSL enabled) connection when accessing the back-end server, please check the corresponding option in the "Back-end Server Connection Settings" section.

IMAP Proxy options

You are able to configure the greeting string at IMAP Proxy service level. This option is available as a service configuration from both CLI and WebAdmin. When defining the greeting string, you can use the following placeholders (note that the placeholders are case sensitive):

•  %H = network hostname of the server machine
•  %D = network hostname.domainname of the server machine (FQDN)
•  %A = listener IP
•  %P = listener port
•  %U = APOP ID in followin format number.number@hostname.domainname
•  %V = axigen version
•  %% = %

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

WebMail Proxy

The "WebMail Proxy" tab allows you to configure parameters relative to this specific service's configuration, add listeners and manage access to the service by adding rules applicable to all existing listeners. For details on listener and rule configuration, see "TCP Listeners and Control Rules" chapter.

Listeners and control rules

The first section in the "WebMail Proxy" tab is "Listeners". Here you can add, delete or edit the TCP socket listeners for the WebMail Proxy service.

Editing one of the existing listeners will result in accessing two configuration pages: "General" and "SSL Settings". The same pages will also be displayed when hitting the "Add Listener" button and choosing the "Advanced Config" option.

By default the listener will be configured on 127.0.0.1 (localhost) and port 8800.

Access control

Access rules allow you to control connection to this service from specific Networks / IP Ranges / IPs.

Flow control

The service flow control context allows you to define the max connections, max connections/interval, max peer connections, max peer connections/interval values.

Service configuration

Through "Service Configuration" you can manage logging, authentication and encryption, thread control parameters and back-end server connection settings.

Logging

You can select several types of messages to be logged for the WebMail Proxy service: critical messages, error messages, warning messages, informational messages and protocol communication. To select which of these are to be logged, click the "Log Level" slider and move it to the left or to the right. The selected types of messages will change color from transparent to grey.

Log files can be stored using your internal log files, your system's log files or within the log files located on a remote system. Use the "Log" drop-down menu to select where to have your log files saved.

Encryption and authentication

If the "Perform authentication on proxy" option is selected the proxy will perform credential checks. If left unchecked the authentication will be performed on the back-end server.

HTTP Protocol options

By checking the "Allow HTTP Keep-Alive" option, you allow permanent HTTP connections for the WebMail Proxy service.

Next, you can set the HTTP limits for WebMail Proxy requests. Use the "Limit HTTP Request header" to option in order to specify the maximum allowed size for incoming HTTP headers, and the "Limit HTTP Request body" to option in order to specify the maximum allowed size for incoming HTTP body. The sizes for these two options can be set by using the up and down arrows, in KB or MB.The third option, Limit file uploads, can be used to set the maximum allowed size for incoming upload data. It applies to attachments, mail body and contact import operations uploaded via the Webmail interface. The size for this parameter can be set by using the up and down arrows, in KB, MB or GB.

Select the appropriate action to be taken when the incoming data is over the set limits by using the If any of the above limits is exceeded option. Use the drop-down menu in order to choose between closing the connection immediately or allowing all data to be sent.

WebMail Proxy options

Use the up and down arrows or edit the text field to set the maximum number of pending requests to the back-end (each back-end has an associated request queue).

In the "WebMail interface" sub-section you can choose the WebMail interface type that users can access and the default interface that will be used when accessing the WebMail service.

If you wish to allow mailbox access via the WebMail Mobile interface from mobile devices, trough the proxy, check the "Enable Mobile User Interface" option.

Virtual hosts template mapping

This section allows you to configure per domain virtual hosts, similar to the virtual hosts feature of the Apache web server. This provides the option of accessing the WebMail service by entering the URL of the respective domain in scenarios were multiple independent domains are hosted on the same Axigen server.

By using the settings under Virtual Hosts Template Mapping you can display customized WebMail templates for requests with specific virtual hosts in the URL (for example, you can add "mydomain.com" as virtual host and set the template name to "mydomaintemplate" if you want the WebMail to display, for requests of type "http://mydomain.com" or "http://*.mydomain.com", the interface rendered through custom HSP files in the "<axigen_working_directory>/webmail/mydomaintemplate/" directory). All of the other requests, that have no mapping enabled, will use the default templates in the "webmail/" folder.

Detailed tutorials of how Virtual hosts can be configured are available in the following knowledgebase articles:

• How to configure Webmail virtual hosts;
• How to set custom login page for each domain;
• How to prepare the webmail for future skinning.

Thread management

Thread management allows you to set different numbers of processing threads for the WebMail Proxy service depending on your traffic load. First, using the up and down arrows, set a number of threads to be allotted when the WebMail Proxy service is started. To have a different number of threads for peak periods check the overload option and use the up and down arrows to choose the thread number.

Back-end server connection settings

To set a specific sending and receiving timeout first check the respective option in the "Back-end Server Connection Settings" section. The timeout is computed in milliseconds (use the up and down arrows or edit the respective text field to increase or decrease the default value) and ranges between 10 and 65535.

You can limit the total number of parallel requests to the same back-end on different TCP connections by checking the corresponding option. Use the up and down arrows or edit the respective text field to increase or decrease the default value - possible values range between 1 and 65535 connections. When a request for a specific back-end is incoming, if all connections are busy (servicing requests) and the limit is not reached a new connection is created. After the set limit is reached the request remains in the request queue associated with the specific back-end.

In order to overwrite the default local network interface used for back-end server connections check the corresponding option and type the respective interface in the "Local network interface IP address" field.

To use a secure (SSL enabled) connection when accessing the back-end server, please check the corresponding option in the "Back-end Server Connection Settings" section.

When you are done configuring these parameters, remember to hit the "Save Configuration" button to preserve your changes.

Administration Rights

Starting with version 5.0, the Axigen mail server features Delegated Administration options which enable the easy creation of administrative groups, with predetermined membership hierarchies and permissions, assigned to specific domains.

The "Administration Rights" section gives access to parameters configuring the behavior of such administrative users or imposing the limitations for each type of administrative user created.

By default Axigen has the "admin" account, created during the installation process. The "admin" user has full wrights on all the Axigen service settings and can be used to access the CLI and Webadmin interfaces. To modify the password for the "admin" account please consult our related article: How to set the admin password.

Using administrative user accounts the main admin of the Axigen server can delegate the domain configuration, backup or other tasks to specific employees.

Administrative groups

The "Administration Rights" -> "Administrative Groups" tab allows you to create administrative groups and further define their attributes and specific permissions.

Administrative Groups

When first accessing this tab a list of the already defined administrative groups is displayed.

Administrative groups operations

Groups are listed in alphabetical order to ease the search and editing of a specific group. To edit/delete an existing administrative group use the "Edit" and "Delete" options available under "Actions", on the right hand side of the group in question.

To define a new administrative group hit the "Add administrative group" button, then fill in the group name and display name in the corresponding text boxes. Use the "Quick Add" option to save the details directly or click on "Advanced config" to further tune it: choose its membership hierarchy and assign the permissions you want the group to have.

Whether editing an already defined administrative group or trying to create a new one you will make use of the same options available in three sub-pages called "General", "Membership", respectively "Permissions".

General

The "Administrative Groups" -> "General" sub-page allows you to specify the name and display name of the configured administrative group.

General parameters

Whether creating a new administrative group or editing an already created one use the available text boxes under the "Settings" section to specify the "Administrative groupname" and "Display name".

When you are done configuring these parameters remember to hit the "Save Configuration" button to preserve your changes.

Membership

The "Administrative Groups" -> "Membership" sub-page allows you to further configure administrative groups by specifying their hierarchy among the other existing groups.

Membership hierarchy

Use the options under Membership hierarchy to set the hierarchy of the configured administrative group (AccountAdministrators in this example). Thus, the configured group can an be assigned as a member of the existing available groups or removed from an already existing group member list by using the two arrows. Example: check the box in front of the CustomPermissions group and then click on the green arrow; as a result, the AccountAdministrators group will be moved to the list of administrative groups to which this group belongs to, as a member.

Members of the configured group

The Members of this group section gives you an overview of the group's children (both administrative groups and users which inherit permissions from the current group).

Parents of the configured group

Check the Parents of this group section in order to view the groups from which the currently configured group, AccountAdministrators, inherits permissions. Click the "+" sign corresponding to the group that interests you in order see further details relative to its child groups and their hierarchy.

When you are done configuring these parameters remember to hit the "Save Configuration" button to preserve your changes.

Permissions

The "Administrative Groups" -> "Permissions" sub-page allows you to specify the parameters relative to server and domain permissions for the configured administrative group.

Explicit permissions

Two classes of permissions can be delegated to an administrative group: server permissions allow administrative users based on this group to modify certain server modules; domain management permissions include management rights on all domains or on any specific domain (previously created).

Setting explicit permissions at server level

Check the "Explicit server permissions" section for a list of the already defined server permissions for the configured administrative group. Should you like to edit or delete any of the existing permissions use the corresponding "Change" and "Remove" options.

Should you like to delete all permissions relative to a certain service just hit the "Remove all" button. To add new server permissions for the configured administrative group, click on the "Add server permission" button and fill in the requested details.

Adding server permissions

Click on the "Add server permission" button, then use the available drop-down menus to configure the new permission by choosing the service and action to be taken relative to the selected module. Available actions are: "Allow" and "Deny". Hit the "Quick Add" button to finalize the adding of the new configuration.

Setting explicit permissions at domain level

Check the "Explicit domain permissions" section for a list of the already defined server domain permissions for the configured administrative group. Should you like to edit or delete any of the existing permissions use the corresponding "Change" and "Remove" options. To delete all permissions relative to a certain service just hit the "Remove all" button. To add new server permissions for the configured administrative group click the "Add domain permission" button and fill in the requested details.

Adding domain permissions

Click on the "Add domain permission" button and use the available drop-down menus to configure the new permission by choosing the service and action relative to the selected module. Available actions are: "Allow" and "Deny". Hit the "Quick Add" button to finalize the adding of the new configuration.

Effective permissions

Check the "Effective Permissions" section for complete information about the permissions available for the configured administrative group at different levels (resources): server, any domain, a specific domain. Displayed information will include all information for a certain resource as they result from the inheritance of its parents' permissions combined with the permissions assigned directly to this group.

Administrative users

The "Administration Rights" -> "Administrative Users" tab enables you to configure the parameters relative to administrative users.

Administrative users' list

When first accessing the "Administrative Users" tab a list of the already defined administrative users is displayed, in alphabetical order to ease the search of a specific user. Should you like to edit or delete any of the existing administrative users hit the "Edit" and/or "Delete" buttons corresponding to the users in question.

Administrative users operations

Adding a new administrative user

Should you like to add a new user click the "Add administrative user" option and fill in the available text-boxes with the requested information: Administrative username, Password and Display name - as depicted in the image above.

Set a password manually by simply entering the desired password combination in the Password text box or hit the "Set Random" button in order for Axigen to automatically assign a password to the configured administrative user. The automatically generated password will also be displayed for informative purposes.

Should you like to add the new administrative user with the newly-configured details click on the Quick Add button, to further fine tune its parameters hit the "Advanced Config" option. You will then be able to access three new pages: General, Membership and Permissions. The same three pages will also appear when editing an already existing administrative user by hitting the above-mentioned "Edit" button.

General

The "Administrative Users" -> "General" sub-page allows you to configure general data regarding administrative users such as username, password and display name details.

General settings

Whether creating a new administrative user or editing an already created one use the text boxes in the Settings section to specify the "Administrative username" and "Display name". The password can be either typed in the corresponding field or automatically assigned by Axigen when hitting the "Set Random" button.

When you are done configuring these parameters remember to hit the "Save Configuration" button to preserve your changes.

Membership

The "Administrative Users" -> "Membership" page allows you to set the membership hierarchy of the configured administrative users.

Membership hierarchy

Use the options under Membership hierarchy to set the hierarchy of the configured administrative user (DomainAdministrator1 in this example). Thus, the configured user can an be assigned as a member of the existing available administrative groups or removed from an already existing group list, by using the two arrows.

Example: check the box in front of the Server Administrators and then click on the green arrow; as a result the Server Administrators group will be moved to the list of administrative groups to which the DomainAdministrator1 user will belong to, as a member.

When you are done configuring these parameters remember to hit the "Save Configuration" button to preserve your changes.

Permissions

The "Administrative Users" -> "Permissions" page allows you to specify the parameters relative to the server and domain permissions for the configured administrative user.

Explicit Permissions

Two classes of permissions can be delegated to an administrative user: server permissions allow administrative users to modify certain server modules; domain management permissions can include management rights on all domains or a specific domain.

Setting explicit permissions at server level

Check the "Explicit server permissions" section for a list of the already defined server permissions for the configured administrative group user. Should you like to edit or delete any of the existing permissions, use the corresponding "Change" and "Remove" options. Clicking on the "Change" button will result in changing the permission from "Allow" to "Deny" or back, as the case may be.

Should you like to delete all permissions relative to a certain service just hit the "Remove all" button. To add new server permissions for the configured administrative user click on the "Add server permission" button and fill in the requested details.

Adding server permissions

Click on the "Add server permission" button, then use the available drop-down menus to configure the new permission by choosing the service and action to be taken relative to the selected module. Available actions are: "Allow" and "Deny". Hit the "Quick Add" button to finalize the adding of the new configuration.

Setting explicit permissions at domain level

Check the "Explicit domain permissions" section for a list of the already defined domain permissions for the configured administrative user. Should you like to edit or delete any of the existing permissions, use the corresponding "Change" and "Remove" options. Clicking on the "Change" button will result in changing the permission from "Allow" to "Deny" or back, as the case may be.

Should you like to delete all permissions relative to a certain service just hit the "Remove" all button. To add new server permissions for the configured administrative user click on the "Add server permission" button and fill in the requested details.

Adding domain permissions

Click on the "Add domain permission" button, then use the available drop-down menus to configure the new permission by choosing the service and action relative to the selected module. Available actions are: "Allow" and "Deny". Hit the "Quick Add" button to finalize the adding of the new configuration.

Effective permissions

Check the "Effective Permissions" section for complete information about the permissions available for the configured administrative user at different levels (resources): server, any domain, a specific domain.

Domain admin limits

The "Administration Rights" -> "Domain Admin Limits" tab allows you to set the domain level limits or restrictions to be applied to the administrative users with permissions on the respective domain.

Domain admin limits

When first accessing this tab a list of the available domains is displayed, in alphabetical order. To quickly locate a certain domain use the "Domain Search" option available in the upper right corner. This field enables you to search by the name of the domain, on a filter as you type basis.

To configure the parameters relative to the limits and restrictions set at domain level for specific administrative users hit the Configure button. This will lead you to a new page, "Configure Admin Limits", with several fields to be filled in with the corresponding parameters.

The "Configure Domain Admin Limits" sub-page

Services

In the "Services" section you can limit the list of services that can be allowed by delegated administrators for this domain. To allow or deny any of the listed services hit the corresponding options available on the right hand of the screen: "Allowed", respectively "Denied". In the displayed example delegated admins for the configured domain have administration rights for all corresponding services except IMAP.

Accounts and account classes

Use the options under the "Accounts/Account Classes" section to restrict the value ranges within which the delegated administrators of this domain can operate at account/account class level. You can set limits for the following: total number of accounts and account classes, total number of folders, total number of messages in all folders, total mailbox size limitation, total number of messages per folder, as well as a maximum ranges for each folder size.

Use the up and down arrows to configure the necessary values and, where needed, the drop-down menu to select the corresponding measurements, KB, MB or GB, for the specified limitations.

Groups

To restrict the number of groups an admin of this domain can create check the box in front of the option under "Groups", then use the up and down arrows to specify the desired values.

Mailing lists

Use the options under the "Mailing Lists" section to restrict the value ranges in which the delegated administrators of this domain can operate at mailing list level. Check the boxes in front of the displayed options and then use the up and down arrows to specify the parameters relative to the number of mailing lists, total number of folders, total number of messages in all folders, total mailbox size, total number of messages per folder, as well as the maximum size for each folder.

Public folders

Use the options under "Public Folders" section to restrict the value ranges in which the delegated administrators of this domain can operate at public folder level. Check the boxes in front of the displayed options and then use the up and down arrows to specify the parameters relative to the maximum number of email addresses per public folder, total number of folders, total number of messages in all folders, the total mailbox size and total number of messages per folder, as well as the maximum size for each public folder.

Subdomains

Use the options under "Subdomains" section to restrict the value ranges in which the delegated administrators of this domain can operate at subdomain level. Restrict the maximum amount of subdomains, define location for domain and object storage and sizes for each type of storage with one or more afferent message storages.

Reserved names

In this section's text-box you can enter, one per line, the names you want to restrict from being used when creating accounts, mailing lists, groups or public folders under this domain. You can enter the recipient either in full name, regular expression name or partial matching form in which the character "*" substitutes anything.

When you are done configuring these parameters hit the "Save Configuration" button to preserve the newly-specified values.