AXIGEN User Manual 4.0

AXIGEN® Mail Server User Manual

Product version 4.0

Last update on: 6/18/2007 7:08:55 PM Document version: 1.0

AXIGEN User Manual

Copyright © 2007 GECAD Technologies S.R.L.

http://www.axigen.com

2

Copyright & trademark notices This edition applies to version 4.0 of the licensed program AXIGEN and to all subsequent releases and modifications until otherwise indicated in new editions.

Notices References in this publication to GECAD TECHNOLOGIES S.R.L. products, programs, or services do not imply that GECAD TECHNOLOGIES S.R.L. intends to make these available in all countries in which GECAD TECHNOLOGIES S.R.L. operates. Evaluation and verification of operation in conjunction with other products, except those expressly designated by GECAD TECHNOLOGIES S.R.L., are the user's responsibility. GECAD TECHNOLOGIES S.R.L. may have patents or pending patent applications covering subject matter in this document. Supplying this document does not give you any license to these patents. You can send license inquiries, in writing, to the GECAD TECHNOLOGIES S.R.L. marketing department, [email protected].

Copyright Acknowledgement (c) GECAD TECHNOLOGIES S.R.L. 2007. All rights reserved.

All rights reserved. This document is copyrighted and all rights are reserved by GECAD TECHNOLOGIES S.R.L. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording, or by any information storage and retrieval system without the permission in writing from GECAD TECHNOLOGIES S.R.L.

The information contained in this document is subject to change without notice. If you find any problems in the documentation, please report them to us in writing. GECAD TECHNOLOGIES S.R.L. will not be responsible for any loss, costs or damages incurred due to the use of this documentation.

AXIGENTM Mail Server is a SOFTWARE PRODUCT of GECAD TECHNOLOGIES S.R.L. GECAD TECHNOLOGIES and AXIGENTM are trademarks of GECAD TECHNOLOGIES S.R.L. Other company, product or service names may be trademarks or service marks of others.

GECAD TECHNOLOGIES S.R.L. 10A Dimitrie Pompei Blvd., Connect Business Center, 2nd fl., Bucharest 2, ROMANIA;

phone: +40-21-303-2080; fax: +40-21-303-2081; e-mail: Sales: [email protected]

Technical support: [email protected]: http://www.axigen.com

(c) Copyright GECAD TECHNOLOGIES S.R.L. 2007. All rights reserved.

mailto:[email protected]



http://www.axigen.com/

AXIGEN User Manual



3

Table of Contents Introduction.....................................................................................................................................................................10

Purpose of this Document ................................................................................................................................................10 Structure of this document ................................................................................................................................................10 Audience and knowledge requirements ................................................................................................................................10 Related documentation....................................................................................................................................................11

Chapter 1. Mail Server Overview ...........................................................................................................................................12 OS Compatibility............................................................................................................................................................12 Integrated Messaging Solution ...........................................................................................................................................12 High Configurability ........................................................................................................................................................12 Innovative Storage .........................................................................................................................................................12 Advanced Security Tools..................................................................................................................................................12 Automation Options ........................................................................................................................................................13 Clustering Support .........................................................................................................................................................13

Chapter 2. Getting Started with AXIGEN..................................................................................................................................14 2.1. Software and Hardware requirements.............................................................................................................................14 Software requirements ....................................................................................................................................................14 Hardware requirements ...................................................................................................................................................14 Supported platforms .......................................................................................................................................................14 Tested platforms............................................................................................................................................................16 2.2. Installing on Linux.....................................................................................................................................................16 General installation steps .................................................................................................................................................16

Files Provided for Installation ..........................................................................................................................................17 2.2.1. Installing under RHEL, Fedora Core, Mandrake and SuSE (gcc3) ......................................................................................18 2.2.2. Installing under Fedora Core, Mandriva and SuSE (gcc4) ................................................................................................19 2.2.3. Installing under Debian/Ubuntu................................................................................................................................19 2.2.4. Installing under Gentoo .........................................................................................................................................20 2.2.5. Installing under Slackware .....................................................................................................................................20

2.3. Installing on BSD......................................................................................................................................................21 2.3.1. Installing on FreeBSD ...........................................................................................................................................21 2.3.2. Installing on NetBSD ............................................................................................................................................21 2.3.3. Installing on OpenBSD..........................................................................................................................................22 2.4. Installing on Solaris ................................................................................................................................................22

2.5. Uninstalling under Linux .............................................................................................................................................23 2.5.1. Uninstalling under RHEL, Fedora Core, Mandriva /Mandrake and SuSE (gcc3, gcc4) ..............................................................23 2.5.2. Uninstalling under Debian / Ubuntu...........................................................................................................................24 2.5.3. Uninstalling under Gentoo......................................................................................................................................24 2.5.4. Uninstalling under Slackware ..................................................................................................................................25

2.6. Uninstalling under BSD ..............................................................................................................................................25 2.6.1. Uninstalling under FreeBSD ...................................................................................................................................25 2.6.2. Uninstalling under NetBSD.....................................................................................................................................26 2.6.3. Uninstalling under OpenBSD ..................................................................................................................................26

2.7. Uninstalling under Solaris ...........................................................................................................................................26 2.8. Starting / Stopping / Restarting the server ........................................................................................................................27 2.9. Initial Server Configuration ..........................................................................................................................................28

2.9.1. Setting the Admin Password ...................................................................................................................................28 2.9.2. Enabling and Logging on to the Webadmin Interface......................................................................................................28 2.9.3. Creating a New Domain ........................................................................................................................................30 2.9.4. Adding an Account to an Existing Domain...................................................................................................................33 2.9.5. Automated Configuration with AXIGEN Configuration Wizard ...........................................................................................34

Services and Modules .....................................................................................................................................................42 Architecture Features......................................................................................................................................................42 Administration Tools .......................................................................................................................................................42 Security ......................................................................................................................................................................42 3.1. Generic Server Configuration .......................................................................................................................................43

3.1.1. Running Services ................................................................................................................................................43 3.1.2. Other Generic Server Parameters ............................................................................................................................44

Primary domain .............................................................................................................................................................44 SSL Random File...........................................................................................................................................................44

3.1.3. DNR Settings .....................................................................................................................................................44 Domain Name Resolver ...................................................................................................................................................44 DNR Attributes..............................................................................................................................................................44 3.2. Services and Modules................................................................................................................................................45

3.2.1. SMTP Incoming ..................................................................................................................................................45 Connection Error Control..................................................................................................................................................46 Connection Thread Controls..............................................................................................................................................46 Log Control ..................................................................................................................................................................47 Authentication...............................................................................................................................................................47 Message Acceptance Policies ...........................................................................................................................................47 Listener Control.............................................................................................................................................................47

3.2.2. Processing ........................................................................................................................................................48 Local Mail Delivery .........................................................................................................................................................48

AXIGEN User Manual



4

Interactions with Other Modules .........................................................................................................................................48 AXIGEN Queue.............................................................................................................................................................49 Message statuses ..........................................................................................................................................................49 Mail Scheduling.............................................................................................................................................................49 Log Control ..................................................................................................................................................................50

3.2.3. SMTP Outgoing ..................................................................................................................................................50 Connection Thread Control ...............................................................................................................................................50 Log Control ..................................................................................................................................................................51

3.2.4. POP3 ..............................................................................................................................................................51 Connection Error Control..................................................................................................................................................52 Connection Thread Control ...............................................................................................................................................53 Log Control ..................................................................................................................................................................53 Listener Control.............................................................................................................................................................53 Compatibility with various POP3 Mail Clients..........................................................................................................................54

3.2.5. IMAP ...............................................................................................................................................................54 Authentication...............................................................................................................................................................54 Connection Thread Control ...............................................................................................................................................55 Log Control ..................................................................................................................................................................56 Listener Control.............................................................................................................................................................56

3.2.6. Logging ............................................................................................................................................................56 Log Service Overview .....................................................................................................................................................56 Log types ....................................................................................................................................................................57 AXIGEN Log levels.........................................................................................................................................................57 Logging format..............................................................................................................................................................58 Rules .........................................................................................................................................................................58 Attributes of the Log service ..............................................................................................................................................59

3.2.7. Reporting ..........................................................................................................................................................59 Description of the reporting service .....................................................................................................................................59 Graphics .....................................................................................................................................................................60 Usage ........................................................................................................................................................................60

3.2.8. WebMail ...........................................................................................................................................................61 A IGEN WebMail Features...............................................................................................................................................61 X• Complex customization ...........................................................................................................................................61 • Easy to use, secure and user-friendly ..........................................................................................................................61 • Server Side Scripting Language.................................................................................................................................61 • Listeners.............................................................................................................................................................62 • Personal Address Book ...........................................................................................................................................62 • Personal Organizer ................................................................................................................................................62 • Public Address Book ..............................................................................................................................................62 • Automatically set filters and replies .............................................................................................................................62 • Login Domain Selection...........................................................................................................................................62 • Internationalized search and multiple languages support ...................................................................................................62 • Public folders .......................................................................................................................................................62 • Compose while attach.............................................................................................................................................62 • URL redirect rules and virtual host support ....................................................................................................................63 • HTML mail filtering levels .........................................................................................................................................63 • Connection Thread Control.......................................................................................................................................63 • Log Control..........................................................................................................................................................63 • Webmail Connection and Session Control.....................................................................................................................64 • HTTP Limits for Webmail .........................................................................................................................................64

3.2.9. Storage ............................................................................................................................................................64 Filling the Containers ......................................................................................................................................................65

3.2.10. FTP Backup Service ...........................................................................................................................................66 Connection Error Control..................................................................................................................................................66 Connection Thread Control ...............................................................................................................................................67 Log Control ..................................................................................................................................................................67 Listener Control.............................................................................................................................................................67

3.2.11. RPOP Service ..................................................................................................................................................67 Connection Thread Control ...............................................................................................................................................68 Log Control ..................................................................................................................................................................68 3.3. Connectivity and Threading .........................................................................................................................................69

3.3.1. Listeners...........................................................................................................................................................69 3.3.2. Rules...............................................................................................................................................................70

Allow/Deny Rules...........................................................................................................................................................70 Rule Enforcement Policy ..................................................................................................................................................70

3.3.3. Threads............................................................................................................................................................71 3.4. Clustering Support ....................................................................................................................................................72

3.4.1. LDAP Routing ....................................................................................................................................................72 1. Configuring OpenLDAP for AXIGEN ..............................................................................................................................72 2. Configuring LDAP Connectors in AXIGEN .......................................................................................................................73

3.4.1.1. Configuring Mapping Parameters ........................................................................................................................74 3.4.1.2. POP3 Proxy Service .......................................................................................................................................75

Connection Error Control..................................................................................................................................................75 Connection Thread Control ...............................................................................................................................................75 Log Control ..................................................................................................................................................................76

AXIGEN User Manual



5

Listener Control.............................................................................................................................................................76 3.4.1.3. IMAP Proxy Service ........................................................................................................................................76

Connection Error Control..................................................................................................................................................76 Connection Thread Control ...............................................................................................................................................77 Log Control ..................................................................................................................................................................77 Listener Control.............................................................................................................................................................77

3.4.2. LDAP Authentication ............................................................................................................................................78 4. Mail Server Security .......................................................................................................................................................79

4.1. Authentication and Encryption ......................................................................................................................................81 Secure/Plain Connections and Authentication Methods .............................................................................................................81

4.1.1. Kerberos Authentication within Active Directory ............................................................................................................82 Prerequisites and Settings for Each Active Directory User Defined for AXIGEN..............................................................................83 Example...................................................................................................................................................................83

4.2. SPF and DomainKeys................................................................................................................................................84 4.2.1. AXIGEN Signing Module Usage and Configuration ........................................................................................................84

Command line parameters................................................................................................................................................85 DomainKeys Verifier configuration ......................................................................................................................................85 DomainKeys Signer configuration .......................................................................................................................................86 Starting/Stopping/Restarting the Domain Keys Daemons ...........................................................................................................87 4.3. Mail Filtering ...........................................................................................................................................................88 Filter Types ..................................................................................................................................................................88 Active Filters ................................................................................................................................................................89 Filtering Levels..............................................................................................................................................................89

4.3.1. Message Acceptance Policies .................................................................................................................................90 4.3.2. Routing Policies ..................................................................................................................................................91 4.3.3. Antivirus / Antispam Filters .....................................................................................................................................92 4.3.4. Message Rules...................................................................................................................................................93

4.3.4.1. SIEVE Overview and Implementation in AXIGEN .....................................................................................................94 SIEVE Overview ............................................................................................................................................................94 The AXIGEN SIEVE interpreter ..........................................................................................................................................95

Action interaction ........................................................................................................................................................96 Vacation interaction .....................................................................................................................................................96 Vacation Extension......................................................................................................................................................97 4.3.5. The AXIGEN Filtering Module .................................................................................................................................98

4.3.5.1. Filtering Module Implementation in AXIGEN ...........................................................................................................98 4.3.5.2. Configuring the AXIGEN Filtering Module ..............................................................................................................99

AXIMilter configuration ....................................................................................................................................................99 4.3.5.3. AXIGEN Filtering Module Commands................................................................................................................. 100

Command line parameters.............................................................................................................................................. 100 Debian...................................................................................................................................................................... 101 Gentoo ..................................................................................................................................................................... 101 RPM-based distributions ................................................................................................................................................ 101 Slackware.................................................................................................................................................................. 101 Ubuntu ..................................................................................................................................................................... 101

4.3.6. Activating and Prioritising Filters and Rules ............................................................................................................... 102 Filter Priority............................................................................................................................................................... 102 Activation Inheritance.................................................................................................................................................... 102

4.3.7. Language Specifications for Policy Configuration ........................................................................................................ 103 Basic structure ............................................................................................................................................................ 103 SMTP Events ............................................................................................................................................................. 103 Methods.................................................................................................................................................................... 104 Contexts ................................................................................................................................................................... 104 Variables................................................................................................................................................................... 105 Structures.................................................................................................................................................................. 106 Conditions ................................................................................................................................................................. 106 Functions .................................................................................................................................................................. 107

4.3.7.1. SMTP Functionalities (I) ................................................................................................................................. 107 onConnect ................................................................................................................................................................. 108 onEhlo...................................................................................................................................................................... 109 onMailFrom................................................................................................................................................................ 115 onRcptTo .................................................................................................................................................................. 121 onDataReceived .......................................................................................................................................................... 127

4.3.7.2. SMTP Functionalities (II) ................................................................................................................................ 131 onRelay .................................................................................................................................................................... 131 onDeliveryFailure......................................................................................................................................................... 135 onTemporaryDeliveryFailure ........................................................................................................................................... 138

4.3.7.3. Examples of Policies ..................................................................................................................................... 140 event onConnect ......................................................................................................................................................... 140 event onEhlo .............................................................................................................................................................. 141 event onRcptTo........................................................................................................................................................... 141 event onRelay............................................................................................................................................................. 142 event onDeliveryFailure ................................................................................................................................................. 142 event onTemporaryDeliveryFailure.................................................................................................................................... 143

5. User and Domain Configuration ....................................................................................................................................... 144 5.1. Domains .............................................................................................................................................................. 144

AXIGEN User Manual



6

5.2. User Accounts ....................................................................................................................................................... 146 5.3. Forwarders ........................................................................................................................................................... 147 5.4. Lists ................................................................................................................................................................... 148 Administration of the Mail List .......................................................................................................................................... 148 Templates explained..................................................................................................................................................... 149 5.5. Public Folders ....................................................................................................................................................... 150 Configuring Public Folders.............................................................................................................................................. 150 Associating Folder Recipients to Public Folders .................................................................................................................... 151

6. Working with the WebMail Module in AXIGEN ...................................................................................................................... 153 6.1. Accessing the WebMail Interface................................................................................................................................. 154 Connecting to AXIGEN WebMail ...................................................................................................................................... 154 6.2. WebMail Features and Configuration............................................................................................................................ 156 WebMail Account Settings .............................................................................................................................................. 162

6.2.1. Configuring Personal Data ................................................................................................................................... 163 6.2.2. Adding Contacts in Webmail ................................................................................................................................. 164 6.2.3. WebMail Data Settings........................................................................................................................................ 166 6.2.4. Mail Filtering in WebMail...................................................................................................................................... 168

6.2.4.1. WebMail Filters Overview ............................................................................................................................... 170 Supported Headers/Operators/Values ................................................................................................................................ 170 Action Data ................................................................................................................................................................ 171 Filter Container ........................................................................................................................................................... 171

6.2.5. Configuring WebMail RPOP Connections ................................................................................................................. 172 6.2.6. WebMail Account Information................................................................................................................................ 174

6.3. Working with the Personal Organizer in WebMail ............................................................................................................. 175 6.3.1. Working with your Calendar.................................................................................................................................. 176 6.3.2. Working with your Journal .................................................................................................................................... 183 6.3.3. Working with your Notes...................................................................................................................................... 186 6.3.4. Working with your Tasks...................................................................................................................................... 187

7. Administration Tools Overview......................................................................................................................................... 195 8. Configuring AXIGEN using WebAdmin............................................................................................................................... 196

WebAdmin Overview .................................................................................................................................................... 196 WebAdmin Features ..................................................................................................................................................... 196

Connection Thread Control .......................................................................................................................................... 196 Log Control ............................................................................................................................................................. 197 WebAdmin Connection and Session Control ..................................................................................................................... 197 HTTP Limits for WebAdmin .......................................................................................................................................... 197 Secure WebAdmin Connections .................................................................................................................................... 197

Working with WebAdmin ................................................................................................................................................ 198 Updating/Committing Changes in WebAdmin .................................................................................................................... 198 Confirmation / Error Messages ...................................................................................................................................... 200 Displaying full details for a parameter / all parameters on a page ............................................................................................. 200 Resetting to default values........................................................................................................................................... 201

8.1. Server tab ............................................................................................................................................................ 202 8.1.1. Global Settings ................................................................................................................................................. 202 8.1.2. User Maps ...................................................................................................................................................... 204 8.1.3. Filter Configuration ............................................................................................................................................ 206

8.1.3.1. Configuring Message Rules............................................................................................................................. 206 8.1.3.2. Configuring Antivirus/Antispam Filters ................................................................................................................ 207 8.1.3.3. Configuring Active Filters ................................................................................................................................ 209

8.1.4. SMTP Filters.................................................................................................................................................... 212 8.2. DNR tab .............................................................................................................................................................. 214

8.2.1. General Settings ............................................................................................................................................... 214 8.2.2. Nameservers settings ......................................................................................................................................... 216 8.2.3. DNR Log Control Parameters................................................................................................................................ 218

8.3. Processing tab....................................................................................................................................................... 219 8.3.1. Managing Mail Scheduling ................................................................................................................................... 219 8.3.2. Managing the Queue .......................................................................................................................................... 221 8.3.3. Specifying Threads for Local Delivery ...................................................................................................................... 222 8.3.4. Configuring Mailbox Related Parameters .................................................................................................................. 223 8.3.5. Configuring Log Control Parameters ....................................................................................................................... 224

8.4. SMTP-In Tab ........................................................................................................................................................ 225 8.4.1. Configuring SMTP-In Connection Error Control Parameters ........................................................................................... 225

Specifying a Maximum Number of Errors for SMTP Incoming Connections.................................................................................... 225 Specifying a max. number of authentication errors for SMTP Incoming connections ......................................................................... 225

8.4.2. Configuring SMTP-In Connection Thread Control Parameters......................................................................................... 226 8.4.3. Configuring SMTP-In Log Control Parameters............................................................................................................ 227 8.4.4. Setting Further General Parameters........................................................................................................................ 228 8.4.5. Configuring Mapping Data.................................................................................................................................... 230

8.5. SMTP-Out tab ....................................................................................................................................................... 231 8.6. POP3 tab ............................................................................................................................................................. 233

8.6.1. Configuring POP3 Connection Error Control Parameters ............................................................................................... 233 8.6.2. Configuring POP3 Connection Thread Control Parameters ............................................................................................ 234 8.6.3. Configuring POP3 Log Control Parameters ............................................................................................................... 235 8.6.4. POP3 Encryption and Authentication Parameters........................................................................................................ 236 8.6.5. Configuring POP3 User dB Connector Parameters ...................................................................................................... 238

AXIGEN User Manual



7

8.7. IMAP tab.............................................................................................................................................................. 239 8.7.1. Configuring IMAP Connection Error Control Parameters ............................................................................................... 239 8.7.2. Configuring IMAP Connection Thread Control Parameters ............................................................................................. 240 8.7.3. Configuring IMAP Log Control Parameters ................................................................................................................ 241 8.7.4. Configuring IMAP Encryption and Authentication Parameters ......................................................................................... 242 8.7.5. Configuring IMAP User dB Connector Parameters....................................................................................................... 244

8.8. WebMail tab.......................................................................................................................................................... 245 8.8.1. WebMail Connection Thread Control ....................................................................................................................... 246 8.8.2. WebMail Log Control .......................................................................................................................................... 247 8.8.3. WebMail Connection and Session Control ................................................................................................................ 248 8.8.4. HTTP Limits for WebMail ..................................................................................................................................... 249 8.8.5. Setting Further General Parameters........................................................................................................................ 251 8.8.6. URL Redirects for WebMail .................................................................................................................................. 252 8.8.7. Hostname Resolver for Webmail ............................................................................................................................ 254 8.8.8. WebMail User dB Connector Parameters.................................................................................................................. 255

8.9. WebAdmin tab....................................................................................................................................................... 256 8.9.1. WebAdmin Connection Thread Control .................................................................................................................... 256 8.9.2. WebAdmin Log Control ....................................................................................................................................... 257 8.9.3. Specifying the HSP Path ..................................................................................................................................... 258 8.9.4. WebAdmin Connection and Session Control.............................................................................................................. 258 8.9.5. HTTP Limits for WebAdmin .................................................................................................................................. 260 8.9.6. URL Redirects for WebAdmin ............................................................................................................................... 261

8.10. CLI Tab.............................................................................................................................................................. 263 8.10.1. Configuring CLI Connection Error Control Parameters ................................................................................................ 264 8.10.2. Configuring CLI Connection Thread Control Parameters.............................................................................................. 265 8.10.3. Configuring CLI Log Control Parameters................................................................................................................. 266

8.11. Log tab .............................................................................................................................................................. 267 8.11.1. General Log Service Parameters .......................................................................................................................... 267 8.11.2. Adding and Editing Log Rules.............................................................................................................................. 268 8.11.3. Log Files Page................................................................................................................................................ 272

8.12. FTP Backup Tab................................................................................................................................................... 273 8.12.1. Configuring FTP Backup Connection Error Control Parameters ..................................................................................... 273 8.12.2. Configuring FTP Backup Connection Thread Control Parameters ................................................................................... 274 8.12.3. Configuring FTP Backup Log Control Parameters...................................................................................................... 275

8.13. RPOP Tab .......................................................................................................................................................... 276 8.14. UserDb Tab ........................................................................................................................................................ 278

8.14.1. UserDb Thread Control...................................................................................................................................... 278 8.14.2. Configuring UserDb Log Control Parameters............................................................................................................ 278 8.14.3. LDAP Connectors ............................................................................................................................................ 279

8.15. POP3 Proxy Tab................................................................................................................................................... 283 8.15.1. Configuring General POP3 Proxy Parameters .......................................................................................................... 283

POP3 Proxy Connection Error Control Parameters ................................................................................................................ 283 POP3 Proxy Connection Thread Control Parameters .............................................................................................................. 284 POP3 Proxy Log Control Parameters................................................................................................................................. 284 POP3 Proxy User dB Connector Parameters........................................................................................................................ 285 Other POP3 Proxy General Parameters.............................................................................................................................. 286

8.15.2. Configuring POP3 Proxy Mapping Data .................................................................................................................. 287 8.15.3. Configuring POP3 Proxy Connection Data Parameters ............................................................................................... 288

8.16. IMAP Proxy Tab ................................................................................................................................................... 290 8.16.1. Configuring General IMAP Proxy Parameters ........................................................................................................... 290

IMAP Proxy Connection Error Control Parameters ................................................................................................................. 290 IMAP Proxy Connection Thread Control Parameters ....................................................................................................... 291 IMAP Proxy Log Control Parameters ................................................................................................................................. 291 IMAP Proxy User dB Connector Parameters ........................................................................................................................ 292 Other IMAP Proxy General Parameters .............................................................................................................................. 293

8.16.2. Configuring IMAP Proxy Mapping Data................................................................................................................... 294 8.16.3. Configuring IMAP Proxy Connection Data Parameters ................................................................................................ 295

8.17. Domains tab ........................................................................................................................................................ 297 8.17.1. General Domain Configuration............................................................................................................................. 299 8.17.2. Domain Migration Data ...................................................................................................................................... 301 8.17.3. Domain Public Folders Configuration ..................................................................................................................... 304

8.17.3.1. General Public Folders Configuration................................................................................................................ 304 8.17.3.2. Public Folder Quota Configuration ................................................................................................................... 305 8.17.3.3. Public Folder Mbox Configuration .................................................................................................................... 306

8.17.4. Domain SPE Page ........................................................................................................................................... 308 8.17.5. Domain Filter Configuration................................................................................................................................. 310 8.17.6. Domain Info Page ............................................................................................................................................ 311

8.18. Accounts tab ....................................................................................................................................................... 312 8.18.1. General Account Configuration ............................................................................................................................ 313 8.18.2. Account WebMail Data ...................................................................................................................................... 316 8.18.3. Account Quota Parameters................................................................................................................................. 320 8.18.4. Account Limits ................................................................................................................................................ 322 8.18.5. Account Mboxes Page....................................................................................................................................... 326 8.18.6. Account Filter Configuration ................................................................................................................................ 328 8.18.7. Account Info ................................................................................................................................................... 329

AXIGEN User Manual



8

8.19. Lists tab ............................................................................................................................................................. 330 8.19.1. General List Configuration .................................................................................................................................. 332 8.19.2. Advanced List Settings ...................................................................................................................................... 335 8.19.3. Adding New List Users ...................................................................................................................................... 338 8.19.4. List WebMail Data............................................................................................................................................ 340 8.19.5. List Quota Parameters....................................................................................................................................... 343 8.19.6. List Limits ...................................................................................................................................................... 345 8.19.7. Lists Mboxes .................................................................................................................................................. 349 8.19.8. List Filter Configuration...................................................................................................................................... 351 8.19.9. Lists Info ....................................................................................................................................................... 352 8.20. Forwarders Tab ................................................................................................................................................. 353 8.20.1. Forwarders General Parameters .......................................................................................................................... 354 8.20.2. Forwarders Filter Configuration ............................................................................................................................ 356 8.20.3. Forwarders Info Tab ......................................................................................................................................... 357

8.21. Folder Recipients.................................................................................................................................................. 358 8.21.1. General Folder Recipients Parameters ................................................................................................................... 360 8.21.2. Folder Recipients Filter Configuration .................................................................................................................... 361 8.21.3. Folder Recipients Info ....................................................................................................................................... 362 8.22. Queue Tab....................................................................................................................................................... 363

8.23. Reporting tab....................................................................................................................................................... 365 8.23.1. General Reporting Parameters ............................................................................................................................ 366 8.23.2. Reporting Template Configuration......................................................................................................................... 368 8.23.3. Reporting Database Configuration ........................................................................................................................ 370 8.23.4. Reporting Graphics Configuration ......................................................................................................................... 373

8.24. Graphics Tab....................................................................................................................................................... 375 8.25. Commands tab..................................................................................................................................................... 376 8.26. Adding and Editing TCP Listeners.............................................................................................................................. 377 General Tab Parameters................................................................................................................................................ 378

Connection parameters............................................................................................................................................... 378 8.26.1. Adding and Editing TCP Listener Rules .................................................................................................................. 381 Connection parameters............................................................................................................................................... 382

Deny Rules ................................................................................................................................................................ 384 8.26.2. SSL Parameters for Listeners .............................................................................................................................. 386 8.26.3. Example of Listener Configuration ........................................................................................................................ 389

Limiting the Number of Allowed Connections for a Given Listener............................................................................................... 392 Limiting the Number of Accepted Connections for a Specific IP Address....................................................................................... 393 Limiting the Inactivity for a Given Listener............................................................................................................................ 393 8.27. Adding and Editing UDP Listeners ............................................................................................................................. 394

9. Configuring AXIGEN using CLI ........................................................................................................................................ 396 Service Description ...................................................................................................................................................... 396 9.1. Special Contexts .................................................................................................................................................... 398 Login Context ............................................................................................................................................................. 398 Initial Context.............................................................................................................................................................. 398 Reporting Context ........................................................................................................................................................ 398 Server Context ............................................................................................................................................................ 399 Commands Context ...................................................................................................................................................... 399 Commands-Server Context............................................................................................................................................. 400 Commands-Storage Context ........................................................................................................................................... 400 9.2. Common commands ............................................................................................................................................... 402 9.3. Connecting to CLI................................................................................................................................................... 404 9.4. Troubleshoot the CLI Connection ................................................................................................................................ 405 9.5. Context Specific Commands ...................................................................................................................................... 406 Login Context <login> ................................................................................................................................................... 406 Initial Conext <#>......................................................................................................................................................... 406

10. Configuring AXIGEN using the Configuration File ................................................................................................................ 425 10.1. Working with axigen.cfg .......................................................................................................................................... 426 Restrictions ................................................................................................................................................................ 426 Definitions ................................................................................................................................................................. 426 Structure of the axigen.cfg file.......................................................................................................................................... 427 10.2. Contents of the account.cfg File ................................................................................................................................ 429 10.3. Contents of the domain.cfg file .................................................................................................................................. 430 Example of a Possible Domain Configuration ....................................................................................................................... 431

11. Command Line Parameters for AXIGEN ........................................................................................................................... 432 Display version............................................................................................................................................................ 432 Run in foreground ........................................................................................................................................................ 432 Crash control .............................................................................................................................................................. 432 Process ID................................................................................................................................................................. 432 Path to configuration file................................................................................................................................................. 432 Using mqview tool to view status for messages in the queue..................................................................................................... 432 POP3 Authentication..................................................................................................................................................... 433

12. RFCs Currently Implemented by AXIGEN................................................................................................................... 434 POP3 ....................................................................................................................................................................... 434 POP3 and IMAP Specifications ........................................................................................................................................ 434 SMTP specifications ..................................................................................................................................................... 434 SMTP service extensions ............................................................................................................................................... 434

AXIGEN User Manual



9

IMAP specifications ...................................................................................................................................................... 434 Implementation Recommendations ................................................................................................................................... 434 HTTP specifications: ..................................................................................................................................................... 434 DNS specifications ....................................................................................................................................................... 434 Sieve extensions implemented in AXIGEN .......................................................................................................................... 435 Generic RFCs............................................................................................................................................................. 435

AXIGEN User Manual



10

Introduction Purpose of this Document Congratulations on your decision to choose AXIGEN Mail Server as your messaging solution. This document serves as User Guide for AXIGEN Mail Server version 4.0 and subsequent versions until specified otherwise. Full information about AXIGEN product versions and licensing options can be found on the AXIGEN website.

For an overview of AXIGEN Mail Server architecture and functionalities, see Chapter 3. Mail Server Architecture.

Intended as reference guide for system administrators, this manual includes full documentation on mail server architecture, functionalities and configuration options.

Structure of this document This document is divided in 12 main Chapters as follows:

• Chapter 1 - Brief overview of main AXIGEN features (commercial and technical differentiators)

• Chapter 2 –Server startup instructions (requirements / install / uninstall / initial configuration)

• Chapters 3 through 6 – Descriptions of architecture (modules/services), security functions and user management. These chapters provide general information about the server capabilities and functionalities. They also include direct references to configuration instructions for each feature/set of parameters in Chapter 8.

• Chapter 7 – Brief overview of all existing AXIGEN configuration tools.

• Chapter 8 – WebAdmin (Web configuration interface) Adminstration Guide. This chapter provides detailed configuration instructions for all functionalities mentioned in Chapters 3-5. It also maps Configuration options provided by WebAdmin to configuration parameters present in the axigen.cfg file, the AXIGEN text-editable configuration file.

• Chapters 9 through 10 – Descriptions of the alternate configuration tools: Command Line Interface, Configuration file (axigen.cfg).

• Chapter 11 – List of command line parameters allowing you to perform different basic administration tasks

Audience and knowledge requirements The intended audience for this User Manual is represented by administrators of the mail servers in companies where the version 2.0 of the product AXIGEN Mail Server is installed and evaluated.

In order to build, extract and acquire the correct information from this manual, a regular audience should have:

• A detailed knowledge of general mail server abilities and functions

• Knowledge of network protocols

http://www.axigen.com/

AXIGEN User Manual



11

Related documentation Additional information regarding AXIGEN can be found in the following sources:

• AXIGEN HSP manual - Contains detailed instructions on HSP – AXIGEN proprietary server-side scripting language information. This provides administrators with expansion capabilities for the AXIGEN Webadmin / Webmail modules.

• AXIGEN Online documentation – an online version of this user manual

• AXIGEN Quick Installation and Configuration guide – everything you need to get your server up and running

• AXIGEN Knowledgebase – articles containing specific instructions in response to Support queries and troubleshooting procedures

http://www.axigen.com/usr/files/hsp_manual_v2.1.pdf

http://www.axigen.com/docs/20/

http://www.axigen.com/usr/files/axigen_quick_install.pdf

http://www.axigen.com/knowledgebase/

AXIGEN User Manual



12

Chapter 1. Mail Server Overview AXIGEN Mail Server is a fully self developed solution, truly innovative in several respects, particularly scalable and configurable. This messaging solution offers the entire range of mail services -SMTP, POP3, IMAP, Webmail - includes List server, Logging, Reporting and FTP Backup modules and provides various, flexible administration options (including a central Web administration interface - Web Admin).

OS Compatibility It is currently available for several Linux distributions, FreeBSD, OpenBSD, NetBSD and Solaris, but development roadmap includes versions for Windows, Mac OS and other operating systems. AXIGEN uses MPA (Multi Platform Architecture), a proprietary cutting-edge technology that allows porting the AXIGEN server on multiple platforms while keeping the same set of features. This makes it possible to adapt the product to any demanded platform, while guaranteeing stability, and makes it easier for users to switch to a different platform, whenever their requirements change.

Integrated Messaging Solution AXIGEN is an integrated service server, being able to successfully replace a solution based on several Open Source solutions. It is also modular, as it can run with any number of services inhibited. For instance, if you only want to run the SMTP service, AXIGEN can run with all other services inhibited by allocating all processing threads to SMTP. Thus, AXIGEN can accommodate any usage scenario - main mail server, backup server, mail relay server.

High Configurability

Built with administration needs in mind, AXIGEN provides System Administrators with unmatched configuration possibilities for each and every module and feature. For each and every AXIGEN module and feature, you can fine tune connection control, client management and make advanced settings for every domain and account you are managing. An example of advanced service configuration options in AXIGEN would be Webmail account and domain settings: mailbox quota, attachment size limit, mail size limit, session idle & activity timeout, maximum number of messages sent per hour by one account, HTML filtering level for HTML email messages etc.

Innovative Storage

AXIGEN Mail Storage uses a proprietary technology which optimizes space and mail flow. This innovative storage architecture, doubled by a similar queue architecture, with index based access reduces I/O operations and disk access. Messages are stored in container files, a proprietary format that supports an effective space-saving filling procedure, allowing system administrator to specify the locations and number of directories/files allowed for message storage.

Advanced Security Tools

In terms of security, an extensive security tool set is implemented, which is also highly configurable. System Administrators can flexibly use the filtering rules available at server, domain and user level, by specifying what filters to use, the order of applicable filters and the actions to be taken according to the results of the scanning process. Filtering in AXIGEN includes Antivirus/Antispam, Antispoofing (SPF authentication rules) Domain Keys and custom SIEVE scripts. AXIGEN integrates at present connectors for Open source Antispam and Antivirus applications (SpamAssassin and ClamAV) but

AXIGEN User Manual



13

thanks to its script interface for external connectors, it can integrate with virtually any AS/AV application requested by users.

Automation Options

AXIGEN addresses automation requirements of System Administrators by providing them with an alternative configuration interface - CLI (Command Line Interface). Apart from providing an alternate method of performing basic configuration tasks, CLI automates repetitive tasks, which can be really time-consuming when performed manually. Automatic domain data migration is also available in Webadmin, where you can easily set migration related parameters.

Clustering Support

Starting with version 3.0., AXIGEN allows system administrators to route SMTP, POP and IMAP connections to different machines running our messaging solutions. This new feature is based the integration of AXIGEN with OpenLDAP and it makes use of the SMTP In, POP3 Proxy and IMAP Proxy services. These are some of the distinctive AXIGEN features - to read more about them, their configuration procedures, and many more facilities and configuration options provided by AXIGEN, browse through this online documentation.

AXIGEN User Manual



14

Chapter 2. Getting Started with AXIGEN This section gets you started with AXIGEN Mail Server, by outlining the software and hardware requirements your system needs to fulfill before you can install AXIGEN, the install and uninstall procedure for all available Linux distributions, BSD and Solaris platforms and initial configuration steps needed for the initial server run.

2.1. Software and Hardware requirements

Software requirements

AXIGEN has the following minimal software requirements:

• Linux OS, kernel 2.4/2.6 • glibc version 2.2.93 or later • libstdc++ version 3.2 or later

For BSD platforms requirements are as follows:

• FreeBSD 5.4 • NetBSD 3.0 • OpenBSD 3.8 or OpenBSD 3.9

For Solaris requirements are as follows:

• Solaris 10

For all platforms:

• Internet Explorer 6 or later/ Firefox 2.0

Hardware requirements

AXIGEN has the following minimal hardware requirements:

• Processor: x86, minimum frequency 300 MHz • RAM: 128 MB. • Available space on HDD: 20 MB free space for installation purposes and default configuration

files. The actual space AXIGEN will take on your hard disk depends on the number of accounts, domains and mailboxes and the size of messages stored on the mail server.

Supported platforms Linux (32-bit) RedHat Enterprise

• Redhat Enterprise Linux 4 • Redhat Enterprise Linux 3

AXIGEN User Manual



15

Fedora• Core 6 • Core 5 • Core 4

CentOS• 4.3 • 4.4

SuSE

• SuSE Linux Enterprise Server • SLES 10 • SLES 9

• SUSE Linux • 10.1 • 10.0

Gentoo• 2006.1 • 2006.0

Novell

• OES

Ubuntu• Ubuntu Server 6.10 • Ubuntu Server 6.06 • Ubuntu Server 5.10

Debian • Debian 3.1_r1

Mandriva • Mandriva 2006.0 • Mandriva 2007.0 • Mandrake Linux 10.2

Slackware • 11.0 • 10.2 • 10.1

BSD (32-bit) FreeBSD

• 6.2 • 6.1 • 6.0 • 5.5 • 5.4

AXIGEN User Manual



16

OpenBSD • 4.0 • 3.9 • 3.8

NetBSD • 3.1 • 3.0

Solaris Solaris 10

• x86, 32-bit architecture

Tested platforms AXIGEN has been tested extensively and is guaranteed to work on the following Linux distributions: Gentoo, Redhat/Fedora Core, Slackware, Debian, Ubuntu, Mandrake/Mandriva, SUSE. AXIGEN also runs on BSD platforms (FreeBSD, NetBSD and OpenBSD) and on Solaris 10.

2.2. Installing on Linux

The following section describes the general installation steps for AXIGEN on RedHat and SUSE distributions. For instructions related to a specific Linux distribution, please refer to the Install file included in the installation kit or read the sections corresponding to the respective Linux distribution.

General installation steps Here are the general steps to be taken in order to install AXIGEN.

• Unzip the original installation package. Read the Installing AXIGEN under RedHat and SuSE section for an example on how to unzip the installation files.

• Install AXIGEN files. Read the Installing AXIGEN under RedHat and SuSE section for an example on how to install the product.

• Configure axigen.cfg, as explained in the Configuring AXIGEN using axigen.cfg file section in order to adjust axigen.cfg file to your specific environment.

• Start the AXIGEN server (Read the Starting/Stopping/Restarting AXIGEN section for information on how to start AXIGEN).

• Create domains/accounts for your AXIGEN installation (more information can be found in the User and Domain Configuration section).

• Reconfigure axigen.cfg (if needed).

• Reload AXIGEN server. This way the changes committed in the main axigen.cfg file can take effect (changes to domains and accounts are made on the fly). Read the Starting/Stopping/Restarting AXIGEN section for information on how to reload AXIGEN.

• After the installation, no daemons or related application are started.

AXIGEN User Manual



17

Files Provided for Installation

The installation kit consists of the following files:

• INSTALL • UNINSTALL • README • Distribution-specific package file(s).

The following table shows the files and directories provided in the installation kit required for AXIGEN to run correctly:

Directory/File Description

/etc/init.d/ /etc/init.d/axigen

This is the initscript for AXIGEN. The script will start the daemon for the Gentoo, Debian, RedHat and SUSE distributions.

/etc/rc.d/rc3.d/S80axigen /etc/rc.d/rc4.d/S80axigen /etc/rc.d/rc5.d/S80axigen

Symbolic links to the above mentioned initscript file, needed to start the daemon in the respective run levels (only for RedHat and SUSE distributions).

/etc/rc.d/rc.axigen This is the initscript for AXIGEN in the Slackware distribution.

/etc/conf.d/axigenThis is the configuration file used by the AXIGEN initscript in the Gentoo distribution

/etc/opt/ /etc/opt/axigen/ /etc/opt/axigen/axigen.cfg

This is the main configuration file for AXIGEN.

/opt/axigen/ /opt/axigen/bin/ /opt/axigen/bin/axigen

This is the AXIGEN daemon.

/opt/axigen/bin/mqview

This is the executable to be used for viewing the status of the queued messages. Please refer to the Command Line Parameters section for instructions on using this tool.

/opt/axigen/share/ /opt/axigen/share/doc/ /opt/axigen/share/doc/README

Document containing the release notes for this version of AXIGEN.

/opt/axigen/share/doc/INSTALLDocument containing the installation instructions for AXIGEN

/opt/axigen/share/doc/UNINSTALLDocument containing the instructions for uninstalling AXIGEN.

/opt/axigen/share/doc/LICENSE Document containing the license

AXIGEN User Manual



18

for AXIGEN.

/opt/axigen/share/examples/ /opt/axigen/share/examples/axigen.cfg /opt/axigen/share/examples/domain.cfg /opt/axigen/share/examples/account.cfg

Sample configuration files, containing the default values for AXIGEN parameters, as presented in this User Manual.

/var/opt/ /var/opt/axigen/ /var/opt/axigen/Webmail/

Default directory used for storing files pertaining to AXIGEN Webmail module.

2.2.1. Installing under RHEL, Fedora Core, Mandrake and SuSE (gcc3)

Here are the installation steps for RHEL, Fedora Core, Mandrake and SuSE distributions.

1. Unzip the downloaded file, by issuing the following command in the same directory as the downloaded file: tar xzvf <install kit file>

2. For example, to unpack the AXIGEN RPM package for the i386 architecture, type in the directory where the file is located: tar xzvf axigen.i386.rpm.tar.gz

3. Installation

In order to install the RPM package, you must issue (while logged in as root) the following command, from the same directory with the rpm file: rpm -ivh axigen-version-build.i386.rpm To install AXIGEN Mail Server version 1.2.2, build 1, the corresponding command will be: rpm -ivh axigen-1.2.2-1.i386.rpm After the installation, no daemons or related application will be started.

4. Configuration

Before you start AXIGEN, you need to configure it. You can do that by modifying the main configuration file (please refer to the Initial Configuration section for more information).

5. Start AXIGEN.

In both RedHat and SUSE, the AXIGEN server can be started via its initscript, by issuing this command: /etc/init.d/axigen start

The above installation steps apply for the following gcc3 distributions: Redhat Enterprise Linux 3 and 4 Fedora Core 3 or lower SuSE Linux Enterprise Server 9 SUSE Linux 9.3 or lower Mandrake Linux 10.2 These installation instructions apply for all RPM based distros (RHEL, Fedora Core, SuSE, Mandrake/Mandriva).

AXIGEN User Manual



19

2.2.2. Installing under Fedora Core, Mandriva and SuSE (gcc4)

Here are the install instructions for RPM based distros with gcc4 (Fedora Core, Mandriva, SuSE):

1. Installation

In order to install the RPM package, you must issue (while logged in as root) the following command, from the same directory with the rpm file: rpm -ivh axigen-version.gcc4-build.i386.rpm To install AXIGEN Mail Server version 1.2.2, build 1, the corresponding command will be: rpm -ivh axigen-1.2.2.gcc4-1.i386.rpm After the installation, no daemons or related application will be started.

2. Configuration

Before you start AXIGEN, you need to configure it. You can do that by modifying the main configuration file (please refer to the Initial Configuration section for more information).

3. Start AXIGEN.

In both Fedora Core and Mandriva, the AXIGEN server can be started via its initscript, by issuing this command: /etc/init.d/axigen start

The above installation steps apply for the following gcc4 distributions: Fedora Core 4 or higher SUSE Linux 10.0 of higher Mandriva 2006.0 Mandriva 2007.0

2.2.3. Installing under Debian/Ubuntu

To install AXIGEN under Debian, go through the following steps:

1. Installation

In order to install the DEB package, you must issue (while logged in as root) the following command, from the same directory with the deb file: dpkg -i axigen_version-build_i386.deb To install AXIGEN Mail Server version 1.2.2, build 1, the corresponding command is: dpkg -i axigen_1.2.2-1_i386.deb After the installation, no daemons or related application will be started.

2. Configuration

Before you start AXIGEN, you need to configure it. You can do that by modifying the main configuration file and the other specific configuration files (please refer to the README file from the installation kit, for more information about their names and locations). More information about each configuration setting can be found in the sample configuration files installed by default, as comments.

AXIGEN User Manual



20

3. Start AXIGEN

In Debian, AXIGEN can be started via its initscript, by issuing: /etc/init.d/axigen start

These same instructions also apply to the Ubuntu distribution, except for the install command: dpkg -i axigen_1.2.2-1ubuntu1_i386.deb

2.2.4. Installing under Gentoo

To install AXIGEN under Gentoo, go through the following steps:

1. Installation

In order to install the ebuild package, you must issue the following commands (while logged in as root) from the same directory as the ebuild file: ./prepare.sh emerge axigen After the installation, no daemons or related applications are started.

2. Configuration

Before you start AXIGEN, you need to configure it. You can do that by modifying the main configuration file and the other specific configuration files (please refer to the README file from the installation kit, for more information about their names and locations). More information about each configuration setting can be found in the sample configuration files installed by default, as comments.

3. Start AXIGEN

In Gentoo, AXIGEN can be started via its initscript, by issuing: /etc/init.d/axigen start Several settings for the AXIGEN initscript are available via the following file (please read the comments from this file for information about using them): /etc/conf.d/axigen

2.2.5. Installing under Slackware

To install AXIGEN under Slackware, go through the following steps:

1. Installation

In order to install the Slackware TGZ package, you must issue (while logged in as root) the following command, from the same directory with the tgz file: installpkgaxigen-version.i386-1.tgz To install AXIGEN version 1.2.2, the corresponding command is: installpkg axigen-1.2.2-i386-1.tgz After the installation, no daemons or related applications are started.

2. Configuration

Before you start AXIGEN, you need to configure it. You can do that by modifying the main configuration file (please refer to the Initial Configuration of AXIGEN Mail Server section in this User Manual for more information.

AXIGEN User Manual



21

3. Start AXIGEN

In Slackware, AXIGEN can be started via its initscript, by issuing: /etc/rc.d/rc.axigen start In order to start AXIGEN initscript at boot time, you need to add the following line in the etc/rc.d/rc.local file: [ -x /etc/rc.d/rc.axigen ] && /etc/rc.d/rc.axigen start and set the executable bit for the script: chmod +x /etc/rc.d/rc.axigen

2.3. Installing on BSD

AXIGEN is available for several BSD platforms: FreeBSD, NetBSD and OpenBSD. As a general rule, for BSD platforms, the install command is:

pkg_add axigen-version.tgz

2.3.1. Installing on FreeBSD

In order to install the AXIGEN Mail Server on FreeBSD, follow these instructions:

1. Installation

Issue (while logged in as root), the following command, from the same directory as the tgz file: pkg_add axigen-version_build.tgz For instance, for the 1.2.2 version, build 1, the corresponding command will be: pkg_add axigen-1.2.2_1.tgz After the installation, no daemons or related application will be started.

2. Configure AXIGEN

Before you start the AXIGEN server, you need to configure it. You can do that by modifying the main configuration file and the other specific configuration files (please refer to the README file from the installation kit, for more information about their names and locations). More information on each configuration setting can be found in the sample configuration files installed by default, as comments.

3. Start the AXIGEN server

In FreeBSD, the AXIGEN server can be started via its initscript, by issuing: /usr/local/etc/rc.d/axigen.sh start

2.3.2. Installing on NetBSD

The instructions to install AXIGEN on NetBSD are presented below:

1. Installation In order to install the NetBSD package, you must issue (while logged in as root), the following command, from the same directory as the tgz file: pkg_add axigen-version_build.tgz

2. For instance, for AXIGEN version 1.2.2, build 1, the corresponding command will be: pkg_add axigen-1.2.2_1.tgz

AXIGEN User Manual



22

After the installation, no daemons or related application will be started.

3. Configure AXIGEN

Before you start the AXIGEN server, you need to configure it. You can do that by modifying the main configuration file and the other specific configuration files (please refer to the README file from the installation kit, for more information about their names and locations). More information about each configuration setting can be found in the sample configuration files installed by default, as comments.


In NetBSD, the AXIGEN server can be started via its initscript, by issuing: /etc/rc.d/axigen start

2.3.3. Installing on OpenBSD

The instructions to install AXIGEN on OpenBSD are presented below:

1. Installation In order to install the OpenBSD package, you must issue (while logged in as root), the following command, from the same directory as the tgz file: pkg_add axigen-version_build.tgz For instance, for AXIGEN version 1.2.2, build 1, the corresponding command will be: pkg_add axigen-1.2.2_1.tgz After the installation, no daemons or related application will be started.

2. Configure AXIGEN

Before you start the AXIGEN server, you need to configure it. You can do that by modifying the main configuration file and the other specific configuration files (please refer to the README file from the installation kit, for more information about their names and locations) More information about each configuration setting, can be found in the sample configuration files installed by default, as comments.


In OpenBSD, the AXIGEN server can be started via its initscript, by issuing: /usr/local/bin/axigen.sh start

2.4. Installing on Solaris

In order to install the AXIGEN Mail Server on Solaris, follow these instructions:

1. Installation

In order to install the Solaris/SunOS package, you must issue (while logged in as root), the following command, from the same directory as the AXIGEN uncompressed installation kit: gunzip axigen-version.tar.gz tar xvf axigen-version.tar pkgadd -d .

AXIGEN User Manual



23

For instance, the corresponding commands for AXIGEN version number 2.0.0 will be: gunzip axigen-2.0.0.tar.gz tar xvf axigen-2.0.0.tar pkgadd -d After the installation, no daemons or related application will be started.

2. Configuration

Before you start the AXIGEN server, you need to configure it. You can do that by modifying the main configuration file and the other specific configuration files (please refer to the README file from the installation kit, for more information about their names and locations). More information about each configuration setting can be found in the sample configuration files installed by default, as comments.


In Solaris/SunOS, the AXIGEN server can be started via its initscript, by issuing: /etc/init.d/axigen start

2.5. Uninstalling under Linux

This section provides instructions on how to uninstall the AXIGEN Mail Server under all available Linux distributions.

2.5.1. Uninstalling under RHEL, Fedora Core, Mandriva /Mandrake and SuSE (gcc3, gcc4)

To uninstall the AXIGEN mail server under RHEL, Fedora Core, Mandriva/Mandrake and SuSE:

1. Remove the AXIGEN RPM package

In order to remove the AXIGEN package and its related files and directories, you can issue the following command, while logged in as root: rpm -e axigen The command explained above will also stop the AXIGEN daemon.

2. Optional: Remove the rest of the files/directories

The command from the first step does not automatically remove the files that were modified after the installation (such as configuration files), non-empty directories and other files or directories that were not created as a result of the installation. All the files and/or directories that are contained in the following locations must be deleted manually: /etc/opt/axigen/ /var/opt/axigen/

The above installation steps apply for the following gcc3 distributions: Redhat Enterprise Linux 3 and 4 Fedora Core 3 or lower SuSE Linux Enterprise Server 9 SUSE Linux 9.3 or lower Mandrake Linux 10.2

AXIGEN User Manual



24

and the following gcc4 distributions: Fedora Core 4 or higher SUSE Linux 10.0 of higher Mandriva 2006.0 Mandriva 2007.0

2.5.2. Uninstalling under Debian / Ubuntu

To uninstall AXIGEN under Debian or Ubuntu, go through the following steps:

1. Remove the AXIGEN package

In order to remove AXIGEN package and its related files and directories, you have two options:

o while logged in as root, issue the command: dpkg -P AXIGEN (to "purge" the package - this is the recommended option)

o while logged in as root, issue the command: dpkg -r AXIGEN (to "remove" the package). These commands also stop AXIGEN daemon.


The commands on Step 1 do not automatically remove the files that were modified after the installation (such as configuration files), non-empty directories and other files or directories that were not created as a result of the installation. All the files and/or directories that are contained in the following locations must be deleted manually: /etc/opt/axigen/ /var/opt/axigen/ /opt/axigen/

2.5.3. Uninstalling under Gentoo

Here are the steps to be taken in order to uninstall AXIGEN under Gentoo.

1. Remove AXIGEN ebuild package

In order to remove AXIGEN package and its related files and directories, you can issue the following command, while logged in as root: emerge --unmerge AXIGEN This command also stops the AXIGEN daemon.


The command in Step 1 does not automatically remove the files that were modified after the installation (such as configuration files), non-empty directories and other files or directories that were not created as a result of the installation. All the files and/or directories that are contained in the following locations must be deleted manually: /etc/opt/axigen/ /var/opt/axigen/ /opt/axigen/

AXIGEN User Manual



25

2.5.4. Uninstalling under Slackware

Here are the steps to be taken in order to uninstall AXIGEN under Slackware.

1. Remove the AXIGEN Slackware TGZ package

In order to remove AXIGEN package and its related files and directories, you can issue the following command, while logged in as root: First, stop AXIGEN’ daemon: /etc/rc.d/rc.axigen stop Then remove AXIGEN package: removepkg axigen-version-i386-build For instance, to remove AXIGEN version 1.2.4 build 1, the corresponding command will be: removepkg axigen-1.2.4-i386-1


The command on Step 1 does not automatically remove the files that were modified after the installation (such as configuration files), non-empty directories and other files or directories that were not created as a result of the installation. All the files and/or directories that are contained in the following locations must be deleted manually: /etc/opt/axigen/ /var/opt/axigen/ /opt/axigen/ Also, you can remove the following line from the /etc/rc.d/rc.local: [ -x /etc/rc.d/rc.axigen ] && /etc/rc.d/rc.axigen start

2.6. Uninstalling under BSD

The generic command used to uninstall the AXIGEN Mail Server for BSD platforms is: pkg_delete axigen-version

2.6.1. Uninstalling under FreeBSD

To uninstall AXIGEN Mail Server, follow these instructions:


In order to remove the AXIGEN package and its related files and directories, you can issue the following command, while logged in as root:

o first, stop the AXIGEN daemon /usr/local/etc/rc.d/axigen.sh stop

o then remove the package pkg_delete axigen-version To uninstall version 1.2.2._1, the corresponding command is: pkg_delete axigen-1.2.2._1


The command from the first step does not automatically remove the files that were modified after the installation (such as configuration files), non-empty directories and other files or directories that were not created as a result of the installation. These files must be removed manually.

AXIGEN User Manual



26

2.6.2. Uninstalling under NetBSD

1. Remove the AXIGEN package In order to remove the AXIGEN package and its related files and directories, you can issue the following command, while logged in as root:

First, stop the AXIGEN daemon: /etc/rc.d/axigen stop Then remove the package: pkg_delete axigen-version For AXIGEN Mail Server version 1.2.2_1 the corresponding command would be: pkg_delete axigen-1.2.2_1



2.6.3. Uninstalling under OpenBSD



First, stop the AXIGEN daemon: /usr/local/bin/axigen.sh stop Then remove the package: pkg_delete axigen-versionTo remove AXIGEN Mail Server version 1.2.2_1, the corresponding command is: pkg_delete axigen-1.2.2_1



2.7. Uninstalling under Solaris

Here are the steps to be taken in order to uninstall AXIGEN under Solaris:



First, stop the AXIGEN daemon: /etc/init.d/axigen stopThen remove the package: pkgrm GCADAxigen

AXIGEN User Manual



27



2.8. Starting / Stopping / Restarting the server

This section lists common commands meant to start / stop / restart the server for various Linux distributions and FreeBSD.

1. Linux o For RedHat, Debian, Gentoo and SUSE distributions

You can start the server with the following command: /etc/init.d/axigen start To stop the server, you can issue: /etc/init.d/axigen stop In order to restart the AXIGEN daemon (in order to reload the new configuration settings, for instance), you can use the 'restart' parameter: /etc/init.d/axigen restart To view the status of the AXIGEN demon, you can pass the 'status' parameter: /etc/init.d/axigen status

o In Slackware, you can use the same commands, applied to the /etc/rc.d/rc.axigen initscript, instead of /etc/init.d/axigen.

For instance, to start the server, you can issue: /etc/rc.d/rc.axigen start

2. FreeBSD

In FreeBSD, the AXIGEN server can be started via its initscript, by issuing: /usr/local/etc/rc.d/axigen.sh start

3. Solaris

In Solaris/SunOS, the AXIGEN server can be started via its initscript, by issuing: /etc/init.d/axigen start To stop the server, you can issue: /etc/init.d/axigen stop In order to restart the AXIGEN daemon, you can use: /etc/init.d/axigen restart To reload the AXIGEN daemon (i.e. for new configuration settings to take effect), you can pass the 'reload' parameter to the initscript: /etc/init.d/axigen reload To view the AXIGEN daemon status, you can pass the 'status' parameter: /etc/init.d/axigen status

AXIGEN User Manual



28

2.9. Initial Server Configuration

This section describes basic server configurations that you need to do in order to get your server up and running: setting the admin password, enabling the Web configuration interface, creating a domain and adding accounts. Some of these actions can also be performed automatically using the AXIGEN Configuration Wizard, also described in this section.

2.9.1. Setting the Admin Password

Before accessing the WebAdmin interface it is mandatory to set the password for the AXIGEN admin account. To do that, go through these steps:

1. If the AXIGEN server is running, first stop it, using the following command: /etc/init.d/axigen stop

2. Run AXIGEN only with -A (or --admin-passwd) option. Example: /opt/axigen/bin/axigen -A <password>

3. Restart the server. /etc/init.d/axigen restart

Note: Currently you can use this password only with the admin username. For details on how to set the password using the Configuration Wizard, see the corresponding section.

2.9.2. Enabling and Logging on to the Webadmin Interface

In AXIGEN 2.0, the WebAdmin service is enabled by default, so you can directly skip to Step 4 of this procedure. If you’re using an older version of AXIGEN, or if you have disabled your WebAdmin service and need to enable it again, steps 1-3 explain how to enable it using the configuration file. By default, the WebAdmin module listens to the 9000/tcp port and can be enabled by editing the AXIGEN configuration file (installed by default in the this location: /var/opt/axigen/run/axigen.cfg) and set it as instructed below:

1. Add the WebAdmin service to the services {} list: Server { services = (imap log pop3 processing smtp webadmin) ...

2. In the webadmin {} context, configure and enable the default listener: webadmin = { ... listeners = ( { address = 127.0.0.1:9000 enable = yes ... }

3. Restart AXIGEN

AXIGEN User Manual



29

4. Connect to the WebAdmin interface. Enter http://127.0.0.1:9000/ in your browser and login using the admin username and the password you have previously set.

5. If you are accessing the WebAdmin from a different machine, you need to set in the listener's address parameter the IP address of the machine on which AXIGEN is installed. Or, you can set this parameter to 0.0.0.0 (in this case, the listener will listen to all machine interfaces). When accessing the AXIGEN WebMail, you need to replace the 127.0.0.1 IP from the URL with the IP address of the machine on which the AXIGEN Mail Server is installed. For example, if the machine running AXIGEN has the 192.168.1.1 IP address, change the IP/port data under Server->Webadmin->Listeners->Address to match your IP/port: server {

... webadmin { ...s listeners = ( { ... address = 192.168.1.1:9000 enable = yes Remember to reload your AXIGEN Mail Server after each change in the configuration files.

6. Check the system log file(s) for confirmation that the Webadmin service is correctly loaded.

The system log file should display a message similar to the one below: ...INFO: WEBADMIN: listener added 192.168.1.1:9000 ...SUCCESS: WEBADMIN: started You can now login to WebAdmin. Start your favorite browser and enter the IP/port pair you have configured. In the example set above, the default address is http://192.168.1.1:9000. Login using the admin username and the password you have previously set.

For details on how to set the WebAdmin interface automatically, see the AXIGEN Configuration Wizard section.

AXIGEN User Manual



30

2.9.3. Creating a New Domain

The AXIGEN mail server stores each created domain in a unique domain location. This location is specified when creating the domain and will result in an error if a second domain is created on the same location. The default location displayed by AXIGEN is /var/opt/axigen/domains.

Important! When creating domains, one message storage location is recommended for each predicted 20GB of message occupied storage space. For larger spaces, additional message storage locations should be created to correspond to the number of 20GB storages you need. You can add multiple message storage locations using CLI only within the domain creation context. After creating the domain, additional locations cannot be added. The command to create multiple message storage locations is as follows: ADD MessagesLocation <path>

AXIGEN User Manual



31

To create a new Domain, please follow the steps presented below

1. Click on the Domains tab. The WebAdmin Domains page is displayed.

2. Fill the Domain name text box with the domain name you want to create. Please note the name of the domain cannot include special characters.

Note: AXIGEN is RFC compliant in terms of characters you can use when creating new domains and/or accounts. Please refer to the relevant RFC standard, Internet message format, available for instance on http://www.faqs.org/rfcs/rfc2822.html.

3. Check if you have specified the correct domain name and if you have specified the correct location for the edited domain in the Domain location field.

4. Specify a password to protect the selected domain in the Postmaster Password. 5. Press the Add new domain button.

6. After pressing the Add new domain button, a page including the default domain properties for the domain you are adding is displayed (see below). Edit the domain-specific parameters according to your preferences or keep their default values. To find out more about Domain configuration, see Domains section.

http://www.faqs.org/rfcs/rfc2822.html

AXIGEN User Manual



32

7. Press the Update (upper right corner) button and then the Commit button (upper right corner) to save and commit your changes.

You have successfully created a new domain. You can see the domains currently created on the server using the Domain list link in the upper right corner of the Domains tab.

Note: After defining your first domain, you should also specify your primary domain. This will be considered your default domain for all incoming mail. To do this, press the Server tab on the left and add the name of your primary domain in the primarydomain editable text box.

AXIGEN User Manual



33

2.9.4. Adding an Account to an Existing Domain

To add a new account to an existing domain:

1. In the WebAdmin page click on Accounts tab. 2. Click on the View button corresponding to the domain for which you want to display the

existing accounts or to add a new account. In the example below, the accounts for the example domain are displayed.

3. The existing accounts for the domain you have selected are displayed. To add a new account to this domain, enter the name of the account to be created in the Account name text box and a password in the Password text (required, needs to have at least one character). Then press the Add new account button. In this example, an account named 'henry_nash' is added to the 'example' domain.

AXIGEN User Manual



34

4. After pressing on the Add new account button, a page presenting the default account properties for the account you are creating is displayed (see below). Edit the account-specific parameters to suit your needs or leave them with their default values. The only mandatory field is password. For advanced account settings, see Accounts section.

5. Press the Update button (upper right corner) then as it the button changes to Commit, press it again to save and commit your changes.

You have successfully added the 'laura_white' account to the 'example' domain. You can see the accounts currently associated with your domains using the Account list link. The link is available in the upper right corner of the page displaying the available accounts for the selected domain (see above).

2.9.5. Automated Configuration with AXIGEN Configuration Wizard

Aiming to enhance, simplify and render the initial setup automatic, starting with version 1.2.6, the AXIGEN Mail server includes the AXIGEN Configuration Wizard. In eleven easy steps, the wizard enables system administrators to instantly set the admin password, configure the primary domain and set up an interface for the WebAdmin management tool and also for the POP3 and IMAP services. These actions were previously performed partly manually, partly using the WebAdmin interface. The AXIGEN Configuration Wizard is provided as part of all the AXIGEN Mail Server 4.0 installation packages, available for download on the AXIGEN site.

Firstly, the wizard needs to be launched by issuing one of the following commands, depending on the platform you have installed the AXIGEN Mail Server on:

1. On Solaris and all Linux platforms: /opt/axigen/bin/axigen-cfg-wizard

AXIGEN User Manual



35

2. On OpenBSD and FreeBSD: /usr/local/bin/axigen-cfg-wizard 3. On NetBSD: /usr/pkg/bin/axigen-cfg-wizard 1. Configuring the Admin Password

After launching the AXIGEN Configuration Wizard, the first step you are prompted to take is specify the admin password. The password is required and therefore system administrators must type at least one character.

Use the Pasword field to type your password and the Validate field to retype it for validation. To move from one field to another, please use the Tab or Enter keys. To proceed to the next step, when located on the Next button, press the Enter key.

2. Configuring your Primary Domain

The next stage of running the wizard consists in configuring AXIGEN’s primary domain. The wizard will automatically detect the machine’s FQDN (Fully Qualified Domain Name) and based on it will propose the domain name as primary. If no domain can be detected, the default ‘localdomain’ will be displayed. System Administrators can edit the fields of this tab at any time.

AXIGEN User Manual



36

In the Primary Domain field, the wizard will display the automatically detected domain. Use the Domain Location field to edit the default storage path for the primary domain, /var/opt/axigen/domains. To configure the primary domain password for the account postmaster, use the Postmaster account password field. To move from one field to another, please use the Tab or Enter keys. To proceed to the next step, when located on the Next button, press the Enter key. 3. Alias Configuration When running the wizard, this steps allows system administrators to select the alias they would like to configure for the primary domain defined at the previous step. There are three available options:

• Redirect all mails for root account to postmaster • Add the 'localhost' alias to this domain • Add the 'localhost.localdomain' alias to this domains

To select or deselect one of the listed options, press Enter.

AXIGEN User Manual



37

4. Configuring the WebAdmin Interface This following step performed by the AXIGEN Configuration Wizard is to select the WebAdmin Interface. The wizard will list all the existing interfaces with their respective IP addresses and ports, enabling system administrators to select a listener for WebAdmin. In the previous versions, the WebAdmin was initially accessed on its default listener, http://127.0.0.1:9000/.

Select one of the listed interfaces, then move to the OK button (using the Tab or Enter keys) and then press Enter again. If you choose the first option, all, all the listed interfaces will be used as listeners for the WebAdmin management tool. If you choose a different interface, you will be prompted to confirm the choice you have made. 5. Configuring the SMTP Interface The next step performed by the AXIGEN Configuration Wizard is to select the SMTP Interface. The wizard will list all the existing interfaces with their respective IP addresses and ports, enabling system administrators to select a listener for SMTP.

http://127.0.0.1:9000/

AXIGEN User Manual



38

Select one of the listed interfaces, then move to the OK button (using the Tab or Enter keys) and then press Enter again. If you choose the first option, all, all the listed interfaces will be used as listeners for the SMTP service. If you choose a different interface, you will be prompted to confirm the choice you have made. 6. Services Selection The sixth step of the automatic configuration process allows system administrators to select the active services for the AXIGEN server. For each of the selected services, POP3, IMAP or WebMail, further settings are available within the following steps. If none of the three services is enabled, the wizard will skip directly to step 10 of the configuration.

To select or deselect one of the listed options, press Enter. 7. Configuring the POP 3 Interface

The next step performed by the AXIGEN Configuration Wizard is to select the POP3 Interface. The wizard will list all the existing interfaces with their respective IP addresses and ports, enabling system administrators to select a listener for the POP3 service.

AXIGEN User Manual



39

Select one of the listed interfaces, then move to the OK button (using the Tab or Enter keys) and then press Enter again. If you choose the first option, all, all the listed interfaces will be used as listeners for the POP3 service. If you choose a different interface, you will be prompted to confirm the choice you have made. 8. Configuring the IMAP Interface

Step 8 performed by the AXIGEN Configuration Wizard is to select the IMAP Interface. The wizard will list all the existing interfaces with their respective IP addresses and ports, enabling system administrators to select a listener for the POP3 service.

Select one of the listed interfaces, then move to the OK button (using the Tab or Enter keys) and then press Enter again. If you choose the first option, all, all the listed interfaces will be used as listeners for the POP3 service. If you choose a different interface, you will be prompted to confirm the choice you have made. 9. Configuring the WebMail Interface For the next step, the AXIGEN Configuration Wizard will allow system administrators to select the WebMail Interface. The wizard will list all the existing interfaces with their respective IP addresses and ports, enabling system administrators to select a listener for the WebMail service.

AXIGEN User Manual



40

Select one of the listed interfaces, then move to the OK button (using the Tab or Enter keys) and then press Enter again. If you choose the first option, all, all the listed interfaces will be used as listeners for the WebMail service. If you choose a different interface, you will be prompted to confirm the choice you have made. 10. Configuring Relay Policies. The AXIGEN Configuration Wizard will then prompt system administrators to select the networks allowed to relay emails through the AXIGEN server without prior authentication. To select or deselect one of the listed options, press Enter.

When one of the available networks is selected, a script configuring a Relay Policy is automatically created. For details on Relay Polices, please see the corresponding section of the online documentation.

11. Sendmail Wrapper Configuration

This configuration steps is required if system administrators want command line applications such as mailix to be able to send emails via AXIGEN. Such applications use the Sendmail Wrapper which thus needs to be configured to work correctly with AXIGEN.



AXIGEN User Manual



41

The Wizard describes in detail the actions taken when selecting "Yes" at this step. The Wizard will initially display a message prompting you to wait for the changes to be applied to your existing configuration and will then respond with a successful operation message.

After completing these steps, the wizard will display a message summarizing the steps just taken. It will also instruct system administrators to start the AXIGEN service and then access the WebAdmin interface on the selected IP-port combination.

Troubleshooting Firstly, on some distributions, the operating system sets the console display encoding to UTF-8. Thus all the wizard’s messages would be displayed incorrectly. For troubleshooting, please consult this knowledgebase article. Secondly, if any other message except the successful one is displayed by the wizard after taking the configuration steps, please contact the AXIGEN Support team at [email protected].

http://www.axigen.com/knowledgebase/How-to-send-emails-using-the-sendmail-wrapper_35.html

AXIGEN User Manual



42

Chapter 3. Mail Server Architecture

AXIGEN is an integrated service SMTP, IMAP, POP, secured SSL/TLS, WebMail and list server, integrating advanced technologies and messaging services.

Services and Modules

AXIGEN Mail Server is an Internet-based mail server that provides messaging services over the Internet via connections using a Transmission Control Protocol/Internet Protocol (TCP/IP) network. AXIGEN Mail Server sends mail messages using the Simple Mail Transfer Protocol (SMTP). The messages can be retrieved using the Post Office Protocol version 3 (POP3), the Internet Message Access Protocol (IMAP) and WebMail. AXIGEN Mail Storage integrates a proprietary technology that allows storing messages in a special directory structure, guaranteeing an effective, fast mail flow and optimizing space-saving.

Architecture Features

AXIGEN incorporates a multi-threaded engine, which can break server activity into multiple parallel processing threads. This enables system administrators to allocate a certain number of processing threads to specific modules (SMTP incoming / SMTP outgoing / WebMail / IMAP, etc. Running services can be configured at service, domain and account level. Most AXIGEN services (SMTP Incoming, SMTP Outgoing, POP, IMAP, WebMail) make use of configurable listeners to define rules for accepting or denying connections.

Administration Tools

The administration tools enable both centralized configuration (WebAdmin and Command Line Interface) and manual configuration (configuration file). For each service described in the Architecture chapter, configuration options are available in each of these tools (WebAdmin, CLI and the configuration file, axigen.cfg).

Security

AXIGEN incorporates an advanced filtering system and other innovative security tools (Antivirus, AntiSpam, Antispoofing - SPF Authentication, SSL/TLS authentication). Highly configurable logging and reporting services are also available, and an FTP Backup service allowing you to securely backup and restore your domain and user configuration.

AXIGEN User Manual



43

Below you can find a schema illustrating all AXIGEN components.

3.1. Generic Server Configuration

In AXIGEN, there are a number of generic server settings referring to overall server behavior and functionalities, such as Running services, SSL and DNR related settings.

3.1.1. Running Services Running services AXIGEN is a modular server, running either as integrated service server, or with certain services inhibited. When using AXIGEN as main mail server, it is recommended to run all services provided by AXIGEN - Processing, SMTP Incoming, SMTP Outgoing, POP3, IMAP, WebMail, WebAdmin, CLI, Log, Report, FTP Backup - in order to take full benefit of functionalities offered by the server. By default, when installing mail services, the following services will be running: SMTP, IMAP, POP3, WebMail and WebAdmin. SMTP stands for all AXIGEN SMTP services: SMTP Incoming, SMTP Outgoing and Processing. To see configuration options on this parameter, see Server tab. A similar option is available in WebAdmin at domain and account / mail list level, with relevant choices for the respective level - see the Domains tab and Accounts tab sections for configuration options.

AXIGEN User Manual



44

3.1.2. Other Generic Server Parameters

Primary domain

In AXIGEN Mail Server you can specify a primary domain name, and than add as many domains (secondary domains) as your license type allows.

The primary domain is the default domain for your mail server. This means that email sent to "user_name" will automatically be transmitted to "user_name@primarydomain".

The primary domain default value is the result of the 'getdomainname' function, which is the current domain name (local domain).

SSL Random File

In order to establish SSL connections, a file containing entropy data is used for generating random numbers. The path to this file needs to be defined in the Server Global settings.

For more information on SSL in AXIGEN, see Authentication and Encryption.

SSL parameters are also provided when defining listeners (see corresponding section).

For more information on how to set generic server parameters using WebAdmin, see Server Tab.

3.1.3. DNR Settings

Domain Name Resolver

AXIGEN includes a Domain Name Resolver (DNR) module used to extract information from domain servers. The module implements the specifications from RFC1034 and RFC1035. It communicates with domain name servers using UDP sockets on port 53. AXIGEN services using DNR:

• The SMTP Incoming service uses DNR for performing the SPF tests (this action involves PTR and TXT queries).

• The SMTP outgoing service queries DNR for MX and A information about the domain where to relay the mail messages.

DNR Attributes

DNR needs to be initialized with a list of name server IP addresses which will be used as base for executing the DNS queries if the DNR's internal cache does not contain information about name servers of the domain searched. AXIGEN indexes automatically the DNS specified in the operating system, by assigning them levels of priority according to the order in which they are found in the OS. Name servers are identified by an IP and are assigned a set of parameter values, which can be subsequently user-defined. DNR sends queries to the first IP and in case of error it will send the same query to the same IP address after an interval specified in seconds by the timeout parameter. If after a number of retries specified using the retries parameter, the name server still returns an error,

AXIGEN User Manual



45

AIXGEN goes on to the next name server IP. The same procedure is applied until the end of the list is reached. If the end of the list is reached without obtaining an appropriate response, a general DNR TIMEOUT error is returned.

Each nameserver IP has an associated level of priority (specified using the priority parameter). By default, the server will assign values incremeted by 5 units (5, 10, 15, etc) according to the order defined in the operating system. You can however assign different priority values and define a different order in which you wish to query nameservers (the servers with the higher priority are queried first).

The retries and timeout parameters can be defined both at service level, for all name servers defined, and at name server level, if you wish to set different values for a particular name server. The module queries name servers for information of type A, NS, MX, PTR and TXT and it can maintain a cache with this information in order to limit the bandwidth and time consumed with DNS traffic. For each query type (A, NS, MX, PTR, TXT) it caches cacheSize number of responses. For information on how to configure these parameters, please see DNR tab.

3.2. Services and Modules

This section includes brief overviews of all services and modules included in AXIGEN Mail Server.

3.2.1. SMTP Incoming

The AXIGEN SMTP Incoming module is responsible with accepting connections initiated by other entities via SMTP/ESMTP protocols. AXIGEN SMTP Incoming establishes the dialogue, receives the mail message if all conditions set by the System Administrator are fulfilled and forwards the mail message to the Processing module. The SMTP Incoming module is compliant with ESMTP RFCs, therefore implementing all the corresponding features.

This module includes functions such as configurable listeners, thread and client management, user authentication and a built-in SPF authentication procedure. This module has not only the role of receiving the mail messages from other entities, but also to protect the Mail Server against attacks and ensure a good functionality adjusted to the processing

AXIGEN User Manual



46

power of the hardware, the bandwidth, and other factors. In order to ensure this, the module has a number of attributes managing connectivity, clients (using listeners) and client authentication. It also provides numerous logging options and advanced parameters to manage them. In AXIGEN, at SMTP Incoming level, SPF tests are being performed, thus ensuring basic email sorting before they reach the queue. The SMTP Incoming module accepts connections as specified by the SMTP listeners defined in configuration file, receives the message, performs the SPF test and if the message passes the test, it is placed in the Queue. By default the server accepts connections on 127.0.0.1:25.

Connection Error Control

In order to protect the server, the system administrator can limit the number of failed/wrong commands that can be received from SMTP clients during one session. This way, incomplete connections or connections that are not RFC compliant are dropped and the corresponding messages are not accepted, thus freeing important bandwidth. You can limit the number of authentication errors allowed for one SMTP client per session by using the maxAuthErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that SMTP client. You can limit the number of errors allowed for one SMTP client per session by using the maxErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that SMTP client. Important: If you do not specify a limit for the maximum number of (authentication) errors allowed for a SMTP client's session, security risks may arise.

For information on how to configure connection error control parameters for SMTP-In using WebAdmin, see Configuring Connection Error Control Parameters.

Connection Thread Controls

AXIGEN can run on a large variety of systems and machines, in networks with very different traffic loads, structures, domain configurations, user rights, authorization procedures, etc. Depending on your specific network specifications and conditions, you can adapt the workload to the server's processing power, in order to prevent a system overload (with maxConnThreads) or to improve server performance (with minConnThreads). These two complementary parameters define the lower and upper limit for the number of threads that are opened at any given moment by AXIGEN SMTP Incoming module. With maxConnThreads you can set the maximum number of threads that can be opened at a specific moment of time and prepare for unforeseen peaks in server activity to avoid a system overload. With minConnThreads you can set the minimum number of threads that can be opened at a specific moment of time. This is important because even when there is no activity for AXIGEN Mail Server, a burst of new messages, i.e. a large workload, can arrive at any moment. At that time, the number of threads specified using minConnThreads threads will already have a "waiting" status, thus ready to process the message "burst" in good conditions, without delays. For information on how to configure connection thread control parameters for SMTP-In using WebAdmin, see Configuring Connection Thread Control Parameters.

AXIGEN User Manual



47

Log Control

Just like all the other AXIGEN main services, the SMTP Incoming module can log different types of events. The system administrator can specify what events are logged, where and how they are logged. The SMTP Incoming's Log Control function can be configured using the following three attributes: logLevel, logType and logHost. See Logging service for more details on logging in AXIGEN. For information on how to configure log control parameters for SMTP-In using WebAdmin, see Configuring Log Control Parameters.

Authentication

Authentication is a method for preventing non-desirable actions and granting access to AXIGEN server's SMTP Incoming features only for authenticated users.

Note: AXIGEN server supports authentication, meaning it can be instructed to accept only connections/messages from authenticated entities. However, not all mail clients support this feature. If your mail client does not support SMTP authentication, this feature will not be available. The SMTP Incoming authentication process can be executed over secure connections (TLS enabled). The SMTP Incoming authentication process can also be executed in plain text (the username and password are sent to AXIGEN server in "base64" format; the server only accepts users correctly defined in account storage and that supply the corresponding passwords) or using CRAM MD5 (same data is provided, this time using the MD5 coding format). Below you can find a short explanation on the procedure for choosing the authentication method in AXIGEN's SMTP Incoming. From the list of authentication methods supplied by the client as answer to EHLO command, one of the CRAM-MD5, LOGIN and PLAIN methods is chosen (in this order). In case the CRAM-MD5 or LOGIN method is selected, if an error after the AUTH command occurs, AXIGEN tries to use one of Authentication parameters in SMTP-in are secureConnAuthTypes and plainConnAuthTypes which allow you to specify allowed authentication types for secure and respectively plain connections. For information on how to configure authentication parameters for SMTP-In using the SMTP filtering system, see SMTP Filters.

Message Acceptance Policies

AXIGEN 4.0 implements a set of message acceptance policies at SMTP-connection level. The system administrator can configure and implement message acceptance policies and adjust them to best suit their security requirements. Incoming connections established via SMTP and the message flow can be easily managed using the established policies. Moreover, they allow adding headers, changing addresses and other such actions. For more details, see the Message acceptance policies section.

Listener Control

AXIGEN Mail Server can use different Listeners for its SMTP Incoming service. The usage of listeners is helpful for defining and applying different apply/deny rules for AXIGEN services you are using. For additional information on listeners and their use in AXIGEN, please see Listeners.

AXIGEN User Manual



48

For information on adding and editing listeners in SMTP-In using WebAdmin, see Adding and Editing TCP Listeners.

3.2.2. Processing

The Processing module manages the mail messages in AXIGEN Queue, offering the system administrator information about mail message status. This module receives mail messages from the SMTP Incoming and WebMail modules and delivers them to AXIGEN Storage (for local delivery) and to the SMTP Outgoing module (for external delivery).

Local Mail Delivery

The Local Mail Delivery module ensures the placement of mail messages in the Message Storage. To test the Local Mail Delivery module, you can use the directories specified by messageStorages and accountStorages parameters from the domain configuration (domain.cfg). The directories are created automatically when the AXIGEN server is started, and the messageStorages and accountStorages parameters are automatically generated when a domain is created. The Processing module decides if the mail message will be stored locally or will be sent for external delivery (in the latter case, the SMTP Outgoing module is called). If there are any delivery errors, the delivery module will re-schedule the mail for later delivery. If there are too many delivery failures (default value is 20), the server will give up on delivering the message and will send a failure notification to the sender.

Interactions with Other Modules

AXIGEN Processing module interacts with AXIGEN IMAP and WebMail modules:

1. the AXIGEN IMAP module uses the AXIGEN Processing module for Append operations executed on mailboxes;

2. the AXIGEN WebMail module uses the AXIGEN Processing module for Compose operations (after the message is composed, it is placed in AXIGEN Queue).

AXIGEN User Manual



49

AXIGEN Queue The messages received from SMTP clients are stored in a queue that is processed by AXIGEN server according to specific rules. The system administrator can execute different operations on this queue, such as inspecting the queue, specifying/modifying the path where the queue is stored, modifying the number of subdirectories in the internal queue, etc. The queue is stored physically on several sub-folders. The numbers of these subfolders is specified in the configuration file using the queueEntryCount parameter. For information on how to manage queues management parameters using WebAdmin, see Managing the Queue. The mqview tool can be used to inspect the status of the files currently stored in AXIGEN queue. Please refer to the Command Line Parameters for details on using this tool. Note: Currently any change in the parameters specific to the Processing module requires a sever restart to become effective.

Message statuses

A message in a queue can have one of the following statuses:

• Incoming: The message is currently being received. It has not been treated in either way by AXIGEN;

• Received: The message has been received. No action has been taken on it yet.

• Processing: Message processing is underway.

• Processed: The message processing ended. The message processing could end successfully or not successfully. If the message is successfully processed, the next specific action (for instance delivery) specified for the message is carried out. If the message processing ends unsuccessfully, the message remains in Processed status.

• Sending: The process of sending the message is underway.

• Sent: The message has been sent.

Mail Scheduling

When a message can not be delivered by AXIGEN SMTP service for some non-critical reason, it can be re-scheduled, meaning AXIGEN server can try to re-send after some time interval is elapsed. You can adjust AXIGEN server's mail scheduling feature using the following three parameters: schedInterval, maxSchedInterval and maxRetryCount. The schedule interval is calculated using a formula detailed in Managing Mail Scheduling section.

Processing policies

The Processing policies correspond to the SMTP Processing module and enable administrators to define the NDR (Non-Delivery Receipt) text and the conditions when such a message is returned. For further information, see the dedicated section in the Mail Server Security chapter.

AXIGEN User Manual



50

Log Control Just like all the other AXIGEN main services, the Processing module can log different types of events. The system administrator can specify what events are logged, where and how they are logged. The Processing Log Control function can be configured using the following three attributes: logLevel, logType and logHost. See Logging service for more details on logging in AXIGEN. For information on how to configure log control parameters for Processing using WebAdmin, see Configuring Log Control Parameters.

3.2.3. SMTP Outgoing

The SMTP Outgoing module is responsible for delivering mail messages to remote hosts.

SMTP Outgoing is the AXIGEN module taking care of sending messages directly to message recipients. AXIGEN SMTP Outgoing is using DNR (Domain Name Resolver) for mapping domain names to IP addresses and includes complete rescheduling procedures. By default, AXIGEN is configured not to allow open relaying. This means that the server does not automatically relay mail that is neither for nor from a local user. By using client management, SMTP Out blocks spammers' attempts to relay large quantities of mail through AXIGEN Mail Server. If AXIGEN fails to send messages to a specific domain because this domain was down for some time, when the domain is up again, the first message that goes successfully to that domain will also queue the rest of the pending messages from the queue and will force delivery of all messages. Relay Policies Configuring Relay Policies allows system administrator to customize SMTP Outgoing actions for all or part of the relayed email comunication. For further information, see the dedicated section in the Mail Server Security chapter.

Connection Thread Control

AXIGEN can run on a large variety of systems and machines, in networks with very different traffic loads, structures, domain configurations, user rights, authorization procedures, etc. Depending on your specific network specifications and conditions, you can adapt the workload to the server's processing power, in order to prevent a system overload (with maxConnThreads) or to improve server performance (with minConnThreads). These two complementary parameters define the lower and

AXIGEN User Manual



51

upper limit for the number of threads that are opened at any given moment by AXIGEN SMTP Outgoing module. With maxConnThreads you can set the maximum number of threads that can be opened at a specific moment of time and prepare for unforeseen peaks in server activity to avoid a system overload. With minConnThreads you can set the minimum number of threads that can be opened at a specific moment of time. This is important because even when there is no activity for AXIGEN Mail Server, a burst of new messages, i.e. a large workload, can arrive at any moment. At that time, the number of threads specified using minConnThreads threads will already have a "waiting" status, thus ready to process the message "burst" in good conditions, without delays. For information on how to configure connection thread control parameters for SMTP-Out using WebAdmin, see Configuring Connection Thread Control Parameters.

Log Control

Just like all the other AXIGEN main services, the SMTP Outgoing module can log different types of events. The system administrator can specify what events are logged, where and how they are logged. The SMTP Outgoing Log Control function can be configured using the following three attributes: logLevel, logType and logHost. See Logging service for more details on logging in AXIGEN. For information on how to configure log control parameters for SMTP-Out using WebAdmin, see Configuring SMTP-Out Log Control Parameters.

3.2.4. POP3

AXIGEN POP3 module establishes connection with POP clients and retrieves mail messages from AXIGEN Storage. AXIGEN POP3 module allows usage of different allow/deny rules via listeners. Different error and thread control, plus log procedures are available.

AXIGEN User Manual



52

The server accepts connections as specified by the POP3 listeners defined in the configuration file. By default the server accepts connections on 127.0.0.1:110. For primary domain and its aliases the POP3 clients may use both the local part from a user mail address or the entire mail address in order to access a mailbox. In AXIGEN, the POP3 module works as follows:

• shows only the messages that existed in the mailbox when the mailbox was opened

• keeps zombie copies for the messages deleted during the current session; the module shows them as messages of a zero size, and the module reports an error when a client application tries to retrieve a deleted message

• messages are retrieved using the RETR command and the message is marked with the "Seen" flag (you can view this flag when using an IMAP or WebMail client).

The POP3 module sends logs according to the log level set in the configuration file. Note: The server only manages mail messages in AXIGEN Storage format. For more information on this format, please consult the AXIGEN Storage section.


In order to protect the server, the system administrator can limit the number of failed/wrong commands that can be received from POP3 clients during one session. This way, incomplete connections or connections that are not RFC compliant are dropped and the corresponding email messages are not accepted, thus freeing important bandwidth.

You can limit the number of authentication errors allowed for one POP client per session by using the maxAuthErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that POP3 client.

You can limit the number of errors allowed for one POP3 client per session by using the maxErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that POP3 client.

Important: If you do not specify a limit for the maximum number of (authentication) errors allowed for a POP3 client's session, security risks may arise.

For information on how to configure connection error control parameters for POP3 using WebAdmin, see Configuring POP3 Connection Error Control Parameters.

AXIGEN User Manual



53


AXIGEN can run on a large variety of systems and machines, in networks with very different traffic loads, structures, domain configurations, user rights, authorization procedures, etc. Depending on your specific network specifications and conditions, you can adapt the workload to the server's processing power, in order to prevent a system overload (with maxConnThreads) or to improve server performance (with minConnThreads). These two complementary parameters define the lower and upper limit for the number of threads that are opened at any given moment by AXIGEN POP3 module. With maxConnThreads you can set the maximum number of threads that can be opened at a specific moment of time and prepare for unforeseen peaks in server activity to avoid a system overload. With minConnThreads you can set the minimum number of threads that can be opened at a specific moment of time. This is important because even when there is no activity for AXIGEN Mail Server, a large number of service requests may arrive at any moment. At that time, the number of threads specified using minConnThreads threads will already have a "waiting" status, thus ready to process service requests in good conditions, without delays. For information on how to configure connection thread control parameters for POP3 using WebAdmin, see Configuring POP3 Connection Thread Control Parameters.

Log Control

Just like all the other AXIGEN main services, the POP3 module can log different types of events. The system administrator can specify what events are logged, where and how they are logged. The POP3 Log Control function can be configured using the following three attributes: logLevel, logType and logHost. See Logging service for more details on logging in AXIGEN. For information on how to configure log control parameters for POP using WebAdmin, see Configuring POP3 Log Control Parameters. Secure (TLS enabled) connections can be established with POP3 clients by using the allowStartTLS parameter. See POP3 Secure Connections for details on how to configure this parameter.

Listener Control

AXIGEN Mail Server can use different Listeners for its POP3 service. The usage of listeners is helpful for defining and applying different apply/deny rules for AXIGEN services you are using. For additional information on listeners and their use in AXIGEN, please see Listeners. For information on adding and editing TCP listeners using WebAdmin, see Adding and Editing TCP Listeners.

AXIGEN User Manual



54

Compatibility with various POP3 Mail Clients

AXIGEN has been thoroughly tested and it is proven to work with Mozilla, Outlook, Outlook Express, ThunderBird, The BAT!, Eudora. For information on how to set up your POP3 account, see the corresponding section of the AXIGEN website.

3.2.5. IMAP

AXIGEN IMAP module establishes connection with IMAP clients and retrieves mail messages from AXIGEN Storage. AXIGEN IMAP module supports secure connections and allows usage of different allow/deny rules via listeners. Different authentication, error control, thread control and log procedures are also available.

The IMAP module now implements a new extension, QUOTA, as described by the RFC 2087 standard. IMAP clients implementing the QUOTA extension can display mail box quota for a specific user account. So far, users were able to find out what their current mailbox quota was (space occupied/total space) only via WebMail.

Authentication

The communication between AXIGEN IMAP module and the clients can be executed via secured or non-secured connections.

AXIGEN IMAP module can be configured to accept plain connections, secure (encrypted) connections or both.

For each connection type, be it plain or secure, you can configure the IMAP module to authenticate incoming clients using: - plain text login (this option should be disabled for plain connections); - an authentication method (plain, login, cram-md5); - or both.

http://www.axigen.com/knowledgebase/

AXIGEN User Manual



55

See Configuring IMAP Encryption and Authentication Parameters for details on configuring these parameters. Public folders

Users may now share email messages by simply copying and/or moving them to a public folder. System administrator can also associate a certain email address with a public folder. Thus, emails can be sent directly to the public folder, archiving options being also available. Internationalized Search

When running an IMAP search for any IMAP client, the search text may contain language-specific characters (i.e. using diacritics).


In order to protect the server, the system administrator can limit the number of failed/wrong commands that can be received from IMAP clients during one session. This way, incomplete connections or connections that are not RFC compliant are dropped and the corresponding email messages are not accepted, thus freeing important bandwidth.

You can limit the number of authentication errors allowed for one IMAP client per session by using the maxAuthErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that IMAP client.

You can limit the number of errors allowed for one IMAP client per session by using the maxErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that IMAP client.

Important: If you do not specify a limit for the maximum number of (authentication) errors allowed for a IMAP client's session, security risks may arise.

For information on how to configure connection error control parameters for IMAP using WebAdmin, see Configuring IMAP Connection Error Control Parameters.


AXIGEN can run on a large variety of systems and machines, in networks with very different traffic loads, structures, domain configurations, user rights, authorization procedures, etc. Depending on your specific network specifications and conditions, you can adapt the workload to the server's processing power, in order to prevent a system overload (with maxConnThreads) or to improve server performance (with minConnThreads). These two complementary parameters define the lower and upper limit for the number of threads that are opened at any given moment by AXIGEN IMAP module. With maxConnThreads you can set the maximum number of threads that can be opened at a specific moment of time and prepare for unforeseen peaks in server activity to avoid a system overload. With minConnThreads you can set the minimum number of threads that can be opened at a specific moment of time. This is important because even when there is no activity for AXIGEN Mail Server, a large number of service requests may arrive at any moment. At that time, the number of threads specified using minConnThreads threads will already have a "waiting" status, thus ready to process service requests in good conditions, without delays.

AXIGEN User Manual



56

For information on how to configure connection thread control parameters for IMAP using WebAdmin, see Configuring IMAP Connection Thread Control Parameters.

Log Control

Just like all the other AXIGEN main services, the IMAP module can log different types of events. The system administrator can specify what events are logged, where and how they are logged.

The IMAP Log Control function can be configured using the following three attributes: logLevel, logType and logHost.

See Logging service for more details on logging in AXIGEN. For information on how to configure log control parameters for IMAP using Webadmin, see Configuring IMAP Log Control Parameters.

Listener Control

AXIGEN Mail Server can use different Listeners for its IMAP service. The usage of listeners is helpful for defining and applying different apply/deny rules for AXIGEN services you are using. For additional information on listeners and their use in AXIGEN, please see Listeners. For information on adding and editing TCP listeners using WebAdmin, see Adding and Editing TCP Listeners. Compatibility with various IMAP Mail Clients AXIGEN has been thoroughly tested and it is proven to work with Mozilla, Outlook, Outlook Express, ThunderBird, The BAT!, Eudora. For information on how to set up your IMAP account, see the corresponding section of the AXIGEN website.

3.2.6. Logging

Log Service Overview

AXIGEN offers an extremely flexible logging service, allowing you to select among different logging levels (how detailed the information logged should be), logging types (internal, external and system services are available) and where to store the information logged. You can set all these options for each AXIGEN TCP service and for the Log Service itself. The Log Service is responsible with collecting events relevant for the System Administrator. You can log (internally, remotely or using the system log) the activity of all services available in AXIGEN. AXIGEN Log Service can log internal data coming from other AXIGEN modules/services or data coming from the UDP port 2000 (default option). This data can be logged in the same location or in different locations for separate services, depending on the configuration applied by the system administrator.

AXIGEN User Manual



57

For AXIGEN Log service, you can also specify the following information:

• on what address the Log listener should be listening (see the Log Listener section for more information);

• what hosts should be rejected by the Log service (using the listener denyRules, a priority and an enable/disable switch);

• what hosts should be accepted by the Log service (using the listener allowRules, a priority and an enable/disable switch).

Log types

AXIGEN modules should define the log type using the "logtype" parameter, which can have any single values from the following three: - "internal", - "remote" or - "system" log. Use the "internal" option to send events to the Log Service running on the same AXIGEN server. The Server should have the Log Service activated. Use the "remote" option to send events to a Log Service running in another AXIGEN server, remotely, at the address specified using the "hostname" attribute. This AXIGEN Server must have the Log service activated. Use the "system" option to send events to the syslog (for instance sysklogd) with facility "LOG_MAIL" and levels mapped as:

• 0 - no message sent • 1 - LOG_CRIT • 2 - LOG_ERR • 4 - LOG_WARNING • 8 - LOG_INFO • 16 - LOG_DEBUG

AXIGEN Log levels

In AXIGEN the events are organized in 6 categories and you can select which category of events to collect. AXIGEN modules must define the "loglevel" parameter. In order to specify the desired sets of events to log you have to specify the correspondent log levels or a combination of thereof. The log levels in AXIGEN Mail Server are:

• 0: no messages are logged • 1: log critical messages • 2: log errors • 4: log warnings • 8: log informative messages • 16: log protocol communication

and the corresponding one-time combinations. Therefore the accepted values for the loglevel parameter are from 0 to 31.

AXIGEN User Manual



58

Example 1 - Combining log levels in AXIGEN Mail Server: If you set loglevel=15 = 1+2+4+8 AXIGEN Mail Server will log the following information: critical errors and errors and warnings and information.

Example 2 Disabling the log service for one AXIGEN service: Remember the log service is configured separately for AXIGEN Mail Server main services (IMAP, POP3, SMTP Incoming), so if you set loglevel = 0 in the IMAP log service section, no data for that specific service will be logged by the Log Server for the AXIGEN IMAP service. However, the Log server will continue logging other AXIGEN Mail Server services according to the settings defined for logging the respective services.

Logging format

The format used for data logging is the following: 'date hostname modulename:sessionId: user_message\n' AXIGEN Log service then transforms this data in a format similar to the one described below: 'date loglevel hostname modulename:sessionId: user_message\n' 05-19 17:08:01 0300 08 johnd-l SMTP:00000005: connection accepted from [127.0.0.1] Example of log service configuration using the axigen.cfg file:

• loglevel = 01-31

• hostname = 'yourcompany.com' (this is the result of the standard 'hostname' command) • modulename = 'SMTP' (other accepted values are: POP3, IMAP, WEBMAIL, RELAY,

PROCESSING) • sessionId (this is an UINT value written in hexa incremented separately for each connection of

a protocol. For the processing module, as there is no relevant protocol, the value is currently 0; future versions will provide however as value the ID of the message in the working queue.

• loglevel is a 5 bits mask for the following values: LOG_none = 0x00, /// critical LOG_crit = 0x01, /// errors LOG_err = 0x02, /// warnings LOG_warn = 0x04, /// information LOG_info = 0x08, /// log protocol communication LOG_proto = 0x10,

Rules

Log Rules are used to define circumstances under which certain restrictions will be imposed on log files and the log level. Rules can be associated with host names, module names or both. For instance, a rule can be defined in order to specify the size, duration and number of old files kept for logs generated on a certain host, for a certain module (e.g. SMTP In). An ordered list is created with all log rules configurations using the 'priority' parameters as ordering key. You can define the Log rules at the AXIGEN main module's level, in the corresponding sections of the configuration file. The Log Service will check if the information sent by the modules is the information that is supposed to receive, according to the Log Service configuration.

AXIGEN User Manual



59

A log rule set includes the following information:

• the rule's priority ("1" means the rule has the highest priority possible) • the hostname of the user of this rule • the module of the user of this rule • the level of log generated by the user of this log • the name of the destination file • the maximum size of the destination file in KB • the maximum duration the destination file is used in seconds • the maximum number of old files (saved) to be kept • the rotate period (how often a new log file is created - daily, monthly, yearly)

Attributes of the Log service

AXIGEN Log service can log internal data coming from other modules/services or data coming from the UDP port 2000 (default value). This data can be logged in the same location or in different locations for separate services, depending on the configuration applied by system administrator. AXIGEN main modules must define the log type to be used by that specific module. The definition is executed via the "logtype" parameter that can have any of the following three values: "internal", remote" or "system" log. The value for the loglevel parameter from the log clients (the services sending information for logging to AXIGEN Log service) specifies for themselves the log levels sent to the Log service. The value for the loglevel parameter from the log service's rule specifies the log levels accepted by the service from clients. Therefore if:

• clientlevel = 15 (the log level specified in the SMTP-In service page in WebAdmin for instance) and

• rulelevel = 9 (the log level specified in the rule defined for the SMTP-In module) the Log service will only log the lines on level 9 (critical information), even if the information retrieved from client also contains errors and warnings (this information is ignored). For information on how to configure log rules using WebAdmin, see Adding and Editing Log Rules.

3.2.7. Reporting

Description of the reporting service

This additional service can help you check server activity, on the global traffic level and by module. From an architectural point of view, the Reporting feature includes three passive elements, one active element and a graphic library:

• passive element 1 (PE1): a dedicated tree in the machine's memory, where all the other services of AXIGEN are writing information about their activity. The storage of the information is the fastest possible, the Reporting module generating in this case a minimum burden on the machine's resources. However, this reporting-specific information will be lost in case of a fatal error (resetting the machine, for instance);

AXIGEN User Manual



60

• passive element 2 (PE2): items (called report buffers) used for temporary data storage used for sample computation;

• passive element 3 (PE3): a group of files where the information pertaining to the Reporting module is written;

• active element (AE, acts as a synchronizer and a dumper): a thread that moves the information from PE1 to PE2 and resets PE1; when the value set for the sampleInterval parameter is reached, a sample is computed from PE2 and dumped to PE3;

• graphic library: a set of functions used by the WebAdmin service to draw the gathered data diagrams.

When the Reporting service is enabled (by adding the "report" object in the "services" parameter from the configuration file), the machine allows for a specific period of time (defined by the syncTime value, in seconds) to be elapsed. Then the Reporting module starts the AE1. When doing that, the launching of the service after another syncTime seconds is scheduled and AE1 is executed. In case of a reconfiguration (assuming the value for syncTime is changed), the scheduling is cancelled and rescheduled after the new syncTime value (in seconds).

The Monitor collects information delivered by a set of probes placed in the all modules responsible with communication: SMTP, IMAP, POP3 and WebMail. There is a set of templates defined by three parameters: name, sampleInterval and rotateCount. Each file from PE3 corresponds to a database defined by a specific template, a sampling function and a reporting parameter. At each syncTime, data is gathered and placed in a report buffer corresponding to a database, until sampleInterval is reached. At that specific moment data from that buffer is transformed into a sample (using the specified sampling function: min, max, total, average), which is in turn written to the database. Data is written to the database until a specific number of values is reached (rotateCount), when rotation occurs (round-robin manner). This round-robin manner of dumping report data guaranties fixed size databases and fixed periods of time for each database (daily, weekly, monthly, yearly etc.). Although data is gathered in the PE1 for all AXIGEN's services, only the data you previously chosen using templates and databases defined in WebAdmin is actually sampled and written to PE3.

Graphics

The last set of objects under the reporting tab are the graphics objects, defined by a databaseName and parameters like type, fillColor, outlineColor, page. These are used by the graphics library to render a set of reporting data, using a specific graphic type, specific colors and page.

Usage

For information on how to modify reporting settings as well as to define your own set of reporting data and graphics, see Reporting tab. For details on graphics view in WebAdmin, see Graphics tab.

AXIGEN User Manual



61

3.2.8. WebMail

AXIGEN WebMail establishes connection with the corresponding mail client via Web browsers, sends mail messages to AXIGEN Storage and retrieves mail messages from it. AXIGEN WebMail works with major web browsers such as Internet Explorer and Mozilla. With this module the users can securely access their mailboxes from Internet browsers, while the system administrators are in complete control of the content, functionality and look of the web pages.

AXIGEN WebMail Features

• Complex customization

You can easily change the skin and behavior of AXIGEN WebMail module. For more information about how you can change the look and feel of your Web interface, please consult the WebMail Tab section.

• Easy to use, secure and user-friendly

Features like tree structure for folders view, common actions applied on folders (rename, delete, move, create), built in HTTP server, etc. make AXIGEN WebMail easy to use, secure and user-friendly.

• Server Side Scripting Language

The WebMail module implements a proprietary server side scripting language (called HSP) and it is used to generate HTML code. You can specify the location where these HSP files are stored using the path parameter, as described in the Path section of this User Manual. For more information about the HSP language structure, please refer to the HSP manual.

http://www.axigen.com/usr/files/hsp_manual_v2.1.pdf

AXIGEN User Manual



62

• Listeners

In the corresponding configuration section you can activate different listeners for AXIGEN WebMail service. Read more about listener control in the Listeners section.

• Personal Address Book

The WebMail Contacts give users the possibility to select recipients from their personal contact list when composing new email messages. New addresses can be added to the existing address book either manually or automatically, when receiving new emails.

• Personal Organizer

The Personal Organizer comprises tools such as calendar, tasks, journal, notes and collaborative support. Through the AXIGEN Outlook Connector, the Personal Organizer is synchronized between the email client Outlook and AXiGEN's WebMail.

• Public Address Book

WebMail users have access to a Public Address Book, containing contacts set at domain level. These contact details are also available when composing an email.

• Automatically set filters and replies

As an improvement to message rules usage, AXIGEN allows this type of rules to be configured via the WebMail interface wizards. The vacation/ out-of-office messages are also based on message rules. When not available, they can define and enable messages to be sent automatically as a response to all received emails.

• Login Domain Selection

To facilitate login procedures for multi-domain environments, AXIGEN 4.0 implements login domain selection. Users can select the domain from a drop-down list and then login with their username and password only.

• Internationalized search and multiple languages support

The Search function has also been enhanced by adding internationalized searches. Having this new feature, language-specific characters can now be used when running a search.

• Public folders

Users may now share email messages by simply copying and/or moving them to a public folder. System administrator can also associate a certain email address with a public folder. Thus, emails can be sent directly to the public folder, archiving options being also available.

• Compose while attach

Using IFrame technology, AXIGEN server's WebMail service allows users to continue the Compose action while attaching files to their messages.

AXIGEN User Manual



63

• URL redirect rules and virtual host support

AXIGEN server's WebMail service allows users to implement URL redirect rules. URL redirect rules can be used for redirecting plain connections established on one listener towards a secure domain:port location. Also, redirects can be used to redirect connections from a specified listener to a virtual host. This way, you can define several domain names for the same IP address and host several domains on one single IP. This is useful, for instance, when you wish to have two different webmail login pages for two different local domains hosted at the same IP.

• HTML mail filtering levels

WebMail implements a HTML Generator internal extension that parses the HTML code from the e-mails and generates a safer (i.e. removes possibly unsafe scripts) and cleaner (i.e. converts to XHTML-like) HTML code.

This provides WebMail account users with the ability to set the HTML filtering level to be applied to all mail in HTML format. For information on different HTML filtering levels available and how to select them, see WebMail Features and Configuration.

• Connection Thread Control

AXIGEN can run on a large variety of systems and machines, in networks with very different traffic loads, structures, domain configurations, user rights, authorization procedures, etc. Depending on your specific network specifications and conditions, you can adapt the workload to the server's processing power, in order to prevent a system overload (with maxConnThreads) or to improve server performance (with minConnThreads). These two complementary parameters define the lower and upper limit for the number of threads that are opened at any given moment by AXIGEN WebMail module. With maxConnThreads you can set the maximum number of threads that can be opened at a specific moment of time and prepare for unforeseen peaks in server activity to avoid a system overload. With minConnThreads you can set the minimum number of threads that can be opened at a specific moment of time. This is important because even when there is no activity for AXIGEN Mail Server, a large number of service requests may arrive at any moment. At that time, the number of threads specified using minConnThreads threads will already have a "waiting" status, thus ready to process service requests in good conditions, without delays. For information on how to configure connection thread control parameters for WebMail using WebAdmin, see WebMail Connection Thread Control.

• Log Control

Just like all the other AXIGEN main services, the WebMail module can log different types of events. The system administrator can specify what events are logged, where and how they are logged. The WebMail Log Control function can be configured using the following three attributes: logLevel, logType and logHost. See Logging service for more details on logging in AXIGEN. For information on how to configure log control parameters for WebMail using WebAdmin, see Configuring WebMail Log Control Parameters.

AXIGEN User Manual



64

• Webmail Connection and Session Control

In WebMail, you can either allow or disallow persistent connections to WebMail and impose time limits on sessions, either active or idle. By doing this, you can better manage security and resource related issues. For information on how to configure connection and session control parameters for WebMail, see WebMail Connection and Session Control.

• HTTP Limits for Webmail

WebMail allows you to set HTTP limits for any request made to the Webmail service. This prevents you from automatically accepting excessive amounts of data (HTTP headers, HTTP body and upload data).

For information on how to configure HTTP limits for Webmail, see HTTP Limits for WebMail.

3.2.9. Storage

AXIGEN Storage is a specific file structure with index based access allowing fast mail delivery, retrieve and query. AXIGEN Mail Storage checks the consistency of the messages placed in the storage and empties the queue only if the mail message is correctly stored. All domain and user configuration along with user messages are stored in AXIGEN specific storage. Each AXIGEN storage is defined by three elements:

• storage directory: the directory where all storage file will be created • max file size: maximum size of a data file (Storage Container). The default value is 256 MB. • max files: maximum number of files. The default value is 128 files.

Therefore the maximum capacity of each storage is maxFileSize * maxFiles.

At this time, the default values for the maxFileSize and maxFiles parameters cannot be altered. Thus, the default maximum capacity of each storage is 32 GB. Inside storage directory, a list of files, named with 2 hexa digits followed by the .hsf extension -- e.g. 2A.hsf -- are created. There is also a file named hsf.dat which contains an unique id of the storage and the relation with other storages of the same domain. This information is usefull in case some of the storage directories are moved to other locations. Another feature of AXIGEN storage is that it supports transactions, so that some critical operations of domain configuration changes are made safely.

AXIGEN User Manual



65

Filling the Containers

When a Storage Container approches its maximum size, (defined by the maxFileSize parameter), another Storage Container will be created and the new messages will be stored herein. If the number of Storage Containers reaches the maximum value (defined by the maxFiles parameter) and all of them have reached the maximum size, the storage is considered full and no more messages will be inserted. The data in the Storage Containers is written in blocks of 4KB, theferore usually the files size is a multiple of 4KB. These memory blocks are called nodes. Smaller blocks of memory are also available, for message parts smaller than 4KB. These smaller blocks are called formatted nodes. Each storage file can contain a maximum of 16 millions messages, and the maximum theoretical file size is 64GB (some limitations might apply, depending on your system configuration; currently axigen limits this maximum size to 2GB). There can be maximum 128 files in one storage, and one domain can have over 4 billion message storages defined. The actual maximum capacity in terms of total message count and size depends on the specific messages in the storage. For more details, see Domains section. For each domain, at least three storages are used:

• one storage for domain configuration, where all domain specific configuration, the public folder and the list of domain objects (users, maillist, forwarders, etc) are stored;

• one storage for domain objects configuration, where all domain objects configurations and folders are stored;

• one or more storages for messages, where all mails and other data associated with mails are stored; it is recommended to define each message storage on a different physical disk, since Axigen will use these storages in parallel.

Space saving filling procedure The storage files with more free space have a priority when it comes to selecting the files in which a new message is added. The usage of the free space is also enhanced by message deletion. Each message in a storage file is identified by a pointerID (type UINT). The information related to these pointers-to-messages is stored in the same storage file.

AXIGEN User Manual



66

3.2.10. FTP Backup Service

AXIGEN Mail Server provides a FTP backup/restore service meant to enable regular backup operations for your entire domain and user configuration. This service is based on FTP (File Transfer Protocol, standard RFC 959). AXIGEN FTPBackup service allows using any FTP client (including standard Web browsers) in order to connect to the backup machine using the admin user name and password. You can replicate the entire domain and user (accounts, lists forwarders, folder recipients) folder structure on the backup machine. The FTP service generates a virtual structure, from which you can retrieve files whenever you need them. The directory structure created by the FTP service is similar to the one given below. / domains -> domains root director |-example.org -> domain name directory |-domainRegistry.bin -> domain config file (binary) |-domainCoreConfig.cfg -> domain config file (text) |-users -> users root directory |-postmaster -> user directory |-Registry.bin -> user config file (binary) |-CoreConfig.cfg -> user config file (text) |-folders -> user folders root directory |-INBOX -> user folder |-... -> other user folders |-maillists -> maillists root directory |-... -> same folder structure as for `users |-forwarders -> forwarders root directory |-... -> same folder structure as for `users' |-publicFolder -> domain public folder root


In order to protect the server, the system administrator can limit the number of failed/wrong commands that can be received from FTP clients during one session. This way, incomplete connections or connections that are not RFC compliant are dropped and the corresponding messages are not accepted, thus freeing important bandwidth.

You can limit the number of authentication errors allowed for one POP client per session by using the maxAuthErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that FTP client.

You can limit the number of errors allowed for one FTP client per session by using the maxErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that FTP client.

Important: If you do not specify a limit for the maximum number of (authentication) errors allowed for a FTP client's session, security risks may arise.

For information on how to configure connection error control parameters for FTP Backup using WebAdmin, see Configuring FTP Connection Error Control Parameters.

AXIGEN User Manual



67


Depending on your specific network specifications and conditions, you can adapt the workload to the server's processing power, in order to prevent a system overload (with maxConnThreads) or to improve server performance (with minConnThreads). These two complementary parameters define the lower and upper limit for the number of threads that are opened at any given moment by AXIGEN FTP Backup module. With maxConnThreads you can set the maximum number of threads that can be opened at a specific moment of time and prepare for unforeseen peaks in server activity to avoid a system overload. With minConnThreads you can set the minimum number of threads that can be opened at a specific moment of time. This is important because even when there is no activity for AXIGEN Mail Server, a large number of service requests may arrive at any moment. At that time, the number of threads specified using minConnThreads threads will already have a "waiting" status, thus ready to process service requests in good conditions, without delays. For information on how to configure connection thread control parameters for FTP Backup using WebAdmin, see Configuring FTP Backup Connection Thread Control Parameters.

Log Control

Just like all the other AXIGEN main services, the FTP Backup service module can log different types of events. The system administrator can specify what events are logged, where and how they are logged. The FTP Backup Log Control function can be configured using the following three attributes: logLevel, logType and logHost. See Logging service for more details on logging in AXIGEN. For information on how to configure log control parameters for POP using WebAdmin, see Configuring FTP Backup Log Control Parameters.

Listener Control

AXIGEN Mail Server can use different Listeners for its FTP Backup service. The usage of listeners is helpful for defining and applying different apply/deny rules for AXIGEN services you are using. For additional information on listeners and their use in AXIGEN, please see Listeners. For information on adding and editing TCP listeners using WebAdmin, see Adding and Editing TCP Listeners.

3.2.11. RPOP Service

The AXIGEN RPOP module establishes remote POP connections to already existing email accounts and retrieve all incoming traffic. Thus, all incoming emails will be displayed in the AXIGEN account. Each user of an AXIGEN account can configure and add RPOP connections when connected to WebMail. In order to establish such a connection, the user must specify the hostname and port for the existing email account and the username and password required to login. Users can choose the folder to which the retrieved emails will be directed, the time interval between subsequent retrievals and if the email are deleted from the remote account or not after being transferred. Encryption options are also available.

AXIGEN User Manual



68

For more details about adding and configuring RPOP connections, see Configuring WebMail RPOP Connections. Connection thread control and log control procedures are available for the AXIGEN RPOP module, as further described below.


AXIGEN can run on a large variety of systems and machines, in networks with very different traffic loads, structures, domain configurations, user rights, authorization procedures, etc. Depending on your specific network specifications and conditions, you can adapt the workload to the server's processing power, in order to prevent a system overload (with maxConnThreads) or to improve server performance (with minConnThreads). These two complementary parameters define the lower and upper limit for the number of threads that are opened at any given moment by the AXIGEN RPOP module. With maxConnThreads you can set the maximum number of threads that can be opened at a specific moment of time and prepare for unforeseen peaks in server activity to avoid a system overload. With minConnThreads you can set the minimum number of threads that can be opened at a specific moment of time. This is important because even when there is no activity for AXIGEN Mail Server, a large number of service requests may arrive at any moment. At that time, the number of threads specified using minConnThreads threads will already have a "waiting" status, thus ready to process service requests in good conditions, without delays. For information on how to configure connection thread control parameters for RPOP using WebAdmin, see RPOP tab.

Log Control

Just like all the other AXIGEN main services, the RPOP module can log different types of events. The system administrator can specify what events are logged, where and how they are logged. The RPOP Log Control function can be configured using the following three attributes: logLevel, logType and logHost. See Logging service for more details on logging in AXIGEN. For information on how to configure log control parameters for RPOP using WebAdmin, see RPOP Tab.

AXIGEN User Manual



69

3.3. Connectivity and Threading

All AXIGEN modules implement a set of connectivity and threading functionalities and features that make it faster and easier to manage.

3.3.1. Listeners

AXIGEN Mail Server can use different Listeners for its TCP services (SMTP Incoming, POP3, IMAP, WebMail, WebAdmin, CLI and FTP Backup) and for its Log service (its single UDP service). Listeners are network points of entry, associated with an interface address and port number that grant access to a specific TCP or UDP service. Listeners add extra flexibility and configurability to each AXIGEN service, as they can be used to grant differentiated access to the same services for different categories of users (e.g users within a specific domain). Moreover, listeners can be associated with a variety of rules that allow defining specific limitations for connections coming from IPs within specified IP sets. The Listeners for each TCP service (SMTP Incoming, POP3, IMAP, Webmail, CLI and WebAdmin) are defined in the section from the configuration file corresponding to that TCP service as of type "TcpListener" OBJECT-SET, using various parameters. The same definition parameters are available through WebAdmin, the web configuration interface. UDP service listeners (Log service listeners) have fewer parameters associated, as connection related parameters do not apply to them. The following attributes are available for each listener:

• address - the "point of entry" address and port number • enable - specifies whether the listener is enabled or not (this way you won't have to delete the

listener from the configuration file when you want to discontinue its use) • maxConnections, maxIntervalConnections, timeInterval - parameters specifying limitations for

network connections accepted for this listener • peerMaxConnections, peerMaxIntervalConnections, peerTimeInterval - parameters specifying

limitations for network connections from the same IP address accepted for this listener TCP listeners can also be set to support SSL connections. Further SSL parameters are available for TCP listeners in AXIGEN:

• allowedVersions • certFile • dhParamFile • h maxChainDept• cipherSuite • useEphemeralKey • requestClientAuth

Below you can find a scheme for a quick understanding of the Log listeners: (here ':' can be translated by 'of type'): TCP e s rvice:

• 'listeners' : 'TcpListener' OBJECT-SET T-SET • 'allowRules' : 'TcpAllowRule' OBJEC

• 'denyRules' : 'IpRule' OBJECT-SET

AXIGEN User Manual



70

UDP service: • 'listeners' : 'IpListener' OBJECT-SET

For more information about the usage of these parameters in WebAdmin and specific details on their values and how to set them, see Adding and Editing TCP Listeners and Adding and Editing UDP Listeners. You can also configure listeners using the CLI tool, see Configuring AXIGEN using CLI.

3.3.2. Rules

Different rules can be associated with listeners, meant to sort connections based on various parameters, and to reject (deny rules) or accept (allow rules) them accordingly. Using deny and allow rules, you can automatically accept/deny connections from specific IP addresses.

Allow/Deny Rules

Allow/Deny rules enable you to specify the rules for accepting/rejecting connections when these connections follow the limitations imposed by the listener. Allow/Deny Rules are defined using the following general attributes:

• 'ipSet' specifies a set of IP addresses for which the reject/allow rule is applied, • 'enable' specifies if the rule is enabled or not • 'priority' specifies a priority when applying the rule.

You can then impose further connection limitations using the parameters described below: • maxConnections, maxIntervalConnections, timeInterval - these parameters impose limitations

on the number of connections initiated by any address within the rule IP set • peerMaxConnections, peerMaxIntervalConnections, peerTimeInterval - these parameters

impose limitations on the number of connections initiated by the same address within the rule IP set

Rule Enforcement Policy

The policy for applying accept and deny rules for connections to listeners is described below:

1. The IP address from which the connection has been initiated is exposed. 2. AXIGEN verifies if this IP address is part of a set of IP addresses associated to one or more

deny rules; if yes, the deny rule with the highest priority (meaning LOWEST value for the priority attribute) is applied.

3. AXIGEN verifies if this IP address is part of a set of IP addresses associated to one or more accept rules; if yes, the accept rule with the highest priority (meaning LOWEST value for priority attribute) is applied.

4. If the IP address from which the connection has been initiated is associated only with a deny rule, the connection is denied (closed)

5. If the IP address from which the connection has been initiated is associated with both a deny AND an allow rule, the rule with the highest priority is applied. If the rule with the highest priority is a deny rule, the connection is denied (closed). If the rule with the highest priority is an allow rule, the limitations (if any) for the specified connections from the allow rule are applied. If the allow rule and the deny rule have the same priority, the connection is accepted.

AXIGEN User Manual



71

6. If the IP address from which the connection has been initiated is associated only with an accept rule, the verifications defined for connections in the accept rule are applied, and if fulfilled, the connection is accepted.

After applying the limitations imposed by the rules, the global limitations defined at listener level are applied. Only then the connection is accepted (and the respective service protocol is applied on the accepted connection). If no allow rule is defined for the IP address from which the connection has been initiated, then the connection is considered as fulfilling the rules and the verifications defined globally (if any) for the current listener are applied. For details on how to configure rules using WebAdmin, see Adding and Editing TCP Rules. You can also configure Rules using CLI (see Configuring AXIGEN using CLI).

3.3.3. Threads

AXIGEN has a multi-threaded engine which allows for separate module thread allocation. Combined with Linux OS multi processor capabilities, the multi-threaded engine can break server activity into multiple parallel processing threads. By allocating a number of threads to certain modules, (SMTP incoming / SMTP outgoing / Web Mail / IMAP, etc.) resource (memory/CPU) distribution is adapted to usage scenario (main mail server / backup server / gateway mail server) and hardware resources. Thread allocation is performed using the connection thread control parameters available for most AXIGEN modules. Depending on your specific network specifications and conditions, you can adapt the workload to the server's processing power, in order to prevent a system overload (with maxConnThreads) or to improve server performance (with minConnThreads). These two complementary parameters define the lower and upper limit for the number of threads that are opened at any given moment by a AXIGEN module. For information on how to set connection thread control using WebAdmin, see: Configuring SMTP-In Connection Thread Control Parameters Configuring SMTP-Out Connection Thread Control Parameters Configuring POP3 Connection Thread Control Parameters Configuring IMAP Connection Thread Control Parameters Configuring WebMail Connection Thread Control Parameters Configuring WebAdmin Connection Thread Control Parameters Configuring CLI Connection Thread Control Parameters These parameters are also accessible for configuration, in each service section from axigen.cfg (see Configuring AXIGEN using the Configuration File). You can also configure connection thread parameters in each service context from CLI, see Configuring AXIGEN using CLI.

AXIGEN User Manual



72

3.4. Clustering Support

Having the system administrators' needs in mind, AXIGEN provides Clustering Support starting with version 3.0. Clustering support is based on OpenLDAP integration with AXIGEN and allows routing for the SMTP Incoming, POP3 Proxy and IMAP proxy services. This new feature enables system administrators to spread mailboxes on several AXIGEN servers and have a separate machine that routes POP3/IMAP connections to the appropriate mailbox server. Another important feature of the OpenLDAP integration with the AXIGEN Mail Server is the LDAP Authentication mechanism. This new method is available for all the AXIGEN services that require authentication: SMTP In, POP3, IMAP, WebMail, POP3 Proxy and IMAP Proxy.

3.4.1. LDAP Routing

The AXIGEN Mail Server provides routing options at SMTP In, POP3 Proxy and IMAP Proxy level through its integration with OpenLDAP. LDAP stands for Lightweight Directory Access Protocol. It is a model for Directory Services that provides a data/namespace model for both the directory and a specific protocol. A directory is a specialized database with a hierarchical structure designed for frequent queries but infrequent updates. Unlike general databases they don't contain transaction support or roll-back functionality. Directories are easily replicated to increase availability and reliability. In order to be configured for use within AXIGEN, OpenLDAP has to already be set up. OpenLDAP installations may very, depending on your preferred operating system. Integrating OpenLDAP with AXIGEN is a two-step process, as described below:

1. Configuring OpenLDAP for AXIGEN

Note: In this document the localdomain.test address is used as an example. Please remember to edit it accordingly.

• please run the following command and then place the following text:

# ldapadd -D "cn=admin,dc=localdomain,dc=test" -W dn: dc=localdomain,dc=test objectClass: dcObject objectClass: organization dc: localdomain o: test

• In order to add users to the LDAP directory, add the following into a file. You may add as many users as you want in this file:

dn: cn=user1,dc=localdomain,dc=test objectClass: inetOrgPerson objectClass: inetLocalMailRecipient cn: user1 sn: user1 mail: user1@localdomain userPassword: user1 mailHost: 127.0.0.1

AXIGEN User Manual



73

• Then run the following command:

# ldapadd -D "cn=admin,dc=localdomain,dc=test" -W -f file.txt

• You will be asked for the password you set up in the /etc/openldap/slapd.conf file (in our example, 'secret').mm

• You can test if the user was added using the following command (the second version of the command includes authentication:

# ldapsearch -b "dc=localdomain, dc=test" # ldapsearch -b "dc=localdomain, dc=test" -D "cn=admin,dc=localdomain,dc=test" -W

• In order to delete an entry, use the command:

# ldapdelete -D "cn=admin,dc=localdomain,dc=test" -W # cn=user7,dc=localdomain,dc=test

• To edit an LDAP entry, just use:

# ldapmodify -D "cn=admin,dc=localdomain,dc=test" -W # dn: cn=user5,dc=localdomain,dc=test # changetype:modify # mailHost:10.10.247.5 #

Note that you must press another <Enter> after the modified field.

2. Configuring LDAP Connectors in AXIGEN

Login to WebAdmin using your preferred browser, press the 'UserDb' tab and go to the 'LDAP Connectors' section. Press 'Add new ldapconn' and fill in the fields:

• name - the name of this connector • hosturl - the ldap host (e.g. 'ldap://localhost:389') • bindDN - the DN of the admin account (e.g. 'cn=admin,dc=localdomain,dc=test') • bindPass - the password set in your /etc/openldap/slapd.conf file (e.g. 'secret') • searchBase - the search base (e.g. 'dc=localdomain,dc=test', but using '%s' is recommended,

as it is the expanded domain name, • for use in the 'dc' style LDAP base.) • searchPattern - the search pattern (e.g. 'mail=%e') • passwordField - the name of the field containing the password, defined in your user file

created above (e.g. 'userPassword') • axigenHostField - the name of the field containing the mail host, defined in your user file

created above (e.g. 'mailHost') • useFirst - should the first returned field be used if more are found ('yes' or 'no')

For more details on setting the above parameters in WebAdmin, see LDAP Connectors.

AXIGEN User Manual



74

3.4.1.1. Configuring Mapping Parameters

In order to sucessfully route connection on either of the supported protocols, SMTP, POP or IMAP, system administrators need to set mapping parameters. These parameters are first set at server level, and then for each of the services handling routing actions. The easiest and most intuitive way of setting mapping parameters is through WebAdmin, AXIGEN's web-based administration interface.

Configuring the User Maps List The firs configuration stage refers to adding and configuring a list of User Maps at server level. In order to do so, system administrators should access the Server > User Maps page and hit the "Add new usermap button".

For each new user map, the following parameters are available: name, type, localFile, userddbConnectorType and userdbConnectorName. For details on how to set these parameters, see User Maps.

Configuring Mapping Data Parameters Mapping data parameters are available in separate pages for the SMTP In, POP3 Proxy and IMAP Proxy services.

AXIGEN User Manual



75

The Mapping Data page allows system administrators to select one of the user maps defined at server level for each of the above mentioned services. Alternatively, if the userMap parameter is set to none, meaning that no such maps are to be used, they can specify a mapping host and port for a preferred AXIGEN machine. For more details on how to configure mapping parameters, see:

• SMTP In - Configuring Mapping Data • Configuring POP3 Proxy Mapping Data • Configuring IMAP Proxy Mapping Data

3.4.1.2. POP3 Proxy Service

The AXIGEN POP3 Proxy module allow routing connection with POP clients. AXIGEN POP3 module allows usage of different allow/deny rules via listeners. Different error and thread control, plus log procedures are available. The server accepts connections as specified by the POP3 Proxy listeners defined in the configuration file. By default the server accepts connections on 127.0.0.1:110. Connection Error Control In order to protect the server, the system administrator can limit the number of failed/wrong commands that can be received from POP3 clients during one session. This way, incomplete connections or connections that are not RFC compliant are dropped and the corresponding email messages are not accepted, thus freeing important bandwidth.

You can limit the number of authentication errors allowed for one POP client per session by using the maxAuthErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that

POP3 client.

You can limit the number of errors allowed per session by using the maxErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that POP3 client.

Important: If you do not specify a limit for the maximum number of (authentication) errors allowed for a POP3 client's session, security risks may arise.

For information on how to configure connection error control parameters for POP3 using WebAdmin, see Configuring General POP3 Proxy Parameters.

Connection Thread Control AXIGEN can run on a large variety of systems and machines, in networks with very different traffic loads, structures, domain configurations, user rights, authorization procedures, etc. Depending on your specific network specifications and conditions, you can adapt the workload to the server's processing power, in order to prevent a system overload (with maxConnThreads) or to improve server performance (with minConnThreads). These two complementary parameters define the lower and upper limit for the number of threads that are opened at any given moment by AXIGEN POP3 Proxy module. With maxConnThreads you can set the maximum number of threads that can be opened at a specific moment of time and prepare for unforeseen peaks in server activity to avoid a system overload.

AXIGEN User Manual



76

With minConnThreads you can set the minimum number of threads that can be opened at a specific moment of time. This is important because even when there is no activity for AXIGEN Mail Server, a large number of service requests may arrive at any moment. At that time, the number of threads specified using minConnThreads threads will already have a "waiting" status, thus ready to process service requests in good conditions, without delays. For information on how to configure connection thread control parameters for POP3 Proxy using WebAdmin, see Configuring General POP3 Proxy Parameters. Log Control Just like all the other AXIGEN main services, the POP3 Proxy module can log different types of events. The system administrator can specify what events are logged, where and how they are logged. The POP3 Proxy Log Control function can be configured using the following three attributes: logLevel, logType and logHost. See Logging service for more details on logging in AXIGEN. For information on how to configure log control parameters for POP using WebAdmin, see Configuring General POP3 Proxy Parameters. Secure (TLS enabled) connections can be established with POP3 clients by using the allowStartTLS parameter. See Configuring General POP3 Proxy Parameters for details on how to configure this parameter.

Listener Control

AXIGEN Mail Server can use different Listeners for its POP3 Proxy service. The usage of listeners is helpful for defining and applying different apply/deny rules for AXIGEN services you are using. For additional information on listeners and their use in AXIGEN, please see Listeners. For information on adding and editing TCP listeners using WebAdmin, see Adding and Editing TCP Listeners.

3.4.1.3. IMAP Proxy Service

The AXIGEN IMAP Proxy module allows the server to route connection with IMAP clients according to their defined routing parameters. The AXIGEN IMAP Proxy module supports secure connections and allows usage of different allow/deny rules via listeners. Different authentication, error control, thread control and log procedures are also available.


In order to protect the server, the system administrator can limit the number of failed/wrong commands that can be received from IMAP clients during one session. This way, incomplete connections or connections that are not RFC compliant are dropped and the corresponding email messages are not accepted, thus freeing important bandwidth.

You can limit the number of authentication errors allowed for one IMAP client per session by using the maxAuthErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that IMAP client.

AXIGEN User Manual



77

You can limit the number of errors allowed for one IMAP client per session by using the maxErrors parameter. If this limit is exceeded, AXIGEN server drops the connection with that IMAP client. Important: If you do not specify a limit for the maximum number of (authentication) errors allowed for a IMAP client's session, security risks may arise.

For information on how to configure connection error control parameters for IMAP Proxy using WebAdmin, see Configuring General IMAP Proxy Parameters.


AXIGEN can run on a large variety of systems and machines, in networks with very different traffic loads, structures, domain configurations, user rights, authorization procedures, etc. Depending on your specific network specifications and conditions, you can adapt the workload to the server's processing power, in order to prevent a system overload (with maxConnThreads) or to improve server performance (with minConnThreads). These two complementary parameters define the lower and upper limit for the number of threads that are opened at any given moment by AXIGEN IMAP module. With maxConnThreads you can set the maximum number of threads that can be opened at a specific moment of time and prepare for unforeseen peaks in server activity to avoid a system overload. With minConnThreads you can set the minimum number of threads that can be opened at a specific moment of time. This is important because even when there is no activity for AXIGEN Mail Server, a large number of service requests may arrive at any moment. At that time, the number of threads specified using minConnThreads threads will already have a "waiting" status, thus ready to process service requests in good conditions, without delays. For information on how to configure connection thread control parameters for IMAP Proxy using WebAdmin, see Configuring General IMAP Proxy Parameters.

Log Control

Just like all the other AXIGEN main services, the IMAP Proxy module can log different types of events. The system administrator can specify what events are logged, where and how they are logged.

The IMAP Log Control function can be configured using the following three attributes: logLevel, logType and logHost.

See Logging service for more details on logging in AXIGEN. For information on how to configure log control parameters for IMAP Proxy using Webadmin, see Configuring General IMAP Proxy Parameters.

Listener Control

AXIGEN Mail Server can use different Listeners for its IMAP Proxy service. The usage of listeners is helpful for defining and applying different apply/deny rules for AXIGEN services you are using. For additional information on listeners and their use in AXIGEN, please see Listeners. For information on adding and editing TCP listeners using WebAdmin, see Adding and Editing TCP Listeners.

AXIGEN User Manual



78

Secure (TLS enabled) connections can be established with IMAP clients by using the allowStartTLS parameter. See Configuring General IMAP Proxy Parameters for details on how to configure this parameter.

3.4.2. LDAP Authentication

Aiming to provide its users with a relatively simple way of adding new user database sources, starting with version 3.0, AXIGEN implements LDAP authentication methods. The new authentication engine adds two new authentication methods for both plain and secure connections, namely DIGEST-MD5 and GSSAPI. For more details on the new methods, see Authentication and Encryption. In order to enable LDAP authentication, system administrators need to first add and define a list LDAP Connectors. The connectors can be configured via WebAdmin, on the UserDb tab. For details on how to add new LDAP Connectors, please see the corresponding section. A new section of corresponding to the UserDb tab has been added to the configuration file. Below you will find an example of how this section should be configured: userDb = { logType = internal logLevel = 15 logHost = 127.0.0.1:2000 maxThreads = 5 ldapConnectors = ( { name = "ldap1" hosturl = "ldap://gecad01:389" bindDN = "CN=Valentin Palade,OU=USERS,OU=Technologies, OU=Companies,OU=Gecad,DC=gecadco,DC=local" bindPass = "qwe123" searchBase = "OU=USERS,OU=Technologies,OU=Companies,OU=Gecad, DC=gecadco,DC=local" searchPattern = "(sAMAccountName=%u)" passwordField = "givenName" axigenHostField = "" useFirst = yes } ) }

Two new parameters are also added for all services needing authentication: userDbConnectorType (with three available values: ldap | ldapbind | local) and userDbConnectorName. The services requiring authentication are SMTP In, POP3, IMAP, WebMail, POP3 Proxy and IMAP Proxy. For each of these services, the user database parameters can easily be configured using WebAdmin. The above described parameters are available on the General page of the tab corresponding to each service. For detailed instructions on configuring these parameters using WebAdmin, see SMTP In - Setting Further General Parameters, Configuring POP3 UserDb Connector Parameters, Configuring IMAP UserDb Connector Parameters, WebMail UserDb Connector Parameters, Configuring General POP3 Proxy Parameters, Configuring General IMAP Proxy Parameters.

AXIGEN User Manual



79

4. Mail Server Security AXIGEN Mail Server comes with a full security feature set, guaranteeing secure reception, transit and

delivery of email and protection for your confidential data.

Authentication

AXIGEN server supports authentication, meaning it can be instructed to accept only connections/messages from authenticated entities. CRAM-MD5, LOGIN, PLAIN, DIGEST-MD5 and GSSAPI methods (in this order) are available for client authentication, reducing the risk of unauthorized connections.

Encryption

(SSL/TLS) All AXIGEN communication protocols can benefit from SSL/TLS technology which allows sending encrypted messages across networks and preventing plain text messages to be intercepted on the way from sender to recipient. This encryption method guarantees secure data transmission over networks.

uilt In Firewall (application level)

topping spammers and preventing DOS attacks is one of the most

maximum simultaneous connections during a time interval

ost (that

urthermore, Administrators may define IP sets that have specific sets of e

Anti-spoofing (SPF and DomainKeys Compliant)

SPF authentication is used by the SMTP Incoming module in AXIGEN to

B

Simportant tasks of a mail server and the sooner the problem is identified in the mail stream , the better. This is why Axigen has a built in Firewall at the application (TCP listener) level that allows Administrator to control connectivity parameters, like the following listener rules: - - maximum connections to be accepted - maximum simultaneous connections accepted from a single hmay be an attacker). Fsuch rules, applied with different priorities or IP sets whose connections ardenied. For more details see Listener Rules.

determine whether the mail message comes from an authorized source. DomainKeys is an e-mail authentication system designed to verify both the DNS domain of an email sender and the message integrity. This additional authentication method significantly reduces spoofing attempts, that is, unauthorized attempts to gain server access, or assuming a fake identity when sending an email.

AXIGEN User Manual



80

M

T

essage Acceptance Policies

he system administrator can configure and implement message acceptance policies and adjust them to best suit their security requirements. Incoming connections established via SMTP and the message

the established policies.

ntivirus/antispam applications, either commercial, or open source.

flow can be easily managed using

Antivirus / Antispam

The AXIGEN Mail Server can easily integrate with a large number of a

Available Antivirus applications: ClamAv, KAV(Kaspersky) for Mail Servers, BitDefender, Sophos, F-Prot, DrWeb, Symantec, F-Secure, Avast, eTrust, Norman, Panda, McAfee. Available Antispam applications: SpamAssasin, AVG, Kaspersky Anti-Spam, Avira MailGate, BitDefender Mail Protection for Enterprises, Symantec Brightmail AntiSpam. Routing Policies

T On one hand, the

he Processing policies correspond to the SMTP Processing and SMTP Outgoing modules.

y enable administrators to define the NDR (Non-Delivery Receipt) text and the conditions when such a message is returned. On the other hand, they allow system administrator to

mail messages based on pieces of information contained by the message headers.

customize SMTP Outgoing actions for all or part of the relayed email communication.

Message rules

Message rules instruct the AXIGEN Mail Server to take certain actions on processed e

AXIGEN User Manual



81

4.1. Authentication and Encryption

AXIGEN Mail Server provides a variety of security options related to authentication and encryption for all connections established by/with the mail server.

Secure/Plain Connections and Authentication Methods AXIGEN supports TLS enabled connections. TLS-enabled connections are connections that support the Transport Layer Security, a standard providing encryption and authentication service that can be negotiated during the startup phase of many Internet protocols, including SMTP, POP3 and IMAP, and used for general communication authentication and encryption over TCP/IP networks. All AXIGEN mail services (SMTP, IMAP, POP3) provide an AllowStartTLS parameter that you can enable and have the server advertise TLS capability. Authentication methods are available both for TLS-enabled connections and plain connections (non TLS-enabled). The methods supported by AXIGEN are: PLAIN, LOGIN, CRAM-MD5, DIGEST-MD5 and GSSAPI. The PLAIN mechanism consists of a single message from the client to the server, in which the client sends the authorization identity (identity to login as), the authentication identity (identity whose password will be used) and the clear-text password. If left empty, the authorization identity is the same as the authentication identity. The PLAIN authentication mechanism is not recommended for use over an unencrypted network connection. The LOGIN mechanism is a non-standard mechanism, and is similar to the PLAIN mechanism except that this mechanism lacks the support for authorization identities. The CRAM-MD5 is a challenge-response mechanism that transfers hashed passwords instead of clear text passwords. For insecure channels (e.g., when TLS is not used), it is safer than PLAIN. The DIGEST-MD5 is the required authentication mechanism for LDAP v3 servers . The Digest-MD5 is based on the HTTP Digest Authentication. In Digest-MD5, the LDAP server sends data that includes various authentication options that it is willing to support plus a special token to the LDAP client. The client responds by sending an encrypted response that indicates the authentication options that it has selected. The response is encrypted in such a way that proves that the client knows its password. The LDAP server then decrypts and verifies the client's response. GSSAPI is the Generic Security Services Application Programing Interface. Its primary use today is with Kerberos authentication. Kerberos is the primary authentication mechanism in Windows Active Directory.

For information on configuring TLS and authentication methods related parameters, see: Configuring IMAP Authentication and Encryption Parameters and Secure POP3 Connections.

Also, for all AXIGEN services, authentication error control parameters are available. That is, if on attempting to connect, clients fail to authenticate correctly a number of times, the connection is dropped.

For information on these parameters, see the Connection Error Control sections for each module in Configuring AXIGEN using Webadmin.

AXIGEN User Manual



82

SSL parameters

AXIGEN supports SSL-enabled connections, providing advanced SSL parameters for TCP Listener configuration available for all its TCP Services (SMTP, IMAP, POP3, Webmail, CLI and Webadmin). See SSL Parameters for Listeners for information on these parameters and how to configure them using WebAdmin. The path to the SSL certificate file used can be specified at server level, for all SSL enabled connections. See Server Global Settings for information on how to configure SSL parameters at server level using WebAdmin. For WebMail and WebAdmin, you can configure SSL redirect rules, enabling you to redirect plain connections to these modules on secure sockets. For information on how to configure SSL redirect rules using WebAdmin, see: URL Redirect Rules for WebMail and URL Redirect Rules for WebAdmin Using Listeners and SSL redirect rules, you can effectively create and manage differentiated security policies for certain clients.

4.1.1. Kerberos Authentication within Active Directory

Kerberos is the primary authentication mechanism in Windows Active Directory. Within the AXIGEN Mail Server, it is used as an authentication method through GSSAPI (Generic Security Services Application Programing Interface). In order to enable Kerberos authentication for your installed AXIGEN Mail Server, please follow the steps described below. 1. Create an account named "axigen_SERVICE" in Active Directory corresponding to each service you want to authenticate on from AXIGEN. Three accounts will be used for all AXIGEN supported services: axigen_smtp, axigen_imap, and axigen_pop. 2. Export the keys using the KTPASS utility:

1. Generate a key for the SMTP service: ktpass -princ smtp/axigen.hostname@REALM -mapuser axigen_smtp -pass PASSWORD -out axigen-smtp.keytab

2. Generate a key for the IMAP service: ktpass -princ imap/axigen.hostname@REALM -mapuser axigen_imap -pass PASSWORD -out axigen-imap.keytab

3. Generate keys for the POP3 service: ktpass -princ pop/axigen.hostname@REALM -mapuser axigen_pop -pass PASSWORD -out axigen-pop.keytab

In all commands shown above you must replace: axigen.hostname - with the domain AXIGEN users should use to login to REALM - with the Kerberos realm, particularly for Active Directory, with the domain name for which you want to authenticate PASSWORD - with the password for the corresponding "axigen_SERVICE" account, which you have previously created. Please note that the AXIGEN Mail Server IP address must reverse point to the same hostname you have specified above as "axigen.hostname".

AXIGEN User Manual



83

3. Copy the exported key files on the AXIGEN machine in the /etc directory and merge them using the 'ktutil' application. Simply type 'ktutil' and issue the following commands in the application's subshell:

• load the needed keytab files, according to the services you want to use GSSAPI authentication with: rkt /etc/axigen-smtp.keytab rkt /etc/axigen-imap.keytab rkt /etc/axigen-pop.keytab

• write the new /etc/krb5.keytab file: wkt /etc/krb5.keytab

• exit the ktutil shell: quit

At this moment, all necessary keys will be saved in the /etc/krb5.keytab file.

Prerequisites and Settings for Each Active Directory User Defined for AXIGEN

The AXIGEN Mail Server domain name must be the same as the full Active Directory domain name. Also, the accounts for which you want to use Kerberos authentication must be created within the AXIGEN Mail Server.

Example

The example below shows how to set up the Windows version of the Mozilla Thunderbird email client to use Kerberos authentication with in an Active Directory environment:

1. Open the 'Account Settings' window from 'Tools' -> 'Account Settings...'. 2. Click 'Add Account'. This will open the 'Account Wizard'. 3. Select 'Email account' as the type of account to be created, then press 'Next'. 4. Fill in your name and e-mail address and press 'Next'. 5. In the next screen, select 'IMAP' or 'POP' incoming server types, according to your network

policy. Set the 'incoming server' box to AXIGEN's fully qualified host name or the AXIGEN machine IP address.

6. Press 'Next' and fill in the user account name as stored in AXIGEN. In the last screen, fill in the account name, then press 'Next', review the settings and press 'Finish'.

7. Go to the 'Server settings' section of the newly created account and check the 'Use secure authentication' option. Also, if AXIGEN is configured to relay emails from authenticated users only and if you have created a keytab corresponding to the 'smtp' service (as shown above), add the AXIGEN hostname in the 'Outgoing server (SMTP)' section, selecting the 'Username and password' checkbox from the 'Security and authentication' section.

8. Click the 'OK' button from the 'Account settings' window.

AXIGEN User Manual



84

4.2. SPF and DomainKeys

SPF (Sender Policy Framework) is a sender authentication method developed in order to ensure mail server's security by applying different anti-spoofing mechanisms. This mechanism consists in making a DNS request in order to determine whether the mail message comes from an authorized source, which is described in a SPF record, registered on the DNS. SPF records contain domain attributes that uniquely describe mail messages.

The query may have one of the following seven possible results: • pass: meaning the message meets the domain's definition for legitimate messages; • neutral • none • soft fail • fail: meaning the message does not meet the domain's definition for legitimate messages; • temp error • permanent error

In case of permanent error, AXIGEN rejects the mail message generating the respective error. If a temporary error is generated, the AXIGEN returns an error message to the sending party. In all other cases the mail message is accepted. To enable SPF in AXIGEN or to add a SPF header to emails, use the Message Acceptance Policies. DomainKeys Compliance Starting with version 2.0, the AXIGEN Mail Server is also DomainKeys compliant. DomainKeys is an e-mail authentication system designed to verify both the DNS domain of an email sender and the message integrity, ebedded in the AXIGEN Signing Module. The DomainKeys specification has adopted aspects of Identified Internet Mail to create an enhanced protocol called DomainKeys Identified Mail (DKIM). The AXIGEN Signing Module is only available for the commercial versions of the AXIGEN Mail Server. It does not work within free of evaluation versions. To test this specific feature, please contact our sales department.

4.2.1. AXIGEN Signing Module Usage and Configuration

AXIGEN Signing Module is a module that provides AXIGEN with a tool to prevent forgery and possible repudiation. It implements the Yahoo DomainKeys concept that basically works by signing the contents of an email and allows mail servers to verify that signature. The DomainKeys module is composed of two daemons that run independently of AXIGEN and of each other: the DomainKeys Signer and the DomainKeys Verifier. Each of them has a configuration file and communicates with AXIGEN using an AFSL connector. The signer's role is to sign emails that come from AXIGEN and the verifier’s role is to verify the mail which applies only if the mails were previously signed. For the AXIGEN - DomainKeys integration, DomainKeys (both signer and verifier) must be configured first, to know on which address and port it listens for connections from AXIGEN. When these parameters are correctly defined in the configuration file, you have to set up two Antivirus/Antispam

AXIGEN User Manual



85

filters in AXIGEN, specifying the AFSL file for protocol communication and the address and port to connect to DomainKeys. After installing the DomainKeys package, the AFSL file can be found in /var/opt/AXIGEN/filters/. Besides defining the AV/AS filters, you must also activate them. For details on how to create AV/AS Filters, see Configuring Antivirus/Antispam Filters. For information on how to activate filters in AXIGEN, see Configuring Active Filters. We strongly recommend that the DomainKeys Verifier AV/AS configuration filter to be activated with the highest priority and the signer with the lowest.

Command line parameters

The below listed command line parameters are to be used both for the signer and the verifier.

• -h displays this help message • -v displays the version • -f run in foreground • -u <user> run as user. DEFAULT: 'AXIGEN' • -g <group> run as group. DEFAULT: 'AXIGEN' • -c -c <path>: path to the configuration file; the default paths are as follows:

• /etc/opt/AXIGEN/axidkd.conf for DomainKeys Verifier • /etc/opt/AXIGEN/axidksd.conf for DomainKeys Signer

DomainKeys Verifier configuration

• bindIp <ip> - The address used to listen for connections from AXIGEN. • bindPort <port> - The port used for connections from AXIGEN. - DEFAULT: 1982 • logType <type> - This parameter defines where to log messages. It can be "system","file" or

"stdout". The "system" value means that messages will be logged to the system log, "file" that they will be logged in a file and "stdout" that messages will be logged at standard output. WARNING: if "file" is selected for this property, the logFile must also be set. - DEFAULT "system"

• logFile <file> - In case that logType has the value "file", this defines the file where messages are logged. - DEFAULT: "none"

• logLevel <level> - The level at which messages will be logged. Possible values are: o 0 - only error messages will be logged o 1 - error and warning message will be logged o 2 - all messages will be logged o DEFAULT: 2

• addAuthHeader - This options enables/disables adding the "Authentication-Results" header to the message after verification. It can take the values: yes or no. - DEFAULT: "yes"

• actionOnPass - This option specifies what action should be sent to AXIGEN when the domainkeys verification yields a pass action (details on the actions that can be sent to AXIGEN in the AFSL documentation). The possible values are pass|match|discard|error. - DEFAULT: "pass"

• actionOnFail - This option specifies what action should be sent to AXIGEN when the domainkeys verification yelds a fail action. Possible values are: pass|match|discard|error. - DEFAULT: "match"

• actionOnSoftFail - This option specifies what action should be sent to AXIGEN when the domainkeys verification yelds a softfail action. Possible values: pass|match|discard|error. - DEFAULT: "match"

AXIGEN User Manual



86

• actionOnNeutral - This option specifies what action should be sent to AXIGEN when the domainkeys verification yelds a neutral action. Possible values: pass|match|discard|error. - DEFAULT: "pass"

• actionOnTempError - This option specifies what action should be sent to AXIGEN when the domainkeys verification yelds a temperror action. Possible values: pass|match|discard|error. - DEFAULT: "error"

• actionOnPermError - This option specifies what action should be sent to AXIGEN when the domainkeys verification yelds a permerror action. Possible values: pass|match|discard|error. - DEFAULT: "match"

• rwTimeout <value> - This option specifies the timeout used when communicating with AXIGEN and with the Milter Implementation (in milisecconds). The range for this value is 1 - 65535. - DEFAULT: 400

• processingThreads <threads> - The number of processing threads which also reflects the maximum number of connections made to the milter implementation. The range for this value is 1 - 128. - DEFAULT: 16

DomainKeys Signer configuration

• bindIp <ip> - The address used to listen for connections from AXIGEN. • bindPort <port> - The port used for connections from AXIGEN. - DEFAULT: 1982 • logType <type> - This parameter defines where to log messages. It can be "system","file" or

"stdout". The "system" value means that messages will be logged to the system log, "file" that they will be logged in a file and "stdout" that messages will be logged at standard output. WARNING: if "file" is selected for this property, the logFile must also be set. - DEFAULT "system"

• logFile <file> - In case that logType has the value "file", this defines the file where messages are logged. - DEFAULT: "none"


• rwTimeout <value> - This option specifies the timeout used when communicating with AXIGEN and with the Milter Implementation (in milliseconds). The range for this value is 1 - 65535. - DEFAULT: 400

• privateKeyPath - This path to the private key used for signing. This parameter is required. • selector - The selector used to form the query for the public-key. This parameter is required • canonicalization - The canonicalization algorithm type. Possible values: simple|nofws. -

DEFAULT: "nofws" • removeHeaders - This option, if yes removes duplicate headers from the signature. Possible

values: yes|no. - DEFAULT: "no" • processingThreads <threads> - The number of processing threads which also reflects the

maximum number of connections made to the milter implementation. The range for this value is 1 - 128. - DEFAULT: 16

AXIGEN User Manual



87

Starting/Stopping/Restarting the Domain Keys Daemons

Slackware: • To start the deamons, issue the following command:

/etc/rc.d/rc.axigendk start • To stop the deamons, you can issue:

/etc/rc.d/rc.axigendk stop • In order to restart the deamons, issue the command:

/etc/rc.d/rc.axigendk restart

Others (rmp-based, Ubuntu, Gentoo, Debian)

• To start the deamons, issue the following command: /etc/init.d/axigendk start

• To stop the deamons, you can issue: /etc/init.d/axigendk stop

• In order to restart the deamons, issue the command: /etc/init.d/axigendk restart

AXIGEN User Manual



88

4.3. Mail Filtering

AXIGEN provides various types of filters at each level of mail processing that allow you to increase mail traffic security and block any type of unwanted mail messages from reaching their intended recipient mailbox. The filtering system in AXIGEN is highly effective and allows maximum flexibility in defining what email messages should be scanned, what filters should be used, the order in which these filters are applied and the actions taken according to the results of the scanning process. The filters can be applied both for incoming and for outgoing email traffic.

Filter Types

1. Message Acceptance Policies

AXIGEN 2.0 implements a set of message acceptance policies at SMTP-connection level. The system administrator can configure and implement message acceptance policies and adjust them to best suit their security requirements. Incoming connections established via SMTP and the message flow can be easily managed using the established policies. Moreover, they allow adding headers, changing addresses and other such actions. For more details, see the Message acceptance policies section. 2. Routing Policies

To further fin-tune email communication management at SMTP level, AXIGEN 4.0 implements Routing policies. The Routing policies correspond to the SMTP Processing and SMTP Outgoing modules and enable administrators to define the NDR (Non-Delivery Receipt) text and the conditions when such a message is returned. The system administrator can also customize SMTP Outgoing actions for all or part of the relayed email communication. For further information, see the dedicated section in this chapter. Important! The following filter types are have the following filter types defined in the WebAdmin interface and in the configuration file: type script - for Message rules type socket - for Antivirus/Antispam rules 3. Message rules Message rules instruct the AXIGEN Mail Server to take certain actions on processed email messages based on pieces of information contained by the message headers. Using Message rules is safe since they do not operate on the mail content but only extract information from the mail header and take actions according to the pre-defined rules. See the Message rules section for further details. 4. Antivirus / Antispam Filters Antivirus / Antispam Filters can be easily used with the AXIGEN Mail Server to ensure a high security level for email communication. Commercial Antivirus applications can communicate with AXIGEN either directly (using the AXIMilter module) or through AMAVIS. For more details, see the corresponding section of the current chapter.

AXIGEN User Manual



89

This type of filtering allows integration with virtually any third party applications, including Antivirus and Antispam applications. Currently, connectors for ClamAv Antivirus and SpamAssassin Anti-spam application (both open source) are implemented ensuring effective virus and spam protection for all mail traffic managed by AXIGEN Mail Server. Moreover, AXIGEN supports integration with Amavis, a generic interface used to connect a mail server to twelve different Antivirus applications: KAV(Kaspersky) for Mail Servers, BitDefender, Sophos, F-Prot, DrWeb, Symantec, F-Secure, Avast, eTrust, Norman, Panda and McAfee. To see instructiuns on how to make AXIGEN work with ClamAV, see the corresponding AXIGEN forum posting. For SpamAssassin, you simply need to install the application, no further configurations are necessary. A sample setup procedure for connecting these two applications to AXIGEN is also given in the AXIGEN Install and Config Guide. For instructions on setting up the AXIGEN Mail Server integration with Amavis, see the dedicated article on the AXIGEN site. At this time the integration has been tested for Kaspersky and BitDefender but the procedure is similar for any of the products supported by Amavis.

Active Filters

Filter configuration in AXIGEN, also involves the notion of Active Filters. Although not a distinct filter category, the Active Filters designation is used to refer to filters currently enabled in AXIGEN. This designation is particularly useful when enabling filters.

Filtering Levels

In AXIGEN, you can apply filters at three levels: • server level (these filters are applied to all emails directed to any account / mail list from the

server) • domain level (these filters are applied to all emails directed to the domain to which the account

/ mail list belongs) • account / mail list level (these filters are applied only to the account / mail list for which the

filters have been created)

http://www.axigen.com/forum/


http://www.axigen.com/usr/files/AXIGEN_Quick_Install_and_Config_Guide_v4.0.pdf

http://www.axigen.com/articles/integrating-the-axigen-messaging-solution-with-amavis_11.html


AXIGEN User Manual



90

Thus, a typical filtering chain in AXIGEN will contain different types of filters, applied on different levels. If one of the filters in the filtering chain yields an error (internal error, AFSL or any type of error), the email being processed is kept in the processing queue and it will go through the filtering chain all over again, at a later time until all the filters in the chain can be applied. If all the filters in the filtering chain yield a PASS action, and the last one yields REJECT, the email is rejected. In case one of the filters situated in the middle of the chain triggers a REJECT or DISCARD action, the email will go through the filtering chain again. The order in which these filters will be applied, is based on their level and on their priority. See Activating Filters for details on activation inheritance and priority levels. AXIGEN Mail Servers can easily integrate with other third party applications through a simple interface which is made available as part of SDK (Software Development Kit). For more details on SDK delivery, please contact the AXIGEN Sales Department.

4.3.1. Message Acceptance Policies

AXIGEN 4.0 implements a set of message acceptance policies at SMTP-connection level. The system administrator can configure and implement message acceptance policies and adjust them to best suit their security requirements. Incoming connections established via SMTP and the message flow can be easily managed using the established policies. Moreover, they allow adding headers, changing addresses and other such actions. Examples of message acceptance rules:

• allow incoming messages from a specific domain • deny incoming messages with attachments exceeding 3 MB • allow authenticated users only • accept secured connections only • deny looping emails (when the number of Received headers exceeds 20)

The message acceptance policies can consist in any number of such rules applied following a given priority. These rules can be set at SMTP Incoming level and help save space and resources for email processing. The policies are defined using an AXIGEN proprietary scripting language and are at this time contained, along with the Processing and Relay policy scripts in a single file per installed server. They will also be created automatically via the WebAdmin Wizard which will be available in the next AXIGEN version. Through the Message acceptance policy, a wide range of event handlers associated with the SMTP events are available, along with various methods, message headers, envelopes and peer information. The events are predefined blocks within the script that will be executed at specific moments by the server. For each event, the server calls certain methods which can have a configurable or predefined behavior.

http://www.axigen.com/about-us/contact/

AXIGEN User Manual



91

The available events at SMTP Incoming level are: • onConnect • onEhlo • onMailFrom • onRcptTo • onDataReceived

Message acceptance policies are based on a proprietary scripting language. For an overview of this language, please see the Language Specifications section. The policies will be soon created using a WebAdmin Wizard, but presently they are configured within the server context using WebAdmin. For details on how to access the configuration file via WebAdmin, see the section presenting the Server tab.

4.3.2. Routing Policies

To further fin-tune email communication management at SMTP level, AXIGEN 3.0 implements Routing Policies. The Routing correspond to the SMTP Processing and SMTP Outgoing modules and enable administrators to define the NDR (Non-Delivery Receipt) text and the conditions when such a message is returned. As an example, NDR responses are sent when the specified recipient of an email message is invalid. Routing Policies also allow system administrator to customize SMTP Outgoing actions for all or part of the relayed email communication. For example, they can

• establish a certain address where all emails from a certain domain are relayed, or • specify a username/password authentication before relaying emails to a certain address.

Routing policies can contain any number of predefined rules, thus being easily adapted to various security requirements. The policies are defined using an AXIGEN proprietary scripting language and are at this time contained, along with the Messace acceptance policy scripts in a single file per installed server. They can also be created automatically via the WebAdmin Wizard. For details on the options available in the WebAdmin Wizard, please see the corresponding section. A wide range of event handlers associated with the SMTP events are available, along with various methods, message headers, envelopes and peer information are available when defining Routing policies. The events defined for the Routing policies and their contexts are as follows:

Event Context

onRelay SMTPOut onDeliveryFailure SMTPProc onTemporaryDeliveryFailure SMTPProc

For a detailed description of the scripting language the policies are based on, please see the Language Specifications section.

AXIGEN User Manual



92

4.3.3. Antivirus / Antispam Filters

Antivirus / Antispam Filters can be easily used with the AXIGEN Mail Server to ensure a high security level for email communication.

IMPORTANT! The AXIGEN Mail Server can integrate with more than 14 antivirus applications - KAV(Kaspersky) for Mail Servers, BitDefender, Sophos, F-Prot, DrWeb, Symantec, F-Secure, Avast, eTrust, Norman, Panda, McAfee, ClamAV - and 6 antispam applications - SpamAssassin, AVG, Kaspersky Anti-Spam, Avira MailGate, BitDefender Mail Protection for Enterprises, Symantec Brightmail AntiSpam. 1. Simple Integration with ClamAV and SpamAssassin

To see instructiuns on how to make AXIGEN work with ClamAV, see the corresponding AXIGEN forum posting. For SpamAssassin, you simply need to install the application, no further configurations are necessary. A sample setup procedure for connecting these two applications to AXIGEN is also given in the AXIGEN Install and Config Guide. 2. Integration with Commercial Antivirus Applications

Commercial Antivirus applications can communicate with AXIGEN either directly (using the AXIMilter module) or through AMAVIS.

The AXIMilter module can communicate with any Antivirus application that has milter support, while AMAVIS provides support for the following security solutions: KAV(Kaspersky) for Mail Servers, BitDefender, Sophos, F-Prot, DrWeb, Symantec, F-Secure, Avast, eTrust, Norman, Panda, McAfee.

For instructions on setting up AXIMilter, see the AXIMilter section. For instructions on setting up the AXIGEN Mail Server integration with Amavis, see the dedicated article on the AXIGEN site. 3. Integration with commercial Antispam applications. For instructions on how to integrate AXIGEN with AVG, Kaspersky Anti-Spam, Avira MailGate, BitDefender Mail Protection for Enterprises, Symantec Brightmail AntiSpam, please see the related Knowledgebase articles: How to enable spam protection in AXIGEN using AVG How to enable anti-spam filtering in AXIGEN using the milter implementation of Kaspersky Anti-Spam How to enable anti-spam filtering in AXIGEN using the milter implementation of Avira MailGate How to enable anti-spam filtering in AXIGEN using the milter implementation of BitDefender Mail Protection for Enterprises How to enable anti-spam filtering in AXIGEN using the milter implementation of Symantec Brightmail AntiSpam

Antivirus / Antispam Filters are dynamic filters executed by external processes. These types of filters are based on a file defining the communication protocol between AXIGEN and the external process executing the filter.



http://www.axigen.com/usr/files/AXIGEN_Quick_Install_and_Config_Guide_v4.0.pdf



http://www.axigen.com/knowledgebase/How-to-enable-virus-and-spam-protection-in-AXIGEN-using-AVG_59.html

http://www.axigen.com/knowledgebase/How-to-enable-anti-spam-filtering-in-AXIGEN-using-the-milter-implementation-of-Kaspersky-Anti-Spam_60.html

http://www.axigen.com/knowledgebase/How-to-enable-anti-spam-filtering-in-AXIGEN-using-the-milter-implementation-of-Avira-MailGate_61.html

http://www.axigen.com/knowledgebase/How-to-enable-anti-spam-filtering-in-AXIGEN-using-the-milter-implementation-of-BitDefender-Mail-Protection-for-Enterprises_62.html

http://www.axigen.com/knowledgebase/How-to-enable-anti-spam-filtering-in-AXIGEN-using-the-milter-implementation-of-BitDefender-Mail-Protection-for-Enterprises_62.html

http://www.axigen.com/knowledgebase/How-to-enable-anti-spam-filtering-in-AXIGEN-using-the-milter-implementation-of-Symantec-Brightmail-AntiSpam_63.html

http://www.axigen.com/knowledgebase/How-to-enable-anti-spam-filtering-in-AXIGEN-using-the-milter-implementation-of-Symantec-Brightmail-AntiSpam_63.html

AXIGEN User Manual



93

Antivirus/Antispam Filters can also interact with Message rules, via two headers appended to email messages. These headers contain a spam or virus level value which actually indicates the likelihood of that particular email message being virus or spam. Based on these levels, actions imposed by the message rules can be taken, for instance moving email messages above a certain level to a specified Quarantine folder. AXIGEN supports creating customized filter chain. This means system administrators can define and use as many Antivirus/Antispam Filters and Message rules as required by their security policies. In AXIGEN, antispam/antivirus filters calls are multithreaded - this means that filters can be applied on several emails at the same time, improving thus service availability and processing speed. If one of the filters in the filtering chain does not respond, AXIGEN provides a failsafe mode, which allows pinging the filter regularly until the connection is reestablished. At that moment, the email message filtering chain is resumed. This guarantees that every message goes through the entire filtering chain.

AXIGEN Mail Servers can easily integrate with other third party applications through a simple interface which is made available as part of SDK (Software Development Kit). For more details on SDK delivery, please contact the AXIGEN Sales Department. For information on how to configure Antivirus/Antispam filters at different levels using WebAdmin, see: Configuring Antivirus/Antispam Filters Domain Filter Configuration Account Filter Configuration List Filter Configuration. Antivirus/Antispam filters can also be configured using the CLI Filters context. For information on how to use the Command Line Interface, see Configuring AXIGEN using CLI.

4.3.4. Message Rules

Message rules instruct the AXIGEN Mail Server to take certain actions on processed email messages based on pieces of information contained by the message headers. Thus you can create rules like:

• messages from [email protected] copy to alex@localdomain; • messages from [email protected] move to folder Jokes; • all messages reply with "Out-of-office" message;

Message rules are easily created using the provided Web Wizard by each individual user via the WebMail module of AXIGEN. For more details on Wizard usage, please see Mail Filtering in WebMail.

More complex message rules can be created by the system administrator using a simple scripting language called SIEVE. The same language is used by the WebMail Wizard when defining message rules automatically. Using Message rules is safe since they do not operate on the mail content but only extract information from the mail header and take actions according to the pre-defined rules. They work

http://www.axigen.com/about-us/contact/

AXIGEN User Manual



94

basically by comparing different keys using different comparators and comparison methods, against headers of a mail message. Based on the result of the comparison, you can apply different actions to the corresponding mail message, i.e. reject, discard, redirect, etc. Message rules are static filters, where the filter itself is contained in a separate file. Different user-defined scripts can be included in any AXIGEN Filtering System. The supported language provides an extremely flexible filtering methodology, as users can define any number of script filters according to their needs. AXIGEN also implements the vacation extension. This means that message rules can be created and applied for generating out-of-office type automatic replies. Thus, auto-generated messages can be sent when the user of the account for which the vacation applies, is on vacation, out of office or in general away for an extended period of time. The vacation extension is an extra functionality also available via script files. Antivirus/Antispam Filters can also interact with Message rules, via two headers appended to email messages. These headers contain a spam or virus level value which actually indicates the likelihood of that particular email message being virus or spam. Based on these levels, actions imposed by the message rules can be taken, for instance moving email messages above a certain level to a specified Quarantine folder. AXIGEN supports creating customized filter chain. This means system administrators can define and use as many Antivirus/Antispam Filters and Message rules as required by their security policies. For a complete description of message rules implementation in AXIGEN, see the SIEVE Language section. For a complete description of this language, see RFC 3028. For information on how to configure script filters at different levels using WebAdmin, see: Configuring Message Rules Domain Filter Configuration Account Filter Configuration Filters can also be configured using the CLI Filters context (see Configuring AXIGEN using CLI) and by editing the configuration file (see Configuring AXIGEN using the Configuration File)

4.3.4.1. SIEVE Overview and Implementation in AXIGEN

SIEVE Overview

Sieve is a language created and used for mail filtering either on the server or on the client. The language is completely described in the RFC 3028. Sieve is an interpreted language that can be described as relatively simple. It has no loop structures, no variables (in the basic form) it has only an if control structure. Sieve works basically by comparing different keys using different comparators and comparison methods, against headers of a mail message and based on the result applies actions to the message, like reject, discard, redirect. The structure of Sieve as described in the RFC 3028 is: SIEVE defines 5 actions: keep, fileinto, reject, discard, redirect which are self-explanatory.

AXIGEN User Manual



95

It also defines 3 control commands:

• <stop> - which stops the processing to that point • <if elsif else> structure • require command - which defines an extension of the language. It tells the interpreter that the

respective extension will be used in the script

The if structure has the form: if <test> <block> elsif <test> <block> else <block> A block is a block of commands (actions and control commands - including other ifs) and a test can be one of the following:

1. address - tests a set of the address headers against a set of keys using different comparison methods

2. envelope - optional test 3. header - tests a set of the headers against a set of keys using different comparison methods:

• true, false - constants • allof <other tests> - logic and between several tests • anyof <other tests> - logic or between several tests • not <test> - negation of a test • exists - test if a set of headers exist • size - test against the size of a message

A test can take 2 values: true or false.

After parsing a script against a mail message, several actions can result which may interact. Several constrains are defined regarding action interaction which will be explained in the next paragraph. If no action is to be taken after a complete parse of the script, or an error occurs, an implicit keep will ensure delivery of the message to the inbox.

The AXIGEN SIEVE interpreter

The interpreter uses the following restrictions and constrains in implementing the RFC 3028:

• it implements the extensions described in the rfcs: fileinto, reject, envelope, copy, relational, spamtest, virustest, subaddress

• the relational test :count can only be used with the i;ascii-numeric comparator and when there are more then one strings in the second string list, only the first will be considered

• it implements the "i;octet", "i;ascii-ccasemap" and "i;ascii-numeric" comparators for the "i;ascii-numeric" comparator, the :matches and :contains tags, cannot be used. Error otherwise.

• it allows only require with (fileinto, reject, envelope, copy, vacation) arguments, gives an error message otherwise

• allows address and envelope test with the second string list (the values list) not tested for valid addresses (i.e. it allows part of addresses put in the values list)

• it allows only the: "From", "To", "CC", "Bcc", "Sender", "Resent-From", "Resent-To" headers to appear in the address test and only "To", "From" headers in the envelope test. Error otherwise.

AXIGEN User Manual



96

• the require group of commands must appear first and must contain only required commands. Error otherwise.

• elsif and else must appear only after an if or an elsif. error otherwise • there is one type of warning and five types of error messages:

1. "[Syntax Error]: given if there is a syntax error in the script 2. "[Parse Error]: if a semantic error appears 3. "[Semantic Error]: similar to parse error 4. "[Validation Error]: if the script is not compliant to this document 5. "[Run-time Error]: if something is wrong during a message parse

• numbers in the size test cannot be negative and cannot exceed 2^32-1. error otherwise • numbers when using the i;ascii-numeric comparator cannot exceed 2^32-1 and cannot be

negative. If a string used with this comparator starts with something other than a digit, or is null, or is negative, or it exceeds 2^32-1, it gets the value 2^32. Leading whitespace (SP,HTAB,CRLF) is ignored

• it does not allow two or more comparator, address-part, match-type tags in the address, hearer and envelope tests. Error otherwise.

Action interaction

General action interaction: the following constrains apply (error otherwise): • reject can only be by itself and only once (eventually with stop) • keep can appear with any action (except reject) several times, and a move to Inbox (or similar)

will be executed once • discard can appear with any action (except reject) several times and the result will be a

discard only when solely discard actions are present or there is an implicit keep by using the :copy tag

• fileinto can appear several times with any action (except reject) and a move to the specified folder will be executed (if a move to the same folder is specified, it is treated as an error but a duplicate move will not be performed - a warning will be issued)

• redirect can appear several times and with any action (except reject), the result consisting in redirecting to the specified address only once (without giving an error if a duplicate reject with the same address appears) - a warning will be issued

• any action except stop, fileinto, vacation and redirect used with the :copy tag will cancel the implicit keep

Vacation interaction

• vacation can appear once per script and all other appearances will be disregarded. • vacation used with discard, redirect, fileinto or explicit keep will not be an error and will not be

considered to break the respective actions interaction rules

Spamtest and Virustest Extension This implementation supports the spamtest and virustest extensions as described in the RFC 3685, but in each case, the following constrains appear: Spamtest

• a separate tool will be implemented that will map vendor specific information from antispam tool and

• a new header named "X-AxigenSpam-Level" will be added which can have the following values:

AXIGEN User Manual



97

1- message was tested and is clear of spam 2 -9- message was tested and has a varying likelihood of containing spam in increasing order 10- message was tested and definitely contains spam

Virustest

• a separate tool will be implemented that will map vendor specific information from antivirus tool and

• a new header named "X-AxigenVirus-Level" will be added which can have the following values:

1- message was tested and contains no known viruses 2 - message was tested and contained a known virus which was replaced with harmless content 3 - message was tested and contained a known virus which was "cured" such that it is now harmless 4 - message was tested and possibly contains a known virus 5 - message was tested and definitely contains a known virus

The possible values of the header SHOULD be only numbers and if so MUST be only the above numbers but may also have leading and trailing spaces and may contain alphanumeric characters after the numbers. There may be maximum one header of each type at a given moment, and when the tool has a value to assign to the header, it will assign it only if it is greater than the value already contained in the header.

Vacation Extension

The vacation extension is implemented using the draft: draft-ietf-sieve-vacation-04. The vacation extension is used to send auto-generated messages when the user of the account for which the vacation applies, is in vacation, out of office, in general away for an extended period of time. For a description of the syntax of this extension, please consult the SIEVE related documents and the draft this implementation is based of. Implementation specific issues like restrictions and constrains, and in general issues that appear in the draft with SHOULD or MAY, are defined below. The minimum value for the vacation: days argument is 1 and the maximum is 45. If the value given to the days argument is less that 1 it will be considered 1 and if greater that 45, it will be considered 45. The default value if the days parameter is omitted is 7. The Previous Response Tracking feature (section 4.2 of the draft) is implemented using a CRC32 hash and the date when the response was sent. This means that there may be cases when a second response will be generated even though it was not supposed to, but the chances of that is negligible Compared to the speed gain. The Limiting Replies to Personal Messages feature (section 4.6 of the draft) was implemented considering the same cases as in the draft, but this will change in a way to allow the administrator to define custom rules for recognizing auto-generated mails. The vacation response message is generated with all the features defined in the Section 5 of the draft except the References field that is not generated in this version of the implementation. The interaction between vacation and other actions is described above, under Action Interaction.

http://www.axigen.com/knowledgebase/How-to-create-and-configure-a-SIEVE-out-of-office-auto-responder_47.html

AXIGEN User Manual



98

4.3.5. The AXIGEN Filtering Module

Based on the Sendmail's Content Management Protocol (Milter), the AXIGEN Filtering Module (AXIMilter) provides an interface for third-party software (such as antivirus/antispam) to validate and modify messages as they pass through AXIGEN Mail Server. Through AXIMilter, AXIGEN can be integrated with various Antivirus and Antispam applications. At this time, the AXIGEN Messaging Solution integration with AXIMilter has been sucessfully tested for Kaspersky (kavmilter), Symantec Brightmail, Avast and Avira.

4.3.5.1. Filtering Module Implementation in AXIGEN

A "milter" is a module used by a mail transfer agent (MTA) that allows the addition of very efficient Antivirus/Antispam filters in the mail processing chain. It makes decisions and takes actions during the SMTP sessions. The milter uses a communication protocol based on sockets. This protocol can be used to enable third party applications like anti-virus or anti-spam software to integrate with different MTAs supporting this milter module. AXIMilter is a daemon that runs separately from AXIGEN. It can be configured through its configuration file, located by default in /etc/opt/axigen/aximilter.conf. The configuration file can be specified using the command line arguments, if one wants to use configuration located elsewhere. The AXIGEN MTA communicates with the milter extension using the "aximilter.afsl" filter and the inet socket. The filter takes care of the communications and translations between the two parties. Any results passed on by the milter to the filter are interpreted and formatted by it and passed down the chain to AXIGEN.

When the filter is defined and activated in the AXIGEN configuration you have to set the socket used for communications between AXIGEN and the milter extension. This is an inet (TCP) type of socket. Through this socket AXIGEN will connect to the milter interface and give instructions (formatted by the filter file) to the third party application at the other end. This connection is also used to receive any results from the milter back to AXIGEN. Filter file purpose:

• Parse the information received • Interpret and check the information • Translate information • Pass information

Socket purpose: • Establish a communications channel • Transfer information • Maintain the integrity of the information

The milter extension takes the requests received from AXIGEN and passes them to the milter counterpart of the third party application. This communication is negotiated using the standard milter protocol. When the third party milter responds, information is again passed through the TCP socket and interpreted by the filter. Only then, based on the information received, AXIGEN is able to

AXIGEN User Manual



99

determine what action to take. The whole process chain can be described as follows. The AXIGEN MTA receives an email and the processing chain begins. When AXIGEN reaches the filter designated for the milter extension it passes the necessary information through the socket. All the information is translated by the filter file and fed to the AXIMilter (AXIGEN's milter extension). AXIMilter then connects through a socket to the third party milter implementation and sends the request to make a decision about the fate of the particular email. After deciding the action to be taken on the respective email (to accept it or not and why) the information is again passed to AXIMilter through the socket between the two milter implementations. AXIMilter sends the results back to AXIGEN through the socket defined in the filter setup and it is again translated. When the AXIGEN MTA receives the information, it takes the necessary steps to deliver or discard the message.

4.3.5.2. Configuring the AXIGEN Filtering Module

For the AXIGEN - AXIMilter integration, AXIMilter must be configured first, to know on which address and port it listens for connections from AXIGEN. After these parameter were correctly defined in the configuration file, you have to set up an AV/AS filter in AXIGEN, specifying the AFSL file for protocol communication and the address and port to connect to AXIMilter. Afer installing the AXIMilter package, the AFSL file can be found in /var/opt/axigen/filters/. After defining the Antivirus/Antispam filter you must then activate this filter. Example of an AV/AS filter: name: AxiMilter address: inet://127.0.0.1:1981 protocolFile: /var/opt/axigen/filters/aximilter.afsl idleTimeout: 60 actionOnMatch: reject maxConnections: 10

For information on how to define Antivirus/Antispam Filtesrs in AXIGEN, see Configuring Antivirus/Antispam Filters. For details on how to activate filters in AXIGEN, see Configuring Active Filters.

AXIMilter configuration

The milter configuration resides in the /etc/opt/axigen/aximilter.conf file. Depending on the setup you want to achieve there are multiple options to consider. Due to the TCP style of sockets used you can decide you want to use one machine as mail server and another one on the network as mail scanner. You can also use the same machine. There are some other options you should consider like the number of threads and/or connections you want to allow at any given time. This can have serious productivity and security implications. Below you can find explanations for the available configuration options:

• bindIp <ip> is the variable that sets the interface AXIMilter will use to listen for connections from AXIGEN. If the machine running AXIMilter has more than one interface you should change this variable to the IP of the interface available to the AXIGEN server. This should be set to a LAN IP address ensuring that the traffic between your MTA and AXIMilter is not visible to anyone else. If you run AXImilter and AXIGEN on the same machine you can leave this option unchanged.

AXIGEN User Manual



100

• bindPort <port> is the port that AXIGEN connects to when establishing a connection to the AXImilter extension. You can set this port to whatever you like as long as the port is not already bind by another process. This port must be used when creating the filter in the AXIGEN configuration. When AXIGEN initiates the connection to the socket, AXIMilter has to be listening for connections. If the port is not used by another process you can leave this option unchanged. DEFAULT: 1981

• rwTimeout <value> is the maximum amount of time allocated to a connection session. It is expressed in milliseconds. Setting this value too high on a high traffic server might saturate all the available connections. Setting this too low on a slow machine might interfere with the communications transmitted. The range for this value is 1 - 65535. - DEFAULT: 400

• milterIp <ip> is the IP address of the machine running the third party milter implementation. As with the "bindIp" variable this should be set to the local IP address of that particular machine or left unchanged if the other milter runs locally. DEFAULT: "127.0.0.1"

• milterPort <port> is the port number AXIMilter connects to when establishing a connection with the third party milter implementation. This port has to be the same as the one specified in the configuration file of the third party software. This port is crucial in setting up a working milter implementation. If you change the port in the configuration of your software, you have to change it here too. Most anti-virus scanners use different ports so make sure to check which port you have to set here before testing your implementation. DEFAULT: 1990

• logType <type> - This parameter defines where to log messages. It can be "system","file" or "stdout". The "system" value means that messages will be logged to the system log, "file" that they will be logged in a file and "stdout" that messages will be logged at standard output. WARNING: if "file" is selected for this property, the logFile must also be set. - DEFAULT "system"

• logFile <file> - If logType has the value "file", this defines the file where messages are logged. - DEFAULT: "none"


• processingThreads <threads> is the number of threads ready to process requests. This number also limits the maximum connections that can be established to the AXIMilter extension. This means that if for example you set this value to 3, only a maximum 3 requests can be sent at any given time, thus only the fate of 3 emails can be decided. When one of these connections is closed a new one can be opened. Make sure you balance this value so that you don't overload the server and at the same time you don't keep too many emails waiting if you have a lot of traffic. The default value should be sufficient for most modern computers and at the same time should be reasonable enough on a medium-sized server. The range for this value is 1 - 128. - DEFAULT: 16

4.3.5.3. AXIGEN Filtering Module Commands

Command line parameters

• -h displays this help message • -v displays the version • -f run in foreground • -u <user> run as user. DEFAULT: 'AXIGEN' • -g <group> run as group. DEFAULT: 'AXIGEN' • -c <path>: path to the configuration file DEFAULT: /etc/opt/AXIGEN/aximilter.conf

AXIGEN User Manual



101

Below you will find a list of the commands needed to start, stop, restart the AXIMilter daemon or to check its status. The commands are distribution-specific.

Debian • In Debian, the daemon can be started via its initscript, by issuing:

/etc/init.d/aximilter start • To stop the server, you can issue:

/etc/init.d/aximilter stop • In order to restart AXIGEN daemon, you can use:

/etc/init.d/aximilter restart • To view the AXIGEN daemon status, you can pass the 'status' parameter:

/etc/init.d/aximilter status

Gentoo • In Gentoo, the daemon can be started via its initscript, by issuing:

/etc/init.d/aximilter start • To stop the server, you can issue:

/etc/init.d/aximilter stop • In order to restart AXIGEN daemon, you can use:

/etc/init.d/aximilter restart • To view the AXIGEN daemon status, you can pass the 'status' parameter:

/etc/init.d/aximilter status

RPM-based distributions • In RedHat, SUSE, Fedora Core, and Mandrake/Mandriva distributions, you can use the

initscript to start the daemon(s), by issuing: /etc/init.d/aximilter start

• To stop the server, you can issue: /etc/init.d/aximilter stop

• In order to restart AXIGEN daemon, you can use: /etc/init.d/aximilter restart

• To view the AXIGEN daemon status, you can pass the 'status' parameter: /etc/init.d/aximilter status

Slackware • In Slackware, the daemon can be started via its initscript, by issuing:

/etc/rc.d/rc.aximilter start • In order for the initscript to start at boot time, you need to set the executable bit for the script:

chmod +x /etc/rc.d/rc.aximilter • To stop the server, you can issue:

/etc/rc.d/rc.aximilter stop • In order to restart AXIGEN daemon, you can use:

/etc/rc.d/rc.aximilter restart • To view the AXIGEN daemon status, you can pass the 'status' parameter:

/etc/rc.d/rc.aximilter status

Ubuntu • In Ubuntu, the daemon can be started via its initscript, by issuing:

sudo /etc/init.d/aximilter start • To stop the server, you can issue:

sudo /etc/init.d/aximilter stop • In order to restart AXIGEN daemon, you can use:

sudo /etc/init.d/aximilter restart • To view the AXIGEN daemon status, you can pass the 'status' parameter:

sudo /etc/init.d/aximilter status

AXIGEN User Manual



102

4.3.6. Activating and Prioritising Filters and Rules

In AXIGEN Mail Server, you can activate Antivirus / Antispam filters and Message rules by adding them in the Active filters lists, available in the Active Filter tabs in WebAdmin. Active Filters are not a separate filter category, but merely a way of selecting among the available filters the ones you wish to apply at server level, domain level or user level.

Filter Priority

When being activated, each filter is assigned a priority value. The notion of priority is used to define the order of filters in the filtering chain. This means that filters with higher priority will be applied first. Important - A lower priority value stands for an actual higher priority. Thus, the filter with priority 1 will always have the highest priority over filters with higher priority values. Available priority values vary according to the filter level:

• server level: 1-500 • domain level: 100-400 • account / mail list level: 200-300

Note: Although not similar in terms of functionality, accounts and mail lists are considered similar (same level) entities when applying filters. When filters on different levels have the same priority, these filters will be applied in decreasing order of importance, which is as follows:

1. server level filter 2. domain level filter 3. account / mail list level filter

Activation Inheritance

All filters activated at server level, will automatically be applied at all filtering levels, according to their respective priority levels. The same is true for domain level filters, which can be activated at account / mail list level. Filters activated at domain level, are applied to all accounts belonging to the respective domain. Filters activated only at account level, will only be applied to that specific account. For information on how to activate filters using WebAdmin see the following pages: Configuring Active Filters Domain Filter Configuration Account Filter Configuration List Filter Configuration

AXIGEN User Manual



103

4.3.7. Language Specifications for Policy Configuration

The AXIGEN SMTP Policy system is defined in a single file per installed AXIGEN Mail Server and has events for the SMTP Incoming, Outgoing and Processing stages of a mail life cycle. The Policy system contains Message Acceptance Policies and Processing and Relay Policies. The file is known by the server by the means of smtpFiltersFile parameter.

This parameter can be configured within the server context using either CLI or WebAdmin. For details using CLI for this configuration, please see the Configuring AXIGEN using CLI section. For details on how to access the file via WebAdmin, see the section presenting the Server tab.

Basic structure

The language is structured in blocks of two types: events and methods. The events are predefined blocks that will be executed at specific moments by the server. The methods are custom defined blocks that will be called from the language. Thus the basic structure of a language file is:

event event1 { event event2 { . . } Comments inside the script file are allowed using the syntax: #comment until the end of line.

SMTP Events

The events defined for the SMTP filters and their contexts are as follows:

Event Context

onConnect SMTPIn onEhlo SMTPIn onMailFrom SMTPIn onRcptTo SMTPIn onDataReceived SMTPIn onRelay SMTPOut onDeliveryFailure SMTPProc onTemporaryDeliveryFailure SMTPProc

AXIGEN User Manual



104

Thus, the structure of the script file is: #Sample AXIGEN SMTP Filter #the event called when a connection is made to SMTP event onConnect { . code . } #the event called when smtp receives EHLO event onEhlo { . call(Ionel); . } method Ionel { . code }

Methods

Beside the custom methods, a number of predefined methods are also available. They are called in the same way and have a predefined behavior. The currently available predefined methods are:

• checkSPF • checkReverseDNS • addHeader • addIfNotExistsHeader • removeFirstHeader • removeHeader • modifyHeader • modifyIfExistsHeader • addRcpt • discardRcpt

A more comprehensive example of a script defined until now, can be: event onHelo { call(heloEvent); } method heloEvent { . call(checkSpf); call(addHeader); }

Contexts

This language defines a scripting language to be used especially for SMTP filtering. The SMPT process has three different contexts: Incoming, Outgoing and Processing. Thus the behavior of the same filter differs depending on the context to which it is applied. For example the SMTPIn events are triggered only within the SMTP Incoming context. The same applies to context dependent variables which will be detailed below.

AXIGEN User Manual



105

Variables

After methods and events, the next as level of importance are the variables. They act as input and output to functions and also act as actions to be taken by the SMTP engine. All variables are considered to be string or numbers and can be of three types:

• read-only variables (input variables); • read-write variables (input/output variables); • action variables - these variables can be either read-only or read-write but they are in this

category because they can cause the SMTP engine to take an action or are involved in an action.

Variable behavior is context-dependent. If a variable is an input variable for the SMTP Incoming context it will be set only in that context and will be "" in the SMTP Outgoing context. Furthermore, a variable will be set only after that variable's value is known. For example, the MailFromDomain variable will be "" in the onConnect and onEhlo events and will be set only in onMailFrom event. Some variables are set/read by the engine but there are methods for reading/writing them from the code. The reading of a variable implies the comparing of the variable's value with another value or variable. This is done using test functions that form the test block of a conditional block.

To set a variable, the function set is used: set(SPFResult, "some value");

When a predefined method is called, it usually sets one or more variables as its output and usually requires setting one or more variable as its input. Apart from the predefined variables, custom variables also exist and they can be used later in the code. To define a variable you just set its value:

set(aVariable, "aValue"). The previous function defines a variable named aVariable and sets its value to "aValue".

A custom defined variable has lifetime that lasts until the end of a block. To preserve a variable across blocks and across contexts, the export function is used: export(aVariable) The lifetime of a filter with its contexts is per email message so the export function can be used to preserve the value of a variable specific to one email message through different stages of SMTP. For example, at the SMTP Outgoing context, the value of MailFromDomain is not set but can be, if in one of the SMTP Incoming events, an export(MailFromDomain) was made. Within the SMTP Filter Language, the concept of variable expanding means that, within a string, a variable name may appear and at runtime the name will be replaced by the variable's value. In order for a variable to be expanded, its name must appear between "%" characters. An example of variable expanding is: event onConnect { set(aVariable, "Hello."); set(SMTPGreeting, "%aVariable% This is my AXIGEN server"); }

AXIGEN User Manual



106

When you connect on the SMTP port, the greeting will be: "Hello. This is my AXIGEN server" This expanding mechanism also works for comparing two variables: event onConnect { set(aVariable, "value"); set(bVariable, "value"); if (is(aVariable,"%bVariable%) { set(SMTPAction,"reject"); } }

Structures

Condition blocks There are only block, sub-block, if and switch structures. The block structures were defined above. The ‘if’ structure has the following form: if (conditions) { } else { } The sub-blocks mentioned above are part of the ‘if’ and ‘switch’ structure and as in the case of blocks, start with a "{" and end with a "}". The switch structure has the following form: switch (variable) { case <value>: { } case <value>: { } default: { } }

Both the ‘if’ and the ‘switch’ structures can imbricate a maximum of 16 levels of imbrication. The case statements are exclusive, that means that if a case is matched, after the execution of the block, the switch structure is exited.

Conditions

The conditions are Boolean functions that are used in the ‘if’ and ‘switch’ tests. They split into 2 types: single conditions and logical groups. The single conditions are as follows:

• is(variable,value) - matches for equality; • isCase(variable,value) - matches for equality and if strings, the match is case insensitive; • match(variable,regexp) - regular expression match • lessThen(variable,value) - number comparison • greaterThen(variable,value) - number comparison • greaterOrEqual(variable, value) - number comparison • lessOrEqual(variable, value) - number comparison

AXIGEN User Manual



107

• iprange(variable, range) - matches if the variable's value is in range. If the variable is not an ipAddress, the function returns false. Emample of how to define IP ranges:

o 192.168.1.1-192.168.1.10 (range) o 192.168.1.1/24 (cidr) o 192.168.1.1/255.255.255.0 (netmask)

The logical groups are:

• not(condition) - negation of a condition • allof(condition,condition,...) - similar to an AND between conditions • anyof(condition,condition,...) - similar to an OR between conditions

The logical groups allow a maximum of 16 levels of imbrication.

Functions The functions can be looked at as keywords from other languages. They are the building blocks of the language and their behavior is hard-coded. The functions available are:

• all the Boolean functions described above; • call (method) - this executes a predefined of custom defined method. If the method is custom

defined, it must be defined in the same script file as the call; • export (variable) - this function exports a variable name and value to be used in another

context. If the variable is custom defined it must be defined in the same script file; • set (variable, value) - this sets the value of a RW variable; • return - this function ends the current event or method execution.

4.3.7.1. SMTP Functionalities (I)

A list of all events and all variables and methods that can be used by each event is presented below. The type (IN or OUT) and the access method (RO - read only, RW - read write, WO - write only) will be specified for each variable.

Important! Certain variables are only interpreted within some events, while the remaining events ignore them. Therefore setting such a variable for an event that will ignore it will take no effect. This is also applicable to predefined methods. Not all variables marked as RO or not presented for a certain event will generate an error if set. The reason is they can be marked as RW for other events of the same context. However, setting them will have no effect.

AXIGEN User Manual



108

onConnect

Called when a new client is connected.

Variable Type Access Method Explanation Value set Default

smtpPort numeric IN,RO The local listener port the client used to connect

Range: 0 - 65535

Not Applicable

smtpIp ip IN,RO The local interface IP the client used to connect

IP Not Applicable

remoteSmtpPort numeric IN,RO The remote port the connection was established through

Range: 0 - 65535

Not Applicable

remoteSmtpIp ip IN,RO The remote IP the connection was established from

IP Not Applicable

isSSLConnection choice IN,RO 'yes' if the connection is encrypted (socket ssl), no if it is not.

Choice:

• yes - the connection is encrypted (socket ssl)

• no - the connection is not encrypted

Not Applicable

smtpGreeting text OUT,WO The initial message sent to the client (for the moment, it can be a static string only).

Text string Axigen specific greeting text

smtpAction choice OUT,WO Determine what action the smtp engine shoud take for the current command.

Choice:

• accept - the server accepts the current command

• reject - the server rejects the current command and returns a permanent error

• tmpreject - the server rejects the current command and returns a temporary error

Takes an action conforming with the internal policies

AXIGEN User Manual



109


smtpExplanation text OUT,WO The message sent to the client in case of a reject or tmpreject action.

Text string A default error message

onEhlo

Called after receiving the EHLO message sent by the client.



Range: 0 - 65535

Not Applicable


IP Not Applicable


Range: 0 - 65535

Not Applicable


IP Not Applicable


Choice:



Not Applicable

ehloHost hostname IN,RO The hostname the client declares

Hostname Not Applicable

isESMTP choice IN,RO 'yes' if the client used EHLO, 'no' for HELO

Choice:

• yes - the client used EHLO

• no - the client used HELO

Not Applicable

authUser text IN,RO Name of sucessfully authenticated user

Text string Not Applicable

AXIGEN User Manual



110


('' if the Auth command was incorrectly used)

authMatchFrom choice OUT,WO Verifies if the sender address corresponds to the one used to authenticate.

Choice:

• yes - the sender address corresponds to the one used to authenticate

• no - the sender address does not correspond to the one used to authenticate

yes

mailCount numeric IN,RO Number of succesfully sent mails during this session.

Range: Not Applicable

totalMailSize numeric IN,RO Total size of email messages sent in the respective session (in octets).


remoteDelivery choice IN/OUT,RW Specifies which clients can send remote messages.

Choice:

• all - all clients can send remote messages

• none - no clients can send remote messages

• auth - only authenticated clients can send remote messages

auth

localDelivery choice IN/OUT,RW Specifies which clients can send messages locally.

Choice:

• all - all clients can send

all

AXIGEN User Manual



111


messages locally

• none - no clients can send messages locally

• auth - only authenticated clients can send messages locally

maxRcptCount numeric IN/OUT,RW The maximum number of recipients for an email.

Range: 0 - 1000

1000

maxDataSize numeric IN/OUT,RW The maximum size of a mail message (KB).

Range: 0 - 4294967295

10240

maxReceivedHeaders numeric IN/OUT,RW The maximum size of 'Received' headers after which the email is considered to be looping.

Range: 0 - 4294967295

30

allowStartTLS choice IN/OUT,RW 'yes' if the STARTTLS extension is allowed, 'no' if otherwise.

Choice:

• yes - STARTTLS extension is allowed

• no - STARTTLS extension is not allowed

yes

allowPipelining choice IN/OUT,RW 'yes' if the PIPELINING extension is allowed, 'no' if otherwise.

Choice:

• yes - PIPELINING extension is allowed

• no - PIPELINING extension is not allowed

yes

AXIGEN User Manual



112


allow8BitMime choice IN/OUT,RW 'yes' if the 8BIT extension is allowed, 'no' if otherwise.

Choice:

• yes - 8BIT extension is allowed

• no - 8BIT extension is not allowed

yes

allowBinaryData choice IN/OUT,RW 'yes' if the BINARY extension is allowed, 'no' if otherwise.

Choice:

• yes - BINARY extension is allowed

• no - BINARY extension is not allowed

yes

plainConnAuthTypes multival IN/OUT,RW Allowed authentication types for a plain connection (possible values: 'all', 'none' or a 'plain', 'login', 'cram-md5', 'digest-md5' and 'gssapi' combination).

Values:

• all - All authentication types are allowed for plain connections

• none - No authentication type is allowed for plain connections

• plain - PLAIN authentication is allowed for plain connections

• login - LOGIN authentication is allowed for plain connections

• cram-md5 - CRAM-MD5 authentication is allowed for plain connections

• digest-md5 - DIGEST-MD5

all

AXIGEN User Manual



113


authentication is allowed for plain connections

• gssapi - GSSAPI authentication is allowed for plain connections

secureConnAuthTypes multival IN/OUT,RW Allowed authentication types for a SSL connection (possible values: 'all', 'none' or a 'plain', 'login', 'cram-md5' and 'gssapi' combination).

Values:

• all - All authentication types are allowed for secure connections

• none - No authentication type is allowed for secure connections

• plain - PLAIN authentication is allowed for secure connections

• login - LOGIN authentication is allowed for secure connections

• cram-md5 - CRAM-MD5 authentication is allowed for secure connections

• digest-md5 - DIGEST-MD5 authentication is allowed for secure connections

• gssapi - GSSAPI authentication is allowed for

all

AXIGEN User Manual



114


secure connections

SPFResult choice IN/OUT,RW Result of the SPF check (possible values: 'None', 'Neutral', 'Pass', 'Fail', 'SoftFail', 'TempError', 'PermError'; can be set manually or by calling the 'checkSPF' method; if the result is 'Fail', the subsequent 'MAIL FROM' commands will fail.

Choice:

• None - TBD • Neutral - TBD • Pass - The

message meets the domain's definition for legitimate messages

• Fail - The message does not meet the domain's definition for legitimate messages

• SoftFail - TBD • TemprError -

TBD • PermError -

TBD

None

SPFHeader text IN/OUT,RW The 'Received-SPF' header value; if it's set to '', the header will no longer be added.


SPFExplanation text IN/OUT,RW The explanation associated with the SPF response.



Choice:


• reject - the server rejects the current command and returns a permanent


AXIGEN User Manual



115


error • tmpreject - the

server rejects the current command and returns a temporary error



Methods

Name Explanation Input Parameters Output Parameters checkSPF Calls the SPF module and the

results are stored in the 'SPFResult', 'SPFHeader' and 'SPFExplanation' variables

• SPFResult-Result of the SPF check

• SPFHeader-Value of the Received-SPF header value

• SPFExplanation-Explanation associated with the SPF response

onMailFrom

Called as a result of the 'MAIL FROM' command issued by the client.


smtpPort numeric IN,RO the local listener port the client used to connect

Range: 0 - 65535

Not Applicable


IP Not Applicable


Range: 0 - 65535

Not Applicable

remoteSmtpIp ip IN,RO The remote IP the IP Not

AXIGEN User Manual



116


connection was established from

Applicable


Choice:



Not Applicable




Choice:



Not Applicable

authUser text IN,RO Name of sucessfully authenticated user ('' if the Auth command was incorrectly used)


authMatchFrom choice OUT,WO Verifies if the sender address corresponds to the one used to authenticate.

Choice:

• yes - The sender address corresponds to the one used to authenticate

• no - The sender address does not correspond to the one used to authenticate

yes

mailCount numeric IN,RO Verifies if the sender address corresponds to the one used to authenticate.


AXIGEN User Manual



117





Choice:




auth


Choice:

• all - all clients can send messages locally



all


Range: 0 - 1000

1000

maxDataSize numeric IN/OUT,RW The maximum size of a mail message (KB).

Range: 0 - 4294967295

10240

maxReceivedHeaders numeric IN/OUT,RW The maximum size of 'Received' headers after which the email is

Range: 0 - 4294967295

30

AXIGEN User Manual



118


considered to be looping.


Choice:

• None - TBD • Neutral - TBD • Pass - the


• Fail - the message does not meet the domain's definition for legitimate messages


TBD • PermError -

TBD

None

SPFHeader text IN/OUT,RW The 'Received-SPF' header value; if it's set to '', the header will no longer be added.


mailFrom text IN/OUT,RW The address specified in mail from; if set manually, the new address will be used.


mailFromLocalPart text IN,RO The local part of the address specified in mail from; modified automatically along with the 'mailFrom' value.


mailFromDomain text IN,RO The domain of the mail from address; modified automatically along with the 'mailFrom'


AXIGEN User Manual



119


value. mailFromAuthUser text IN,RO The authenticated

user specified in the mail from command.


mailFromSize numeric IN,RO The email size specified in the mail from command.


HeaderName text OUT,WO See header usage methods.


HeaderValue text OUT,WO See header usage methods.



Choice:







Methods

Name Explanation Input Parameters Output Parameters checkSPF Calls the SPF module

and the results are stored in the 'SPFResult', 'SPFHeader' and 'SPFExplanation' variables

• SPFResult-Result of the SPF check

• SPFHeader-Value of the Received-SPF

AXIGEN User Manual



120

Name Explanation Input Parameters Output Parameters header value

• SPFExplanation-Explanation associated with the SPF response

addHeader Adds the specified header through the 'HeaderName' and 'HeaderValue' variables

• HeaderName-Name of the header field to be added

• HeaderValue-Value of the added field

addIfNotExistsHeader Adds the heather only if no other field with the same name exists



removeFirstHeader Deletes the first instance of a field with the 'HeaderName' name from the header

• HeaderName-Name of the header field to be removed

removeHeader Deletes all instances of the field named 'HeaderName' from the header


modifyHeader Modifies or adds a header

• HeaderName-Name of the header field to be modified (or added if not exists)

• HeaderValue-The new field value

modifyIfExistsHeader Modifies a header • HeaderName-Name of the header field to be modified

AXIGEN User Manual



121

Name Explanation Input Parameters Output Parameters • HeaderValue-

The new field value

onRcptTo

Called as a result of the 'RCPT TO' command issued by the client



Range: 0 - 65535

Not Applicable


IP Not Applicable

remoteSmtpPort choice IN,RO The remote port the connection was established through

Choice: 0 - 65535

Not Applicable


IP Not Applicable


Choice:



Not Applicable




Choice:



Not Applicable

authUser text IN,RO Name of sucessfully authenticated user ('' if the Auth command was incorrectly used)


AXIGEN User Manual



122







Choice:




auth


Choice:




all


Range: 0 - 1000

1000

maxDataSize numeric IN/OUT,RW The maximum size of a mail message

Range: 0 - 4294967295

10240

AXIGEN User Manual



123


(KB). maxReceivedHeaders numeric IN/OUT,RW The maximum size

of 'Received' headers after which the email is considered to be looping.

Range: 0 - 4294967295

30


Choice:





TBD • PermError -

TBD

None

mailFrom text IN,RO The address specified in mail from.


mailFromLocalPart text IN,RO The local part of the address specified in mail from; modified automatically along with the 'mailFrom' value.


mailFromDomain text IN,RO The domain of the mail from address; modified automatically along with the 'mailFrom' value.


mailFromAuthUser text IN,RO The authenticated user specified in


AXIGEN User Manual



124


the mail from command.



rcptCount numeric IN,RO Number of recipients communicated by the client up to the given moment.


currentRcpt text IN/OUT,RW The current address communicated by the client as recipient; it can be set manually, causing the recipient address to change; if after setting it the 'addRcpt' method is called, the newly set address will be added to the one communicated by the client.


currentRcptFolder text IN/OUT,RW In case of delivery to a local domain, it specifies the folder the email message will be delivered to; this variable can also be used to discard delivery to a specific rcpt, if it is set to an empty string.

Text string INBOX

currentRcptLocalPart text IN,RO Local part of the recipient address; modified automatically when setting 'currentRcpt'.


isRcptDomainLocal choice IN,RO States if the recipient domain specified by the client is a local one

Choice:

• yes - the recipient

Not Applicable

AXIGEN User Manual



125


domain specified by the client is a local one

• no - the recipient domain specified by the client is not a local one

isRcptLocal choice IN,RO States if the recipient specified by the client is a local one

Choice:

• yes - the recipient specified by the client is a local one

• no - the recipient specified by the client is not a local one

Not Applicable


Choice:







AXIGEN User Manual



126

Methods

Name Explanation Input Parameters Output Parameters

addHeader Adds the specified header through the 'HeaderName' and 'HeaderValue' variables



addIfNotExistsHeader Adds the heather only if no other field with the same name exists



removeFirstHeader Deletes the first instance of a field with the 'HeaderName' name from the header


removeHeader Deletes all instances of the field named 'HeaderName' from the header


modifyHeader Modifies or adds a header • HeaderName-Name of the header field to be modified (or added if not exists)


modifyIfExistsHeader Modifies a header • HeaderName-Name of the header field to be modified


addRcpt Adds the rcpt specified in 'currentRcpt' and 'currentRcptFolder'.

• currentRcpt-Address to be added in recipient list

AXIGEN User Manual



127

Name Explanation Input Parameters Output Parameters

• currentRcptFolder-Delivery folder

discardRcpt Ignores a client's request of adding a RCPT, without responding with an error

onDataReceived

Called after receiving the message successfully through the DATA or BDAT commands.



Range: 0 - 65535

Not Applicable


IP Not Applicable

remoteSmtpPort number IN,RO The remote port the connection was established through

N/A Not Applicable


IP Not Applicable


Choice:



Not Applicable




Choice:



Not Applicable

authUser text IN,RO Name of sucessfully authenticated user


AXIGEN User Manual



128


('' if the Auth command was incorrectly used)






Choice:




auth


Choice:




all

maxRcptCount numeric IN/OUT,RW The maximum number of recipients for an

Range: 0 - 1000

1000

AXIGEN User Manual



129


email. maxDataSize numeric IN/OUT,RW The maximum size

of a mail message (KB).

Range: 0 - 4294967295

10240

maxReceivedHeaders numeric IN/OUT,RW The maximum size of 'Received' headers after which the email is considered to be looping.

Range: 0 - 4294967295

30


Choice:





TBD • PermError -

TBD

None



mailFromLocalPart text IN,RO The local part of the address specified in mail from.


mailFromDomain text IN,RO The domain of the mail from address; modified automatically along with the 'mailFrom' value.


mailFromAuthUser text IN,RO The authenticated Text string Not

AXIGEN User Manual



130


user specified in the mail from command.

Applicable



rcptCount numeric IN,RO Number of recipients communicated by the client up to the given moment.



Choice:







AXIGEN User Manual



131

4.3.7.2. SMTP Functionalities (II)

onRelay

Called before establishing a relay connection in order to determine the connection parameters.


localInterface ip IN/OUT,RW Local interface IP from which the connection will be attempted.

IP

remoteSmtpPort numeric IN,RO The remote port the connection will be established to

Range: 0 - 65535

Not Applicable

remoteSmtpIp ip IN,RO The remote port IP the connection will be established to

IP Not Applicable

authUser text OUT,WO User name used for authentication to the remote server

Text string None

atuhPasswd text OUT,WO The user's password used to authenticate

Text string





mailFromDomain text IN,RO The domain of the mail from address.


mailFromAuthUser text IN,RO The authenticated user specified in the mail from command.


rcptCount numeric IN,RO Number of recipients communicated by the client.


isFromLocalDomain choice IN,RO 'yes' if the mail Choice: Not Applicable

AXIGEN User Manual



132


was created locally, 'no' if it was received through SMTPIn

• yes - the mail was created locally

• no - the mail was received through SMTPIn

mailSize numeric IN,RO Mail size in octets.

Range: Not applicable

maxConnections numeric OUT,WO Maximum number of allowed connections to the destination host

Range: 0 - 4294967295

5

chunkSize numeric OUT,WO The maximum size of a data block that can be sent through BDAT

Range: 0 - 4294967295

102400B(100KB)

allowStartTLS choice IN/OUT,RW 'yes' if the STARTTLS extension is allowed, 'no' if otherwise.

Choice:

• yes - STARTTLS extension is allowed

• no - STARTTLS extension is not allowed

yes

allowPipelining choice IN/OUT,RW 'yes' if the PIPELINING extension is allowed, 'no' if otherwise.

Choice:

• yes - PIPELINING extension is allowed

• no - PIPELINING extension is not allowed

yes

allow8BitMime choice IN/OUT,RW 'yes' if the 8BIT Choice: yes

AXIGEN User Manual



133


extension is allowed, 'no' if otherwise.

• yes - 8BIT extension is allowed

• no - 8BIT extension is not allowed

allowBinaryData choice IN/OUT,RW 'yes' if the BINARY extension is allowed, 'no' if otherwise.

Choice:

• yes - BINARY extension is allowed

• no - BINARY extension is not allowed

yes

requestAuth choice OUT,WO 'yes' if authentication is mandatory, 'no' if otherwise

Choice:

• yes - authentication is mandatory

• no - authentication is not mandatory

no

strict7BitMime choice OUT,WO 'yes' if transmitting binary data to clients that do not advertise supporting such data is not allowed

Choice:

• yes - transmitting binary data to clients that do not advertise supporting such data is not allowed

• no - transmitting binary data to clients that do not advertise supporting such data is

yes

AXIGEN User Manual



134


allowed

sslEnabled choice OUT,WO 'yes' if the purpose is to establish a SSL connection

Choice:

• yes - The connection is established with SSL enabled

• no - The connectin is established with SSL disabled

no

plainConnAuthTypes multival IN/OUT,RW Allowed authentication types for a plain connection (possible values: 'all', 'none' or a 'plain', 'login' and 'cram-md5' combination).

Values:

• all - All authentication types are allowed for plain connections

• none - No authentication type is allowed for plain connections

• plain - PLAIN authentication is allowed for plain connections

• login - LOGIN authentication is allowed for plain connections

• cram-md5 - CRAM-MD5 authentication is allowed for plain

crammd5

AXIGEN User Manual



135


connections

secureConnAuthTypes multival IN/OUT,RW Allowed authentication types for a SSL connection (possible values: 'all', 'none' or a 'plain', 'login' and 'crammd5' combination).

Values:

• all - All authentication types are allowed for secure connections

• none - No authentication type is allowed for secure connections

• plain - Plain authentication is allowed for secure connections

• login - Login authentication is allowed for secure connections

• crammd5 - Crammd5 authentication is allowed for secure connections

all

onDeliveryFailure Called when the mail delivery failed for a certain group of recipients.




mailFromLocalPart text IN,RO The local part of the address specified in mail


AXIGEN User Manual



136


from. mailFromDomain text IN,RO The domain of

the mail from address.






sendNDR choice OUT,WO Specifies if the NDR will be sent or not

Choice:

• yes - The NDR will be sent

• no - The NDR will not be sent

yes

ndrAttachSource choice OUT,WO Specifies if the original email message will be attached to the NDR

Choice:

• no - original email is not attached to the NDR

• yes - original mail is entirely attached to the NDR

• header - only the header of the original mail is attached to the

yes

AXIGEN User Manual



137


NDR

ndrSubject text OUT,WO Email subject sent as NDR (by default it is a hard-coded message)

Text string TBD

ndrSender text OUT,WO The Mail From field of the NDR header

Text string mailer-daemon@'primaryDomain'

ndrMessage text OUT,WO Text of the NDR message

Text string TBD

ndrRcptMessage text OUT,WO Part of the message specified for each recipient individually; it can refer to the 'ndrRcptAddress' and 'ndrRcptFailInfo' fields

Text string TBD

ndrMessageFooter text OUT,WO Message ending of the NDR mail

Text string TBD

ndrRetryCount numeric IN,RO No. of delivery retries.


ndrRcptAddress text IN,RO Recipient address for which the delivery has failed. - can only be used when setting the 'ndrRctpMessage' variable

Text string

ndrRcptFailInfo text IN,RO Reason for which delivery has failed for a certain user - can only be used when setting the 'ndrRcptMessage' variable

Text string

AXIGEN User Manual



138

onTemporaryDeliveryFailure

Called when the mail delivery has temporarily failed for a certain group of recipients.


mailFrom text IN/OUT,RW The address specified in mail from.




mailFromDomain text IN,RO The domain of the mail from address.






sendNDR choice OUT,WO Specifies if a temporary error NDR will be sent or not

Choice:

• yes - The temporary error NDR will be sent

• no - The temporary error NDR will not be sent

no

ndrAttachSource choice OUT,WO Specifies if the original email message will be attached to the NDR

Choice:

• no - original email is not

header

AXIGEN User Manual



139


attached to the NDR

• yes - original mail is entirely attached to the NDR

• header - only the header of the original mail is attached to the NDR

ndrSubject text OUT,WO Email subject sent as NDR (by default it is a hard-coded message)

Text string TBD

ndrSender text OUT,WO The Mail From field of the NDR header

Text string mailer-daemon@'primaryDomain'

ndrMessage text OUT,WO Text of the NDR message

Text string TBD

ndrRcptMessage text OUT,WO Part of the message specified for each recipient individually; it can refer to the 'ndrRcptAddress' and 'ndrRcptFailInfo' fields

Text string TBD

ndrMessageFooter text OUT,WO Message ending of the NDR mail

Text string TBD

AXIGEN User Manual



140


ndrRescheduleDate numeric IN,RO Date the email is scheduled to be delivered again

Range:

ndrRetryCount numeric IN,RO No. of delivery retries.


ndrRemainingRetryCount numeric IN,RO No. of remaining delivery retries after which the mail delivery will be abandoned.


ndrRcptAddress text IN,RO Recipient address for which the delivery has failed. - can only be used when setting the 'ndrRctpMessage' variable

Text string

ndrRcptFailInfo text IN,RO Reason for which delivery has failed for a certain user - can only be used when setting the 'ndrRcptMessage' variable

Text string

4.3.7.3. Examples of Policies

event onConnect

Custom banner for all connections set(SMTPGreeting, "Axigen ESMTP ready (%smtpIp%:%smtpPort% <-> %remoteSmtpIp%:%remoteSmtpPort%)"); Custom banner for IP 192.168.1.2 if(is(remoteSmtpIp, "192.168.1.2")) { set(SMTPGreeting, "Exception IP Banner Greeting"); } Drop all SMTP connections from IP 10.10.5.4 if(is(remoteSmtpIp, "10.10.5.4")) { set(SMTPAction, "reject"); set(SMTPExplanation, "Banned IP address: %remoteSmtpIp%"); }

AXIGEN User Manual



141

event onEhlo

Enable SPF checking: call(checkSPF); Increase maximum SMTP mail size for all IPs in class 192.168.21.0/255.255.255.0 if(iprange(remoteSmtpIp,"192.168.21.0/255.255.255.0")) { set(maxDataSize, "102400"); # 100MB instead of the default 10MB } Deny STARTTLS for IP 192.168.21.13 and 10.10.5.4 if(anyof( is(remoteSmtpIp, "192.168.21.13"), is(remoteSmtpIp, "10.10.5.4") )) { set(allowStartTLS, "no"); } Deny most ESMTP extensions (for use with some SMTP gateways or legacy MTAs) set(allowPipelining, "no"); set(allow8BitMime, "no"); set(allowBinaryData, "no"); Increase maximum data size for encrypted connections if(is(isSSLConnection, "yes")) { set(maxDataSize, "102400"); }

event onRcptTo

Enable a catchall account for domain example.org if (allof( is(currentRcptDomain, "example.org"), is(isRcptLocal, "no") )) { set(currentRcpt, "[email protected]"); } Redirect mails to a specific address if(is(currentRcpt, "[email protected]")) { set(currentRcpt, "[email protected]"); } Decrease maximum number of Received headers for local deliveries if(is(isRcptLocal, "yes")) { set(maxReceivedHeaders, "10"); # 10 Received headers instead of the default 30 } Setting a different interface from the general one for certain recipients if ( match(remoteSmtpHost, "someonesdomain\.com$") ) { set(localInterface, "yyy.yyy.yyy.yyy"); } Allowing relay from a specific IP address/domain (10.11.12.13) if (allof( is(isRcptDomainLocal, "no"), # Local domain delivery must always be allowed (all) not(is(remoteSmtpIp, "10.11.12.13")) # Allow this IP destination )) { set(smtpAction, "reject");

AXIGEN User Manual



142

set(smtpExplanation, "Relay denied for <%currentRcptDomain%>"); }

event onRelay

Force sending binary mails to a specific domain if (is(remoteSmtpHost, "example.org")) { set(strict7BitMime, "no"); } Relay all mails through your ISP's mail server, using authentication set(remoteSmtpIp, "192.0.2.4"); Ignore the next 3 lines if your ISP server does not require authentication set(authUser, "isp-username"); set(authPasswd, "secret"); set(requestAuth, "yes"); Redirect all mails larger than 10Mb to a specific SMTP SSL host if(greaterThan(mailSize, "10240")){ set(remoteSmtpIp, "192.168.1.1"); set(remoteSmtpPort, "465"); set(sslEnabled, "yes"); } Change the EHLO host for relays: set(ehloHost, "mail.example.org");

event onDeliveryFailure

Change the NDR message subject and sender set(ndrSubject, "Failure notice"); set(ndrSender, "MAILER-DAEMON"); If you want to disable seding NDRs set(sendNDR, "no"); Customize NDR messages for example.org domain if(is(mailFromDomain, "example.org")){ # match only example.org failures set(ndrMessage, "Sorry,\nI could not deliver your e-mail to:\n"); set(ndrRcptMessage, "%ndrRcptAddress% \nbecause I received the: %ndrRcptFailInfo% error\n"); set(ndrMessageFooter, "Please do not reply to this message"); } Only include headers if original mail size is over 1Mb if(greaterThan(mailSize, "1024")) { set(ndrAttachSource, "header"); } else { set(ndrAttachSource, "yes"); }

AXIGEN User Manual



143

event onTemporaryDeliveryFailure

Send a temporary delivery failure message if(is(ndrRetryCount, "3")){ set(sendNDR, "yes"); set(ndrMessage, "*THIS IS A WARNING ONLY. THERE IS NO NEED TO RESEND YOUR MESSAGE*.\nYour message could not be delivered to the following recipients:\n"); set(ndrRcptMessage, "%ndrRcptAddress% : %ndrRcptFailInfo%\n"); set(ndrMessageFooter, "The message will be retried %ndrRetryCount% times\n"); }

An example of relaying messages through AXIGEN before relaying with a different MTA

event onRcptTo{ if ( anyof ( is(currentRcptDomain, "yourdomain.com"), is(currentRcptDomain, "yourotherdomain.com"), is(remoteSmtpIp, "xxx.xxx.xxx.xxx"), )) { set(remoteDelivery, "all"); } else { set(remoteDelivery, "none"); } event onRelay{ if ( anyof ( match(remoteSmtpHost, "yourdomain\.com$"), match(remoteSmtpHost, "yourotherdomain\.com$"), )) { set(remoteSmtpIp, "xxx.xxx.xxx.xxx"); set(localInterface, "yyy.yyy.yyy.yyy"); } }

AXIGEN User Manual



144

5. User and Domain Configuration AXIGEN provides you with unmatched configurability for domain, user, forwarder and mail list configuration. For each type of entity, AXIGEN allows you to configure anything from services to run to advanced parameters regarding mailbox characteristics and WebMail behavior.

5.1. Domains

In AXIGEN, domain management has several features that give you full and easy control of administered domains while enabling you to fine tune resource allocation for each of these domains. Two administration tools allow you to create domain databases and domains:

• WebAdmin - also gives you access to all advanced domain configuration parameters, see Domains tab

• CLI - see Configuring AXIGEN using CLI for more details

Important! When creating domains, one message storage location is recommended for each predicted 20GB of message occupied storage space. For larger spaces, additional message storage locations should be created to correspond to the number of 20GB storages you need. You can add multiple message storage locations using CLI only within the domain creation context. After creating the domain, additional locations cannot be added. The command to create multiple message storage locations is as follows: ADD MessagesLocation <path> Domain settings in AXIGEN are available at the following levels:

• General You can define as many secondary domains as allowed by your license type, and for each of these domains, as many aliases as you need. For information on setting the primary domain in WebAdmin, see Other Generic Server Parameters. You can also specify the services to run for this domain, assign an IP address to this domain, set the mailbox quota for accounts within this domain and a message/account storage locations. See Domain General Configuration for information on how to configure general domain parameters using WebAdmin.

• Migration If switching from a different mail server to AXIGEN, you can migrate all domain data automatically using WebAdmin, or using a script in CLI. This way, all domain accounts and messages are migrated effortlessly in a matter of minutes. See Domain Migration Data for information on how to configure migration parameters using WebAdmin. Important! Some mail servers allow you to create folder names containing the "/" character. AXIGEN cannot migrate folders whose names contain this specific character, therefore you need to rename them before migrating, so that the process is completed successfully.

AXIGEN User Manual



145

• Filtering For each configured domain, you can add and activate any number of filters. This way you can implement different security policies for different domains. For general information on filter types available in AXIGEN, see Mail Filtering. For detailed information on how to configure filters, see Domain Filter Configuration. Further advanced settings, defining Inbox folders, limits and quota for each user account are also available in the Domains tab. Domains and accounts can also be added using the Command Line Interface, but the best option for domain configuration is WebAdmin, which gives you easy access to all the categories of parameters mentioned above.

AXIGEN User Manual



146

5.2. User Accounts

In AXIGEN, account and user management has several features that give you full and easy control of administered accounts while enabling you to fine tune resource allocation for each of these accounts. Note that in order to create an account, you need to first create a domain. For details on how to create domains in AXIGEN, see the Creating a New Domain section. Two administration tools allow you to create domains and accounts:

• WebAdmin - also gives you access to all advanced account configuration parameters, see Accounts tab

• CLI - see Configuring AXIGEN using CLI for more details

Account settings in AXIGEN are available at the following levels:

• General You can define as many accounts as allowed by your license type, and for each of these accounts, as many aliases as you need. At the account level, you can also specify the services to run. This is a distinctive feature of AXIGEN, as you can easily selectively restrict access to one or more services (i.e. WebMail) for certain users within one domain. You can also view the current mailbox size for an account, specify the mailbox quota for accounts and limit the number of messages sent per hour from that account. See General Account Configuration for information on how to configure general domain parameters using WebAdmin.

• WebMail For account behavior in WebMail, AXIGEN provides a variety of parameters allowing you to set attachment size and number limits, mail size limits, the maximum number of simultaneous sessions, and the HTML filtering level for email messages. You can make special settings for one account or use the one inherited from domain level. See Account WebMail Data for information on how to configure WebMail parameters using WebAdmin.

• Filtering For each configured account, you can add and activate any number of filters. This way you can implement different security policies for different accounts For general information on filter types available in AXIGEN, see Mail Filtering. For detailed information on how to configure filters, see Account Filter Configuration. Further advanced settings, defining Inbox folders, limits and quota for each user account are also available in the Accounts tab. Accounts can also be added using the Command Line Interface, but the best option for account configuration is WebAdmin, which gives you access to all the categories of parameters mentioned above.

AXIGEN User Manual



147

5.3. Forwarders

Forwarders are functional entities meant to forward emails to specified email addresses. A forwarder is a RCPT within the domain to which it is assigned. Forwarders do not have an actual mailbox. Using forwarders, you can make sure that several recipients get email from a published email address (i.e. [email protected]). Also, you can change the recipient email addresses without having to change the published email address. The forwarder receives emails at the [email protected], where name is the value of the name parameter and domain is the value of the domain parameter as set on forwarder definition. In AXIGEN, the maximum number of forwarders that can be defined for a server/domain cannot be greater than the number of licensed mailboxes. These administration tools allow you to create and configure forwarders:

• WebAdmin - also gives you access to all advanced forwarder configuration parameters, see Forwarders tab.

• CLI - see Configuring AXIGEN using CLI for more details.

AXIGEN User Manual



148

5.4. Lists

List Server Overview In AXIGEN, the integrated list server provides advanced lists administration options. For each list, advanced parameters allow administrators to specify:

• AXIGEN services running, content type, what messages are moderated messages, what headers to remove.

• WebMail specific settings allow configuring the way mail lists are viewed and managed on the Web (see List WebMail Settings).

AXIGEN List Server also provides RFC compliant templates / macros for automated list interaction which allow you to add header text and other types of text before and after the message body.

For each list, standard text messages can be specified to be returned in the following cases: invalid user name, unknown user, request needs confirmation, user already subscribed, rejected response, welcome text, goodbye text, subscribe denied, etc. All these advanced parameters guarantee easy list administration and easily definable custom appearance and behavior for each list. For information how to configure advanced parameters, see Advanced List Settings

Administration of the Mail List The current version of AXIGEN Mail Server does not differentiate, from an operational point of view, a list administrator from a list moderator. This operational difference will be featured in a next version of AXIGEN Mail Server. Therefore, currently the person who creates the mail list will act as both administrator and moderator of the list created. Also, please note that, list users are distinct from user mailboxes, even if both entities are administered using AXIGEN Mail Server. Message Flow for AXIGEN List Server From the moderator / administrator point of view, the folders below describe the flow for a message sent to a list managed with AXIGEN Mail Server:

• INBOX: stores all messages that have been already delivered are to be delivered. • PendingRequests: stores all the requests that have to be confirmed by the administrator. The

administrator can confirm a message in this folder by moving it to ConfirmedRequests. • Requests: stores all requests that need to be confirmed by their senders (for instance

subscription requests). When such a confirmation is received and verified, the request is moved to ConfirmedRequests.

• ConfirmedRequests: stores all requests confirmed by their senders. • Pending: stores all messages that need to be moderated. The moderation is executed by

moving the corresponding message to:

1. INBOX (the message will be published) 2. Reject (the message is automatically rejected), 3. ToBeRejected (the message is stored for a future manual reject)

• Reject: When a message arrives in this folder, the sender of the message receives a reject message and the original message is moved to Deleted.

• ToBeRejected: stores messages that need to be manually rejected by one of the list moderators.

• Deleted: Here are stored all messages that have been rejected by list moderators.

AXIGEN User Manual



149

From the mail list user point of view: A mail list user would interact with the list in different stages: when subscribing to the mail list, when confirming his/her subscription, when making a request, when accessing the list WebMail page or root mailbox, etc. The answers received from the list server are generated automatically, depending on the initial configuration of the mail list (done by the administrator) and the administrator's corresponding actions. Templates explained From a mail list administrator/moderator point of view, most of the messages send as answers on a mail list created and operated with AXIGEN Mail Server are in fact expanded macros or templates.

All macros have the following form: %[-][width][.precision]{macro letter}

Here is the algorithm used when expanding these macros: len = strlen(macro text); width default = 0; precision default = INT_MAX; left pading default = false; if minus => left pading = true; precision = min (len, precision); pading = max (0, min(512, pading - precision)); if left pading => the trailing spaces are inserted before macro text ; if not => the trailing spaces are inserted after the macro text; Here is the list of macro letters and their meanings:

• l - Name of the list • d - The domain name of the list. • r - A short description of the list. • o - Operation to be executed (this option is valid only for the answers sent to requests). • e - Address of the original message sender. • i - Identity confirmation. This is a message in the following format: "confirm {ID message}

{random number}" Note that this option can also be used as a boundary when building multipart messages.

• x - Row • M - Original message (populated only for answers to automatically rejected messages. • f - Sender of the message (can be either a name or an e-mail address). • w - Original message date. • s - Original message subject. • m - Original Message ID • n - The number of the digest message.

For detailed information on how to configure mail lists in WebAdmin, see Lists tab. Lists can also be configures using CLI - see Configuring AXIGEN using CLI.

AXIGEN User Manual



150

5.5. Public Folders

Starting with version 2.0, AXIGEN supports Public Folders for the WebMail and IMAP services. System administrator can also associate a certain email address with a domain’s public folder. Thus, emails can be sent directly to the public folder, access being given instantly to all the account users within the respective domain. Public folders are defined per each domain managed by AXIGEN. To have a functional public folder, system administrators have to first configure the public folder and its subfolders (or Mboxes) and then associate a Folder Recipient to each defined subfolder. The Postmaster of each domain can create and/or delete folders an messages within the Public Folder, while the rest of the users have reading rights only on the existing folders and messages. While they cannot permanently delete messages from the Public Folders, when using WebMail, users can mark the messages they choose as deleted and also hide the emails with such marks. Also, certain email clients (such as Outlook) allow a similar behavior: marking for deletion and hiding such messages. Thus, users are not compelled to view messages that do not interest them. Users can set other types of flags for their Public Folders, such as Read/Unread or Flagged/Unflagged. These options are available both in WebMail and in email clients (depending on their features), and affect the email messages of the respective individual account, not the actual content of the Public Folders. For more details on marking, flagging and hiding email messages in WebMail, see WebMail Features and Configuration. Configuring Public Folders When configuring parameters relative to public folders, first you need to choose the domain you want to edit. To do so, using WebAdmin, select the Domains tab, then click on the Edit button corresponding to the desired domain.

To edit the domain’s public folders, select the Public Folders page:

AXIGEN User Manual



151

The selected page has three sub-pages, General, Quota and MBoxes.

For further details on public folder parameters configuration via WebAdmin, see the corresponding documentation section.

Associating Folder Recipients to Public Folders When defining public folders using the Domains tab, system administrators simply define the folders as they appear for domain users in the WebMail interface or in IMAP email clients. For example, the previously defined Meetings, Partners and Technology mboxes, will be displayed in the WebMail interface as in the following picture:

AXIGEN User Manual



152

To actually associate an email address to a public folder Mbox, administrators need to define FolderRCPTs. Folder recipients are used to specify a certain folder within a domain's Public Folder to which email messages should be delivered. This feature is only available for mailboxes within the local domains and allows users to deliver messages directly to a specified folder in the recipient mbox. Folder recipients can be configured in WebAdmin using the FolderRCPTs tab. Within this tab, select the domain you are interested in and use the Mbox name to add a new FolderRCPT. In the next picture, the Employees folder recipient is created for the example.com domain’s public folder.

When creating a folder recipient, an email address of the type mbox@domain will be created automatically, i.e. [email protected] in this specific case. Further sub-pages are available to configure all needed parameters.

AXIGEN User Manual



153

For details on how to configure these parameters, see the FolderRCPTs tab in the WebAdmin configuration chapter. 6. Working with the WebMail Module in AXIGEN This chapter presents the AXIGEN WebMail Service and its features and configuration from a user's point of view. The sub-pages of this section will present in detail how to connect to the WebMail interface, how to manage the respective user account, how to add contacts to the address book or how to create or manage email messages and WebMail folders. When accessing the WebMail interface through a browser, the individual user can configure all parameters relative to their respective account, except for the mail quota limitations which are imposed by the system administrator. For an overview of the WebMail service in AXIGEN, see the corresponding section in the Architecture Chapter. For tips on how to configure WebMail parameters and behavior using WebAdmin, see the WebMail tab in the corresponding chapter.

AXIGEN User Manual



154

6.1. Accessing the WebMail Interface

Connecting to AXIGEN WebMail To connect to AXIGEN WebMail, enter in your browser the IP:port combination where your AXIGEN WebMail service is running. If you are accessing WebMail from the machine on which AXIGEN is installed, this address is by default, http://127.0.0.1:8000. Remote access If you are accessing the WebMail from a different machine, you need to set in the listener's address parameter the IP address of the machine on which AXIGEN is installed. Or, you can set this parameter to 0.0.0.0 (in this case, the listener will listen to all machine interfaces). When accessing the AXIGEN WebMail, you need to replace the 127.0.0.1 IP from the URL with the IP address of the machine on which the AXIGEN Mail Server is installed. For example, if the machine running AXIGEN has the 192.168.1.1 IP address, change the IP/port data under Server->Webmail->Listeners->Address to match your IP/port:server { ... web { ... listeners = ( { ... address = 192.168.1.1:9000 enable = yes

Remember to reload your AXIGEN Mail Server after each change in the configuration files. In the window thus displayed, enter the WebMail username and password provided by the system administrator.

AXIGEN User Manual



155

Note: To have the list of available domains displayed on the WebMail login page, make sure you have the following settings: - the showDomainList parameter from the WebMail tab is set to "yes"; - the showWebmailLogin parameter from the Domains > General page corresponding to your existing domains is set to "yes".

AXIGEN User Manual



156

6.2. WebMail Features and Configuration

Navigating in Your WebMail Account

The left panel of your WebMail account displays (under the account name) a tree structure containing the folders currently existing in your WebMail account. When first accessing your WebMail account, the structure looks like this:

And here is an example of a WebMail user account:

AXIGEN User Manual



157

Use the folder structure on the left to browse the messages from your WebMail account. The headers of the messages from the folder selected in the left panel are displayed on the upper right panel. When selecting an email from the upper right panel by clicking on it, the message body will be displayed in the lower right Preview Pane. The Preview Pane can also be moved to the right of the message list. By default, the Preview Pane displays the sender, recipient(s) and date details of the email horizontally. To have them displayed vertically, press the "+" icon in front of the Subject line, as shown in the below picture.

Through the Public Folders, users may now share email messages by simply copying and/or moving them to a public folder. System administrator can also associate a certain email address with a public folder. Thus, emails can be sent directly to the public folder, archiving options being also available. While they cannot permanently delete messages from the Public Folders, when using WebMail, users can mark the messages they choose as deleted and also hide the emails with such marks. Thus, users are not compelled to view messages that do not interest them. Users can set other types of flags for their Public Folders, such as Read/Unread or Flagged/Unflagged. These options affect the email messages of the respective individual account, not the actual content of the Public Folders. Creating/Renaming/Copying/Deleting Folders in WebMail Use the icons in the lower part of the left WebMail pane to create a new folder in your WebMail account, rename a currently existing folder, copy the current folder or delete the current folder.

The icons in this area have the following meanings:

• = create a new folder or a new sub-folder in an existing WebMail folder; • = rename current folder; • = move the current folder to the root structure or to another folder; • = delete the current folder.

When clicking on the any of the icons, a new pop-up window is displayed, allowing you to select on which folder you want to make changes. For example, when creating a new folder, the window below is displayed:

AXIGEN User Manual



158

Select the location for your new folder from the directory tree, specify the name of the new folder in the Folder name text area, then press the Create button. All folder options, creating, moving, deleting and renaming, have explicit instructions in their respective pop-up windows. Working with messages in AXIGEN WebMail

• Main Button Bar

Use the New button to create a new email message. The Reply and Reply to All buttons allow you to reply to a particular email message or to all previously selected messages. Use the Forward button to redirect a received email to a different recipient and the Copy button to make a copy of an email message to a different folder. The Delete button allows you to delete the previously selected messages. For further actions on email messages, use the More actions drop down menu, which allows you to add a new contact, select a message, select all messages, invert a previous selection, deselect all messages or forward an email as attachment.

AXIGEN User Manual



159

• Searching within your email account

You can search through the existing email messages stored in your account using the search option in the left uppermost corner of the WebMail page, above the folders tree structure.

The Search function also supports internationalized searches. Having this feature, language-specific characters can now be used when running a search (i.e. using diacritics). Type your search query in the search filed, then press the Go button. The search results will be displayed in the same window.

• Marking messages

To mark a message, you must first select it in the upper panel by clicking on it. Then choose one of the options displayed in the Mark as dropdown box:

• Select Mark as read to set the status of the currently selected message(s) to Read. • Select Mark as not read to set the status of the currently selected message(s) to Not read. • Select Flagged to add a flag to the currently selected message(s). • Select Not Flagged to delete the flag for the currently selected message(s). This option is only

available for previously flagged messages. • Select Deleted to mark a message as deleted (it will be displayed in strikethrough style).

When marking certain messages as deleted, you can also choose to hide them by pressing the Hide deleted button

• Select Not deleted to remove a deleted mark from a certain email message.

AXIGEN User Manual



160

• Deleting messages

To delete one or more messages, select the message(s) and click on the Delete button under the Settings and Logout buttons (lower part, WebMail upper right panel). Depending on the value set by the administrator in the account.cfg file for deleteToTrash parameter or of the corresponding user setting in WebMail, the deleted message will be sent to the Trash folder or be permanently deleted.

• Composing a new message

To compose a new message, press on the New button. A pop-up window similar to the one below is displayed.

Steps for editing a new message in AXIGEN WebMail The steps for editing a new message in AXIGEN WebMail are:

1. Enter the email addresses of the recipients in the To: field of the messages (separated by commas if multiple). You can also add email addresses from your existing address book. To do so, press the Addressbook button. The Addressbook gives users access to contacts defined for their account and also to Public and Domain contacts. First select the needed contact list, then select a specific one. Email addresses can be added automatically to the 'To', 'Cc' or 'Bcc' fields. To do so, click on the address to select it, then click the To, Cc or Bcc buttons. Press the OK button when you are done adding recipients or the Cancel button to quit.

AXIGEN User Manual



161

For any of these three address fields, when typing the recipient addresses, if the respective addresses are already in your address book, the autocomplete function will be enabled. Therefore, you can select the correct address and press Enter.

2. Use the Check button to verify the validity of the email addresses you have inserted. 3. Specify the subject of your message in the Subject: field 4. Edit your message in the message body. 5. Add attachments to your message by pressing on the Attach button. To add an attachment,

press on Browse, specify the path to the attachment and then press on the Attach button again. To delete an existing attachment, press on the [delete] link corresponding to the attachment you want to delete. To add multiple attachments, press the Attach a file button as many times as you need.

6. After adding one or more attachments to a WebMail message, the attachment list is displayed in the lower part of the screen. You can delete the attachments one by one, by clicking on the corresponding [delete] link.

7. You can save a draft of your current message at any time by pressing on the Save to Drafts button and resume its editing at a later time.

Quitting your WebMail account To close the current WebMail session, select the Logout icon (right upper corner, WebMail upper right panel). AXIGEN Mail Server WebMail users can configure their WebMail accounts as they wish, but there are certain limitations imposed by the administrator (in terms of attachment size, mailbox quota, etc.).

AXIGEN User Manual



162

WebMail Account Settings To access the WebMail account parameters, press the Settings button on the upper menu bar, next to the Logout button. When pressing the button, users are given access to five configuration tabs:

• Personal Data - containing options relative to the user's personal details; • Contacts - listing the page of available contact and allowing users to add new contact details; • WebMail Data - gives access to settings managing the webmail account behavior (all these

parameters can be configured via WebAdmin from the Account > WebMail Data page); • Filters - gives access to filter configuration using the AXIGEN Rules Wizard; • RPOP Connections - This feature allows you to organize users communication by retrieving

email from other remote accounts. • Account Info - quota related parameters can be viewed in this page.

AXIGEN User Manual



163

6.2.1. Configuring Personal Data

While on the Personal Data page, users can define personal details such as their first and last name. They can also change the current password to their WebMail account.

General Information To set your first and last name, use the two corresponding text fields, First name and Last name. To choose a nickname, use the Nickname field.

Personal Details You can specify a personal email, for non-professional purposes in the Personal email field. You can specify your phone numbers in the Phone and Mobile Phone fields. To specify your home phone and address data, use the Home address and Home phone fields. Your Password The password previously defined by the administrator when creating the account can be changed from the Personal Data page. To do so, users have to first type their current password in the Old password field, then type a new one using the Password field and finally confirm the new selected password in the Retype password field. Business Details Use the Business phone, Business address and Business email fields to specify your office contact details.

After modifying any of these parameters, remember to press the Save changes button (lower left or upper left corner of the page) to save these changes. Use the Cancel button next to Save changes to cancel the changes you have just made instead of saving them.

AXIGEN User Manual



164

6.2.2. Adding Contacts in Webmail

When first accessing the Contacts page of the WebMail settings, a list of the existing contacts is displayed.

To delete an existing contact, use the delete icon on the right of the contact you would like to remove. To edit an already existing contact, press its corresponding edit icon Press the Import contacts button to import external addressbooks that were saved locally. When pressing the button, the screen below is displayed under the contacts list:

Click the Browse button to specify the path to the desired external addressbook, then click on the Import contacts button. Should you choose to abort, press the Cancel button. Use the add new contact button to create a new contact. Whether editing or adding a contact, the options displayed are the same as shown below.

AXIGEN User Manual



165

Contact's General Info Use the Email, First Name and Last name text fields to specify the name and email address of the new contact you want to add. To specify the contact's nickname, use the Nickname field. Personal Details You can specify a personal email, for non-professional purposes in the Personal email field. You can specify the contact's phone numbers in the Phone and Mobile Phone fields. To specify the home phone and address data, use the Home address and Home phone fields.

Contact's Business details Using the Business email field you can specify the business email address for your new contact. Use the Business phone and Business address fields to specify the office contact details. Notes and Attributes You can further use the Notes text field to type any information regarding the currently edited contact. Should these parameters not suffice in defining your contacts, you can add new attributes and values to the predefined ones existing in WebMail.

Use the add new element button to add extra fields for the currently edited contact. Each such attribute is defined by a name and a value assigned to the given name. To delete an element, use the delete button corresponding to its name and value.

AXIGEN User Manual



166

6.2.3. WebMail Data Settings

When accessing the WebMail Data page, users have access to settings used to configure the behavior of their WebMail account.

Appearance Use the Skin name dropdown box to select the skin of your WebMail account. At this time three options are available, Default, Coolwater and Webreflection. The Language drop down menu allows you to select the language of the WebMail account. Available choices are English (en), Romanian (ro), German (de) Norwegian (no), Dutch (nl), Spanish (es), Portuguese (pt), Italian (it), Danish (dk) and Swedish (se). The HTML Body Filtering level specifies which HTML filtering level will be used when displaying HTML format messages. The HTML filtering level stand for the following:

• No Filtering • Low level filtering - converts the message to standard XHTML • Medium level filtering - generates the email body based on a list of known/allowed attributes

and tags. Anything that is not on this 'allowed list' is removed. This level removes java script, styles, etc.

• High level filtering - generates the email body based only on text components. This means that only plain text components remain in the message. This forth level is the strictest and may actually damage some formatting, but it is also the safest.

AXIGEN User Manual



167

The Page size text box allows the user to specify the number of messages displayed on one WebMail page. Use the Week start date dropdown menu to select a day to be displayed first in the week for your calendar. To specify your Time Zone, use the corresponding dropdown menu. The Signature text filed is used to create a private signature to be appended to all the emails sent from this WebMail account. Preferences Choose to be asked for confirmation before emptying a folder using the Confirm empty folder dropdown box. Choose to ask for a confirmation when an email message is deleted using the Confirm delete mail dropdown box. Use the Delete to Trash dropdown box to specify if a message deleted from your WebMail account is saved to Trash folder ("yes") or permanently deleted. To have a copy of sent messages saved in the Sent folder, choose the value "yes" for the Save to sent parameter. Set the refresh interval for your WebMail interface using the Auto refresh dwopdown box. Available options are 1, 2, 10, 15, 20, 30 minutes or 'disabled'. Configuring your signature To configure a signature that will be appended to all your outgoing emails, use the Signature text field. After changing any of the settings above, remember to press the Save changes button to save the new values.

AXIGEN User Manual



168

6.2.4. Mail Filtering in WebMail

The filter wizard accessible from the Filters page allows user to easily create a filtering system to manage their email flow. Moreover, auto replies can be set for all or certain received email messages. When first accessing the Filters page, a list of the already defined filters if displayed. If no filter has been previously set, the list will be blank.

To delete a filter, use the Delete button on the right of the respective filter. To edit an existing filter, press its corresponding Edit button. Press the Create filter button to create a new filter. To create an automatic reply for certain/all messages, press the Create responder button. Whether creating a new filter or editing an existing one, the options displayed are the same.

Use the name text filed to specify a name for the currently defined filter. You can further to select if the messages filtered should match all or any of the defined criteria using the corresponding checkboxes. Use the Actions areas to define the actions to be taken if an email message matches the specified criteria.

AXIGEN User Manual



169

- use this icon to add a new criterion and/or a new action; - use this icon to remove one of the previously created criteria and/or actions.

When setting a Responder (automatic reply) to be sent to the email messages matching the defined filter, the following fields need to be configured:

Use the Subject and the Message fields to define the subject and body of the email response to be sent. When you are done configuring the filter or responder, press the Save changes button.

AXIGEN User Manual



170

6.2.4.1. WebMail Filters Overview

The mail filtering features allow users to create named filters and specify actions to be taken on the matching messages. A filter is composed of a set of 'filtering expressions' or "expressions" and a set of actions. An expression (filtering expression) is composed of a header name, an operator and an optional value. The expression can be applied to a mail message and will give a matching/unmatching response. A filter contains the following:

• Name • Priority • Enabled/Disabled state • ExpressionOperator: operator to compose multiple filtering expressions (And/Or) • Expressions • Actions

A (filtering) expression contains the following • Header: the mail message header the expression to witch the matching criteria will be applied • Operator: operator specific to the header type • Value(optional): a value that the operator may need (depends on the operator)

Supported Headers/Operators/Values

Header(s) Supported operators

(negated or not)

Supported values Comments

Subject To To or Cc Cc Custom

Contains Is Begins with Ends with

String When Custom is selected the name of the custom header must be specified.

From Contains Is Begins with Ends with

String

Size Is greater than Is lower than

String describing size, e.g.: 1024 (bytes) 1K (1 kilobyte = 2^10 bytes 1M (1 megabyte = 2^20 bytes) 1.4G (1.4 gygabytes = 1.4 * 2^30 bytes)

AXIGEN User Manual



171

Action Data

Action Data Type Description Move to string The path to the location is given

as UTF8 Copy to string The path to the location is given

as UTF8 Delete (move to trash)

(none) (none) The message will be moved to trash.

Forward to email address The message will be forwarded to the given email address. No copy will be saved.

Vacation days number mininum > 0 maximum > 7 (must) maximum > 30 (should) if omitted, days defaults to 7 or minimum (whichever is greater)if given value > maximum, days defaults to maximum if given value < minimum, days defaults to minimum

subject string (utf8) Alternate subject for response. If not given, the incoming mail's subject is used

text string (utf8) Body of the response message. Filter Container The FilterContainer is responsible for serializing an ordered collection of filters into a file and for parsing a sieve script that contains one or more filters. The parts of the scripts that are not recognized are stored as raw text in memory. When doing the serialization, the container will reorder the scripts. The ones that were edited by WebMail will be written at the beginning of the file while all 'raw' scripts will be written at the end. A script is recognized as being a WebMail script if:

• contains only directives that have been implemented in webmail filters • has a header with the following data:

o Name: user specified string o Id: internal integer to uniquely identify the script o Position: integer used for ordering the scripts o Enabled: boolean

If the script has a header but has been edited by hand to contain other directives it is rejected and put into the raw scripts collection. If the script does not have a header but can be handled as a WebMail script it will be given an auto-generated id, a last position in the list and an auto-generated name.

AXIGEN User Manual



172

6.2.5. Configuring WebMail RPOP Connections

When first accessing the RPOP Connections tab, a list of the already defined connections is displayed.

To delete a RPOP connection, click the Delete icon corresponding to it. To edit a connection, click the Edit icon corresponding to its name. In order to add a new connection, press the Add connection button. Whether you are adding or editing a RPOP connections, the parameters you need to configure are the same.

Connection details Specify the name or IP address of the host from which the emails are retrieved using the Hostname field. To set the port on which the retrieval from the desired hostname is made, use the Port field. Use the Username and Password fields to specify the authentication details needed to connect for mail retrieval. Retrieval settings Use the Retrieval interval field to specify the minimum interval in minutes between two email retrievals. To specify a certain folder of your WebMail account where you want the emails stored, use the Folder field. You can also select if email messages are deleted or not from the remote server after retrieval, using the Delete on retrieval dropdown box.

AXIGEN User Manual



173

Security Select the desired type of encryption used on the RPOP connection you are configuring from the Encryption dropdown box. The available options are 'none', 'SSL' and "TLS'. Use the Enable APOP dropdown box to specify if you want to enable APOP authentication for the respective connection. When you are done configuring these parameters, remember to press the Save changes button.

AXIGEN User Manual



174

6.2.6. WebMail Account Information

The Account Information page allows users to view data relative to their mailbox quota. They can verify at any time the total quota of their mailbox, their used and remaining quota.

The Total Quota value is set by the server administrator and cannot be modified by the user. For details on how to set the totalQuotaSize parameter in WebAdmin, see the Account > Quota section. The used and remaining quota values change dynamically as the WebMail account total message size changes.

AXIGEN User Manual



175

6.3. Working with the Personal Organizer in WebMail

Having time management and mobility needs in mind, starting with version 4.0, the AXIGEN Mail Server comes with a Personal Organizer module available from both AXIGEN’s WebMail interface and the email client Outlook. The Personal Organizer comprises tools such as calendar, tasks, journal, notes and collaborative support. This sections aims to explain how the new management tools can be used. Each of them - calendar, journal, notes, tasks - is described in a separate subsection, with all its features and usage alternatives.

AXIGEN User Manual



176

6.3.1. Working with your Calendar

The Calendar helps users plan and schedule their work-related or personal events and to have a clear and detailed view of their work, thus enabling an improved time management. To access your Calendar, you can either click the Calendar folder in the folder tree structure placed on the left hand side of your WebMail account or click on any day of the calendar displayed in the lower left corner of the interface.

The upper button bar displayed when the Calendar is accessed gives access to the following options:

• New event - creates a new event. To create an event in a certain day, either select it first using the calendar displayed in the lower left corner. Use the left and right arrows to change months of the current year and the double right and left arrows to change the year.

• Today - when hit, it marks the current day events • Day view - displays the events for one day at a time • Work-week view - displays work days, Monday to Friday

• Week view - displays the entire week • Month view - displays the events for the whole month • List view - displays the existing list of events.

AXIGEN User Manual



177

Creating a New Event When creating a new event, you have to first type a Subject (required) and then a location, specifying where the event takes place. You can either create an event that lasts throughout the day by checking the All day event option, or you can specify limits for the new event. To do so, click the date and time selection boxes for both the Start and End date of your event.

Should you like to be prompted that a certain event is about to start, check the Reminder box and set your desired time interval. You can also use the available text field to type in any details or explanations regarding your current event. To save your event, press the Save & Close button. To abort configuring the event, hit Cancel. To define a repeating scenario, hit Recurrence and use the Invite button to invite others to attend the event you are creating. Existing events can be edited at any given later date. To do so, select the desired entry by double-clicking it, regardless of the selected view type. After making the needed alterations, hit the Save & Close button. If the entry you want to edit is a recurring event, you will be asked whether you want to edit the entire series or only a single instance (occurrence) of the event:

AXIGEN User Manual



178

Should you like to delete the entry, press the Delete icon added to the editing window. Additionally, when using the List view, you can use the edit end delete icons appended to each event.

Setting the Reccurrence When hitting the Recurrence button, a pop-up window displays the available options. You can set a start and end time for the event by clicking the respective selection boxes. Thus, the Duration of your event will be automatically set.

Click the Start selection box to select the starting date of the recurrence. You can choose to have the event repeated incessantly by checking the No end date option or the event can stop occurring after a number of occurrences (check the End after x occurrences option) or by a certain date (select the End by... option). You can set the event to o be repeated on a daily, weekly, monthly or yearly bases, according to a defined Recurrence pattern. Depending on the Recurrence pattern you select, you can access more detailed options:

• Daily - you can have the event repeated every weekday by checking the corresponding option, Every weekday, or you can have it repeated every 2,3, x days by checking the corresponding option.

AXIGEN User Manual



179

• Weekly - you can check a certain day of the week for the recurrence • Monthly - You can specify a certain day of every month (e.g. 25th of every month or every 2

months), or select from the other available options: first/second/third/fourth/last - day/weekday/weekend day/Sunday/Monday etc. of every 1/2/etc months. For example, you can set an event that occurs on the first weekday of every other month.

Important! As the number of days differ depending on the month, if you set an event for the 31st, it will be scheduled in the last day of each month with 30 days.

• Yearly - You can set the event to occur on a certain date of a certain month (e.g. January 25th) or you can select from the other available options: first/second/third/fourth/last - day/weekday/weekend day/Sunday/Monday etc. of every January/February/etc months. For example, you can set a seminar attendance event for each first weekend day of every March.

Finally, set the Range of recurrence for your event. Click the Start selection box to select a date. The event can be repeated incessantly if you choose the No end date option. Alternately, you can have it ended after a number of instances, by checking the End after x occurrences option and setting the desired number of repeats, or set an End by date and selecting the desired end date by clicking the respective selection box.

AXIGEN User Manual



180

When you are done setting the event recurrence, hit OK. To abort the recurrence, hit Cancel. For already defined recurrence details, hit Remove Recurrence to prevent the event from repeating.

Inviting Attendees When hitting the Invite Attendees button, a new text field and a To button are added in the upper side of the event editing window. If you want to abort inviting process, press the Cancel Invitation button that replaces the initial Invite Attendees option.

You can either type the email addresses of the persons you want to invite at the event, or you can access your existing contacts by hitting the To button. When accessing your contacts using the To button, a new pop-up window appears, allowing you to choose which contacts to display in the left hand pane, as shown below. Available options are 'All contacts', 'My contacts', 'Public contacts' and 'Domain contacts'.

AXIGEN User Manual



181

Select the email address of the contact you want to invite with a mouse click, then press the To button. To select several contacts, press Ctrl on your keyboard. To delete a contact from the list of attendees to be invited, click their email address in the right hand pane and press Delete on your keyboard. When you are done selecting attendees, press OK to have the email invitations sent to them. To discard the inviting process, hit Cancel.

Attendees will then receive an invitation email in their Inboxes, prompting them to take action:

To view the details of the event they are invited to attend, users need to click on "open details". The available options are to Accept the meeting, to accept it without guaranteeing attendance - Tentative, to Reject it, or to Propose a change in the event details.

When inviting others to take part in a certain event, the event editing window will also be modified. A new tab called attendees will be added, showing the course of action taken by those invited. The available status options are 'Accepted', 'Declined', 'Tentative' and 'need action'.

AXIGEN User Manual



182

The available status options are 'Accepted', 'Declined', 'Tentative' and 'need action'.

When an attendee takes a certain action, other than Propose, the organizer receives a notification email that requires no further action to be taken.

If, on the other hand, the invited attendees have proposed changes to the event, the organizer will receive an email prompting him/her to take action. The available options are Accept/Reject changes or Propose a new modification of the event specifics.

When dealing with proposed changes, attendees have one more option, Tentative, which gives them the possibility to accept the changes partially, without guaranteeing thy will actually take part in the event.

Important! If participants to a certain event take different actions when changes are proposed (i.e. some accept them, while others reject them), the organizer has the final say.

Reminder options

If you have chosen to be reminded of a certain event, at the specified time, a pop-up will appear at the given time and date. If no action is taken, it will reappear each time the WebMail interface is automatically refreshed. Hence, it depends on the refresh settings configured in the WebMail Data

AXIGEN User Manual



183

page. Alternatively, you can have the reminder postponed using the available snooze options, by choosing a repeat interval in the corresponding drop-down menu and by hitting the Snooze button.

Important! If the auto-refresh option is disabled, reminders will not function.

If you want to see the details of an event you are reminded of, press the Open Item button. To dismiss a certain task, click to select it, then press the Dismiss button. Use the Dismiss All button to discard all pending events. Additional Settings Further settings that determine Calendar behavior need to be set on the WebMail Data page. Each user needs to set the correct Time Zone and the Week start date in order to have deadlines and start times displayed correctly in their Calendar.

6.3.2. Working with your Journal

The Journal allows you to add entries that help you keep track of your day-to-day tasks and actions. To access your Journal, click the corresponding folder in the folder tree structure placed on the left hand side of your WebMail account.

AXIGEN User Manual



184

The upper button bar displayed when the Journal is accessed gives access to the following options:

• New journal - creates a new journal entry. • Today - when hit, it marks the journal entries for the current day • Day view - displays journal entries for one day at a time • Month view - displays journal entries on a monthly basis • List view - displays the existing list of journal entries.

Creating a New Journal Entry When hitting the New journal button, the options relative to the new entry are displayed in a pop-up window.

AXIGEN User Manual



185

To add a new entry, you have to fill in the two required fields: Subject, referring to the entry description, and the Type drop-down menu. There are several available types of entries, such as Phone call, E-mail Message, Task, Conversation, etc:

Click the Start time selection boxes to set a starting date and time for your journal entry. In the displayed calendar, use the left and right arrows to change months of the current year and the double right and left arrows to change the year.

Click the Duration selection box to specify a time frame for your journal entry. You can then edit the actual journal note in the available text field. When you are done editing the entry, hit the Save & Close button. If you want to discard the journal entry, press the Cancel button. Existing Journal entries can be edited at any given later date. To do so, select the desired entry by double-clicking it. After making the needed alterations, hit the Save & Close button. Should you like to delete the entry, press the Delete icon added to the editing window.

Additionally, when using the List view, you can use the edit end delete icons appended to each journal entry.

AXIGEN User Manual



186

6.3.3. Working with your Notes

The Note tool allows you to add quick notes while working. Notes are best suited when one needs to write down something very quickly and has little time to add more details. To access your Notes, click the corresponding folder in the folder tree structure placed on the left hand side of your WebMail account.

When hitting the New note button, a small pop-up window is displayed.

Type the note in the given field and either close the pop-up window using your browsers "x" button, or hit the Close window to save this note button. in order to have your text saved. Existing notes can be edited at any given later date. To do so, use the edit end delete icons appended to each entry.

AXIGEN User Manual



187

6.3.4. Working with your Tasks

Tasks helps users organize their work-related tasks and collaborate with others on ongoing projects. By enabling them to permanently check the level of completion, tasks offer a clear and detailed view of their workload. To access your Tasks, click the Tasks folder in the folder tree structure placed on the left hand side of your WebMail account .

The upper button bar displayed when the Tasks are accessed enables the following options:

• New taks - creates a new event. • All tasks - lists all your tasks • Uncompleted tasks - displays the user's uncompleted tasks • Completed tasks - displays the user's completed tasks

Creating a New Taks When creating a new event, you have to first type a Subject in the corresponding text field. You then need to set the tasks's completion deadline using the Due Date selection box. Use the left and right arrows of the selection calendar to switch between months of a certain year and the double left and right arrows to switch between different years.

AXIGEN User Manual



188

To successfully define a time frame for the task, also configure its Start date, using the corresponding selection box. Furthermore, you can prioritize tasks using the Priority dropdown menu. Available options are: 'low', 'normal' and 'high'. To keep track of the completion process, type a percentage in the %Complete text field.

Should you like to be prompted that a certain event is about to start, check the Reminder box and set your desired time interval. You can also use the available text field to type in any details or explanations regarding your current task.

AXIGEN User Manual



189

To save your task, press the Save & Close button. To abort configuring the task, hit Cancel. To define a repeating scenario, hit Recurrence and use the Assign task button to have the respective task assigned to different users. Existing tasks can be edited at any given later date. To do so, select the desired entry by clicking it. After making the needed alterations, hit the Save & Close button. To mark a task as completed, use the corresponding icon placed next to the Assign task button. Should you like to delete the entry, press the Delete icon in the editing window. Additionally, you can use the delete icons appended to each task or check it as completed. Setting the Reccurrence When hitting the Recurrence button, a pop-up window displays the available options. You can set the task to o be repeated on a daily, weekly, monthly or yearly bases, according to a defined Recurrence pattern. Depending on the Recurrence pattern you select, you can access more detailed options:

• Daily - you can have the event repeated every weekday by checking the corresponding option, Every weekday, or you can have it repeated every 2,3, x days by checking the corresponding option.

• Weekly - you can check a certain day of the week for the recurrence • Monthly - You can specify a certain day of every month (e.g. 25th of every month or every 2

months), or select from the other available options: first/second/third/fourth/last - day/weekday/weekend day/Sunday/Monday etc. of every 1/2/etc months. For example, you can set an event that occurs on the first weekday of every other month.

Important! As the number of days differ depending on the month, if you set an event for the 31st, it will be scheduled in the last day of each month with 30 days.

AXIGEN User Manual



190

• Yearly - You can set the event to occur on a certain date of a certain month (e.g. January 25th) or you can select from the other available options: first/second/third/fourth/last - day/weekday/weekend day/Sunday/Monday etc. of every January/February/etc months. For example, you can set a seminar attendance event for each first weekend day of every March.

Then set the Range of recurrence for your task. Click the Start selection box to select a date. The task can be repeated incessantly if you choose the No end date option. Alternately, you can have it ended after a number of instances, by checking the End after x occurrences option and setting the desired number of repeats, or set an End by date and selecting the desired end date by clicking the respective selection box.

When you are done setting the task recurrence, hit OK. To abort the recurrence, hit Cancel. For already defined recurrence details, hit Remove Recurrence to prevent the task from repeating.

Assigning tasks When hitting the Assign task button, a new text field and a To button are added in the upper side of the event editing window. If you want to abort inviting process, press the Cancel Assignment button that replaces the initial Assign task option.

You can either type the email addresses of the persons you want to assign the task to, or you can access your existing contacts by hitting the To button. When accessing your contacts using the To button, a new pop-up window appears, allowing you to choose which contacts to display in the left hand pane, as shown below. Available options are 'All contacts', 'My contacts', 'Public contacts' and 'Domain contacts'.

AXIGEN User Manual



191

Select the email address of the contact you want to have the task assigned to with a mouse click, then press the To button. To select several contacts, press Ctrl on your keyboard. To delete a contact from the list of assignees, click their email address in the right hand pane and press Delete on your keyboard. When you are done selecting assignees, press OK to have the email asignments sent to them. To discard the assigning process, hit Cancel.

Assignees will then receive an assignment email in their Inboxes, prompting them to take action:

AXIGEN User Manual



192

To view the details of the event they are invited to attend, users need to click on "open details". The available options are to Accept the meeting, to accept it without guaranteeing attendance - Tentative, to Reject it, or to Propose a change in the event details.

When assigning tasks to others, the editing window will also be modified. A new tab called assignees will be added, showing the course of action taken by those you have selected. The available status options are 'Accepted', 'Declined', 'Tentative' and 'need action'.

The available status options are 'Accepted', 'Declined', 'Tentative' and 'need action'.

When an attendee takes a certain action, other than Propose, the organizer receives a notification email that requires no further action to be taken. To view the task setting, use the open details link.

If, on the other hand, the invited assignees have proposed changes to the task, the organizer will receive an email prompting him/her to take action. The available options are Accept/Reject changes or Propose a new modification of the task specifics. To compare before the original and the new details of your task, use the corresponding open details buttons.

When dealing with proposed changes, assignees have one more option, Tentative, which gives them the possibility to accept the changes partially, without guaranteeing thy will actually complete the task.

AXIGEN User Manual



193

Important! If participants to a certain event take different actions when changes are proposed (i.e. some accept them, while others reject them), the organizer has the final say.

Reminder options If you have chosen to be reminded of a certain task, at the specified time, a pop-up will appear at the given time and date. If no action is taken, it will reappear after the starting time each time the WebMail interface is automatically refreshed. Hence, it depends on the refresh settings configured in the WebMail Data page. Alternatively, you can have the reminder postponed using the available snooze options, by choosing a repeat interval in the corresponding drop-down menu and by hitting the Snooze button. Important! If the auto-refresh option is disabled, reminders will not function.

If you want to see the details of an event you are reminded of, press the Open Item button. To dismiss a certain task, click to select it, then press the Dismiss button. When a task is dismissed, it is also removed from the Reminder window. Use the Dismiss All button to discard all pending tasks.

AXIGEN User Manual



194

Additional Settings Further settings that determine Tasks behavior need to be set on the WebMail Data page. Each user needs to set the correct Time Zone and the Week start date in order to have deadlines and start times displayed correctly in their Tasks.

AXIGEN User Manual



195

7. Administration Tools Overview AXIGEN Mail Server provides several alternatives for mail server administration.

• Config file The configuration file allows you to perform extensive configuration by manually editing this text file - axigen.cfg. This administration method allows fine tuning the server functioning to existing hardware configuration and mailing requirements. Experienced System Administrators have a readily accessible method of setting both basic and very advanced parameters directly, without going through an administration interface. For information on using the axigen.cfg file, see Configuring AXIGEN using axigen.cfg.

• WebAdmin WebAdmin is a central administration Web interface that allows configuring the mailserver using a tab-organized GUI. Allowing secure access (HTTPS protocol), WebAdmin provides fully described parameters (long description, default values, possible values, suggested values). WebAdmin allows configuring the email server remotely, over the Internet and provides access to most parameters for every module. This configuration method is highly intuitive, has a fast learning curve and can be used by anyone with users-level skills. For detailed information on how to use WebAdmin, see Configuring AXIGEN using WebAdmin.

• CLI Command line configuration interface CLI is a TCP service with specified dedicated socket accessible using Telnet applications and Netcat. CLI provides added functionality as, apart from providing an alternate method of performing basic configuration tasks, it allows automating administration tasks using scripts (adding users, migration). For detailed information on how to use CLI, see Configuring AXIGEN using CLI.

AXIGEN User Manual



196

8. Configuring AXIGEN using WebAdmin

WebAdmin Overview

AXIGEN WebAdmin is the recommended administration tool for AXIGEN. While alternative methods are provided (Command Line Interface, text-editable configuration file), WebAdmin is the most intuitive and user-friendly. WebAdmin is a web-based configuration interface, tested for Mozilla and Internet Explorer, which gives you access to all configuration parameters for all services in AXIGEN Mail Server. Functionally, it is considered an AXIGEN service, and it can be started and stopped at any time. WebAdmin is enabled by default in the latest versions of AXIGEN Mail Server, and can be accessed by default on the 127.0.0.1:9000 address. For information on how to set the Webadmin interface and set the Webadmin admin password using the AXIGEN Configuration Wizard, see the corresponding section of the online documentation. The current chapter Configuring AXIGEN using WebAdmin is dedicated to configuration options provided in WebAdmin, acting as a complete Administration Guide for AXIGEN Mail Server. It provides information on the configuration of all parameters included in the respective tabs. When a parameter is discussed in a subsection of this chapter, information on its type, class and values as they appear in the configuration file, axigen.cfg, is displayed. This is to provide you with an alternate configuration method and give you a better idea of where to find that parameter in the configuration file. For more information on the structure of axigen.cfg and how to work with it, see Configuring AXIGEN using the configuration file.

WebAdmin Features

The WebAdmin service, offers a wide range of functionalities which make it extremely configurable and secure.


AXIGEN can run on a large variety of systems and machines, in networks with very different traffic loads, structures, domain configurations, user rights, authorization procedures, etc. Depending on your specific network specifications and conditions, you can adapt the workload to the server's processing power, in order to prevent a system overload (with maxConnThreads) or to improve server performance (with minConnThreads). These two complementary parameters define the lower and upper limit for the number of threads that are opened at any given moment by the AXIGEN WebAdmin module. With maxConnThreads you can set the maximum number of threads that can be opened at a specific moment of time and prepare for unforeseen peaks in server activity to avoid a system overload. With minConnThreads you can set the minimum number of threads that can be opened at a specific moment of time. This is important because even when there is no activity for AXIGEN Mail Server, a large number of service requests may arrive at any moment. At that time, the number of threads specified using minConnThreads threads will already have a "waiting" status, thus ready to process service requests in good conditions, without delays.

http://www.axigen.com/docs/40/Initial-Server-Configuration_20.html

http://www.axigen.com/docs/40/Initial-Server-Configuration_20.html

AXIGEN User Manual



197

For information on how to configure connection thread control parameters for WebAdmin, see WebAdmin Connection Thread Control.

Log Control

Just like all the other AXIGEN main services, the WebAdmin module can log different types of events. The system administrator can specify what events are logged, where and how they are logged. The WebAdmin Log Control function can be configured using the following three attributes: logLevel, logType and logHost. See Logging service for more details on logging in AXIGEN. For information on how to configure log control parameters for WebAdmin, see WebAdmin Log Control.

WebAdmin Connection and Session Control

In WebAdmin, you can either allow or disallow persistent connections to the service and impose time limits on sessions, either active or idle. By doing this, you can better manage security and resource related issues. For information on how to configure connection and session control parameters for WebAdmin, see WebAdmin Connection and Session Control.

HTTP Limits for WebAdmin

WebAdmin allows you to set HTTP limits for any request made to the WebAdmin service. This prevents you from automatically accepting excessive amounts of data (HTTP headers, HTTP body and upload data).

For information on how to configure HTTP limits for WebAdmin, see WebAdmin HTTP Limits.

Secure WebAdmin Connections

In WebAdmin, you can define any number of SSL rules, which allow you to redirect plain connections to secure sockets. This way, you grant certain WebAdmin users, connecting from certain addresses, secure access to WebAdmin. For information on how to configure SSL rules for WebAdmin, see WebAdmin URL Redirect Rules.

AXIGEN User Manual



198

Working with WebAdmin

Once you have logged in, the following screen is displayed:

WebAdmin has several tabs, listed on the left hand side, each of them corresponding either to a module or to a generic configuration level (server, domain, account, mail list, forwarder). Below are described some basic principles you should keep in mind while working with AXIGEN WebAdmin.

Updating/Committing Changes in WebAdmin

After changing any parameter value in WebAdmin, you need to save the new values in the configuration files. In order to do this, you first need to make the changes effective for the current session by clicking first the Update button (Update buttons are available only in Edit pages, in the lower left corner).

AXIGEN User Manual



199

After updating your changes, also press the Commit button (available in any WebAdmin page, in usually in the upper right corner), to make them effective.

Using the Update and/or Commit buttons only saves your changes (if any) for the current AXIGEN Mail Server session. In case you want your changes to be applied also after the restart of AXIGEN Mail Server, you should save your changes in the configuration file (axigen.cfg), after using the Update/Commit buttons. To do this, either press the Save config button availabe in the uppermost section of the WebAdmin window, next to the Axigen version and the Logout button, orgo to the Commands page and press the Save config button.

AXIGEN User Manual



200

Confirmation / Error Messages

After each command issued, you should check the confirmation message displayed usually in the lower left corner of the page. In the example below, Commit operation has been executed successfully.

In the following example, a domain creation operation has failed and you are informed on this status both in the upper section and in the lower left corner of the WebAdmin page:

Displaying full details for a parameter / all parameters on a page

You can display in WebAdmin additional information about each available configuration option using the Details button. In the example below, additional information about the primaryDomain parameter is displayed.

You can also display additional information all configuration options on a WebAdmin page Toggle details for all button. To switch back to the non-detailed view, click on the same button once more.

AXIGEN User Manual



201

Resetting to default values

You can reset the changes made to a particular configuration option (in WebAdmin or in other configuration tool available for AXIGEN) and restore the default values for that particular option. You can either reset one parameter to its default value by using the Reset button, or reset all parameters on one page to defaults using Reset all to defaults.

In the example below, the primaryDomain configuration parameter is reset to its default value.

AXIGEN User Manual



202

8.1. Server tab

The Sever tab gives you access to the following pages: • Global Settings - containing global server parameters; • User Maps - containing user maps configuration data; • Filters - containing filter configuration information; • SMTP Filter - the wizard used to configure SMTP policies; • Info - containing information on the current server version and license.

8.1.1. Global Settings

The Server > Global Settings page allows you to set basic server parameters, such as Running services and Primary domain.

Use the Running Services checkboxes in the Server > General settings page to specify what services should be run by AXIGEN Mail Server. Each checkbox corresponds to an AXIGEN service, select those you wish your mail server to run. AXIGEN can run with any number of these services inhibited.

Attribute Name: services Attribute Class: Server Attribute Type: VALUE

AXIGEN User Manual



203

Possible values: ( log | processing | smtpIncoming | smtpOutgoing | smtp | pop3 | imap | webmail | cli | webadmin | reporting | ftpBackup | rpop | pop3Proxy | imapProxy ) - multiple choices Default Value: ( log processing smtpIncoming smtpOutgoing smtp pop3 imap cli webadmin ) By default, when installing AXIGEN Mail Server, the following services will be running: SMTP, IMAP, POP3, Webmail and Webadmin. A similar option is available at domain and account / mail list level, with relevant choices for the respective level. Use the Primary Domain field of the Server > General settings page to specify the primary domain to be used by AXIGEN Mail Server. The primary domain default value is the result of the 'getdomainname' function, which is the current domain name (local domain).

Attribute Name: primaryDomain Attribute Class: Server Attribute Type: VALUE Constraints: value = "SMTP_FILTERS_FILE_PATH"; Use the SSL Random File field in the Server > General settings page to specify the file for entropy data used for generating random numbers when using SSL with AXIGEN Mail Server.

Attribute Name: sslRandomFile Attribute Class: Server Attribute Type: VALUE Default Value: none Use the SMTP Policy File field in the Server > General settings page to specify the file used to store the Message Acceptance, Processing and Relay Policies. To edit the file, press the Edit SMTP Policy File button, on the right side of the SMTP Policy File field. It will display/hide the content of the existing file applied to the AXIGEN Mail Server.

Attribute Name: smtpFiltersFile Attribute Class: Server Attribute Type: VALUE Constraints: value = "SMTP_FILTERS_FILE_PATH"; Default Value: "SMTP_FILTERS_FILE_PATH" If you modify any of the default values, click on the Commit button to save your changes.

AXIGEN User Manual



204

8.1.2. User Maps

When first accessing the Server > User Maps page, a list of all previously defined user maps is displayed.

To delete an existing user map, press the Delete button corresponding the respective map. To edit a previously created user map, use the corresponding Edit button. By pressing the Add new usermap button, you can add and configure a new user map. Whether editing or adding a user map, the parameters you need to configure are the same.

AXIGEN User Manual



205

Use the Name text field to type in the desired name for the user map you want to add.

Attribute Name: name Attribute Class: UserMap Attribute Type: VALUE To choose the type of the new user map, use the Type drop-down box. Available options are 'local' and 'ldap', while the default value is set to 'local'.

Attribute Name: type Attribute Class: UserMap Attribute Type: VALUE Possible values: ( local | ldap ) - single choice Default Value: ( local ) Specify the path to the file containing the local mapping in the Local File text field.

Attribute Name: localFile Attribute Class: UserMap Attribute Type: VALUE The User db connector type drop-down box allows you to select the desired type for the userdb connector. The available options are 'local', 'ldap' and 'ldabBind'.

Attribute Name: userdbConnectorType Attribute Class: UserMap Attribute Type: VALUE Possible values: ( local | ldap | ldapBind ) - single choice Default Value: ( local ) Use the User db connector name text field to specify the name of your user db connector.

Attribute Name: userdbConnectorName Attribute Class: UserMap Attribute Type: VALUE When you are done configuring these parameters, hit the Update and Commit buttons to save your changes.

AXIGEN User Manual



206

8.1.3. Filter Configuration

The Server > Filter page has three different subpages, which allow you to add and activate both socket and script filters. For detailed information on filtering, filter types in AXIGEN, see Mail Filtering in the Security chapter. AXIGEN is currently shipped with connectors for ClamAV (antivirus application) and SpamAssassin (anti-spam application), both Open Source. To see instructions on how to make AXIGEN work with ClamAV, see the corresponding AXIGEN forum posting. For SpamAssassin, you simply need to install the application, no further configurations are necessary. A sample setup procedure for connecting these two applications to AXIGEN is also given in the AXIGEN Install and Config Guide. For filter parameter configuration using WebAdmin, see subpages of current page. These subpages show you how to add and activate previously defined filters (either Message rules or Antivirus/Antispam Filters).

8.1.3.1. Configuring Message Rules

To configure message rules at server level, make sure you are located on the Server page and click the Filters tab on the upper right hand side. In this page, click the Message rules tab. If no filters have been previously defined, the Message rule list displayed will be empty. To add a new Message rule, click the Add new rule button.

This displays the New message rule area containing three configurable parameters: name, type and file:

AXIGEN User Manual



207

The name parameter allows you to specify the name of the rule to be added. This will need to coincide with the name of the script file containing the rule. This name is used as unique identifier for the rule being added. Also, keep in mind that this name is case sensitive.

Attribute Name: name Attribute Class: ScriptFilter Attribute Type: VALUE The type parameter refers to the scripting language used to define the filter. Currently, in AXIGEN, only Sieve filters are available. For more information on Sieve script based rules, see Message rules.

Attribute Name: type Attribute Class: ScriptFilter Attribute Type: VALUE Possible values: ( sieve ) - single choice Default Value: ( sieve ) The file attribute requires you to specify the path to the rule file. Note that this value is mandatory in order to complete the rule definition, and that this field is case sensitive.

Attribute Name: file Attribute Class: ScriptFilter Attribute Type: VALUE When you are done with these parameters, click the Add button to complete the filter definition. The message rule you have just added will appear in the Message rule list and you will be able to edit it at any later time, by clicking the Edit button displayed next to it.

8.1.3.2. Configuring Antivirus/Antispam Filters

To configure Antivirus/Antispam filters at server level, make sure you are located on the Server page and click the Filters tab on the upper right hand side. In this page, click the AV/AS filters tab. The list of already defined AV/AS filters will be displayed. To add a new Script filter, click the Add new filter button.

AXIGEN User Manual



208

This will display a window containing parameters needed to define a new AV/AS filter:

The name parameter allows you to specify the name of the filter to be added. This will need to coincide with the name of the script file containing the filter. This name is used as unique identifier for the filter being added. Also, keep in mind that this name is case sensitive.

Attribute Name: name Attribute Class: SocketFilter Attribute Type: VALUE The address parameter allows you to specify the address used to communicate with the filter. This must be either an Internet or a Unix local address.

Attribute Name: address Attribute Class: SocketFilter Attribute Type: VALUE The Protocol file field allows you to set the values of the protocolFile parameter. This is the path to the AFSL file containing the description of the protocol used to communicate with the filter.

Attribute Name: protocolFile Attribute Class: SocketFilter Attribute Type: VALUE In the Idle timeout field you can specify the value of the idleTimeout parameter. This will be the inactivity interval in seconds after which the connection with the filter is timed out. A value of zero means that the connection is never timed out. The default value is 60s.

AXIGEN User Manual



209

Attribute Name: idleTimeout Attribute Class: SocketFilter Attribute Type: VALUE Constraints: maxValue = 86400; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 60 The Action on match dropdown box allows you to set the actionOnMatch parameter. This is the action to be taken in case the filter matches an email (it found something in the email that matches the criterion specified in the filter). By selecting the value pass, the email is passed on to the next filter.

Attribute Name: actionOnMatch Attribute Class: SocketFilter Attribute Type: VALUE Possible values: ( discard | pass | reject ) - single choice Default Value: ( reject )

The Max. connections field specifies the value for the maxConnections parameter. This will be the maximum number of simultaneous connections allowed for this filter (for instance when several emails are being processed simultaneously using this filter). The maximum number of simultaneous connections that can be allowed is 32. A value of 0 will allow an unlimited number of simultaneous connections.

Attribute Name: maxConnections Attribute Class: SocketFilter Attribute Type: VALUE Constraints: maxValue = 32; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 10 Click the Add button to complete the socket filter definition.

8.1.3.3. Configuring Active Filters

To activate filters at server level, make sure you are located on the Server page and click the Filters tab on the upper right hand side. In this page, click the Active filters tab. If no filters have been previously activated, the Active filters list displayed will be empty. To add a new active filter, click the Add new filter button.

AXIGEN User Manual



210

In the new page displayed, you need to set the following parameters in order to activate one of the existing filters.

The priority parameter refers to the priority the filter will be given in the filtering chain. At domain level, priority values allowed range between 0 and 500.

Attribute Name: priority Attribute Class: ServerActiveFilter Attribute Type: VALUE Constraints: maxValue = 500; minValue = 0; allowZero = true; allowInfinite = false; The Name field allows you to select from the list the name of the filter as defined in the Message rules or AV/AS filters tabs.

Attribute Name: filterName Attribute Class: ServerActiveFilter Attribute Type: VALUE Constraints: maxLength = 256; The Type field allows you to select from available filter types, currently Socket (Antivirus/Antispam Filters) and Sieve (Message rules).

Attribute Name: filterType Attribute Class: ServerActiveFilter Attribute Type: VALUE Possible values: ( script | socket ) - single choice

AXIGEN User Manual



211

In the Apply on checkbox you can set the value of the applyOn parameter, and specify whether you want this filter to be applied to emails being relayed by AXIGEN or only to emails delivered locally. By setting this parameter to 'realy' you indicate that you wish to apply the filter only for outgoing mail. If you check the "local" option, the filter will be applied to emails delivered locally only. If you wish apply the filter both for incoming and outgoing mail, you need to check both available options.

Attribute Name: applyOn Attribute Class: ServerActiveFilter Attribute Type: VALUE Possible values: ( local | relay ) - multiple choices Default Value: ( local ) Click the Add button to complete the filter activation.

AXIGEN User Manual



212

8.1.4. SMTP Filters

The SMTP Filter Wizard which allows system administrators to create filters within the server SMTP policy is available on the Server > SMTP Filters page. When first accessing the page, a list with the previously created filters is displayed.

To delete and existing filter, press the Delete button corresponding to it. If you want to edit and existing filter, press the Edit button corresponding to the name of your selected filter. Press the Add new SMTP filter button to create a new filter. Whether adding or editing a filter, the parameters available through the SMTP Filter Wizard are the same.

AXIGEN User Manual



213

In the Name field, specify the name you have chosen for the filter you are creating. To access the options available in the Conditions field, put your mouse over the " " button, then click on the condition you want to use to create the filter.

After adding one condition, you can also choose to apply all the criteria or any of the existing criteria, as shown in the above screenshot.

To access the options available in the Actions field, put your mouse over the " " button, then click on the action you want applied to the filter you are configuring. To delete an existing condition or action, press the " " button corresponding to it. When you are done configuring the filter, press the Update and Commit buttons to make the changes permanent. Important! If you create a SMTP Filter which applies to two ore more events, the filter will be applied to the earliest event.

AXIGEN User Manual



214

For a general description of the SMTP Policies and for detailed explanations for all the existing events and their corresponding actions, conditions and methods, see the corresponding section of the documentation.

8.2. DNR tab

The DNR tab allows you to access two different pages for DNR configuration: • General - contains general DNR configuration parameters • Nameserver - allows you to edit and add known name servers to be used in DNR searches

8.2.1. General Settings

Use the DNR > General page to configure the general parameters relative to the DNR service.

Use the DNR Timeout field to specify after how many seconds the first DNR query is closed by AXIGEN Mail Server. The values for these parameters are expressed in seconds.

Attribute Name: timeout Attribute Class: DNRService Attribute Type: VALUE Constraints: maxValue = 120; minValue = 1; allowZero = false; Default Value: 5 Note: After each retry this timeout is doubled. Use the Retries field to specify the maximum number of DNR queries retries to be executed by AXIGEN Mail Server.

Attribute Name: retries Attribute Class: DNRService Attribute Type: VALUE Constraints: maxValue = 10; Default Value: 3

AXIGEN User Manual



215

Use the Cache Size field to specify the number of results (IP addresses) cached for each DNR query type (NS, A, MX) to be executed by AXIGEN Mail Server. The default value is 1000 IPs.

Attribute Name: cacheSize Attribute Class: DNRService Attribute Type: VALUE Constraints: maxValue = 1000000; minValue = 1; allowZero = false; Default Value: 1000 To make your changes permanent, hit the Update and Commit buttons.

AXIGEN User Manual



216

8.2.2. Nameservers settings

Use the DNR > Nameservers page to edit the list of known name (DNS) servers (specified in the operating system configuration) used by AXIGEN Mail Server when performing DNR searches.

To edit one of the defined name servers, press its corresponding Edit button. To add a new name server, press the Add new ns button. Whether editing or adding a name server, the parameters displayed will be the same.

Use the Priority field to specify the priority level for the new name server. This is useful when defining the order in which name servers are searched (the ones with higher priority are queried first). A lower priority values stands for a higher priority level.

Attribute Name: priority Attribute Class: DNRNameServer Attribute Type: VALUE Constraints: maxValue = 100; minValue = 1; allowZero = false; allowInfinite = false;

AXIGEN User Manual



217

Use the Address field to specify the IP address of the name server. Attribute Name: address Attribute Class: DNRNameServer Attribute Type: VALUE The parameters corresponding to DNR Timeout and No. of retries fields are configured as described in the General parameters section above. These fields are useful if you wish to define different parameter values for a certain name server and not use the values inherited from the general DNR service level.

Attribute Name: timeout Attribute Class: DNRNameServer Attribute Type: VALUE Constraints: maxValue = 120; minValue = 1; allowZero = false; Default Value: 5 Attribute Name: retries Attribute Class: DNRNameServer Attribute Type: VALUE Constraints: maxValue = 10; Default Value: 3 After editing these parameters, press the Add button to add the new name server, and than the Commit button to make the change effective. For additional information about the DNR service in AXIGEN and the parameters above, please see the DNR settings section.

AXIGEN User Manual



218

8.2.3. DNR Log Control Parameters

Log control parameters are accessible through the DNR > General Page.

Use the Log Level check boxes to specify the level of events logged for the DNR service.

Attribute Name: logLevel Attribute Class: DNRService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for DNR. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: DNRService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the DNR remote logging host IP address.

Attribute Name: logHost Attribute Class: DNRService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for DNR. For a general description of the logging service and related parameters see Logging Service.

AXIGEN User Manual



219

8.3. Processing tab

To configure Processing related settings, you need to access the Processing > General page of WebAdmin. Here you can configure mail scheduling, queue management, and log control parameters.

8.3.1. Managing Mail Scheduling

In the Processing tab, you have access to several parameters allowing you to adjust mail scheduling parameters according to your needs.

Important: The interval for rescheduling mail messages is calculated using the following formula: min(schedInterval * (2 ^ (retryCount - 1)), maxSchedInterval) In order to configure these to configure these parameters, use the details presented below: Use the Max. schedule interval field to specify the maximum time interval (in seconds) for rescheduling a message in case of a non-critical delivery error in AXIGEN Mail Server. The default value corresponds to 8 hours.

Attribute Name: maxSchedInterval Attribute Class: ProcessingService Attribute Type: VALUE Constraints: maxValue = 86400; minValue = 5; allowZero = false; allowInfinite = false; Default Value: 28800 Use the Schedule interval field to specify the time interval (in seconds) for rescheduling a message in case of a non-critical delivery error in AXIGEN Mail Server. The default value corresponds to one hour. This means that the queue is rechecked every hour, in order to attempt sending the message.

Attribute Name: schedInterval Attribute Class: ProcessingService Attribute Type: VALUE Constraints: minValue = 1; maxValue = 86400; allowZero = false; allowInfinite = false; Default Value: 300

AXIGEN User Manual



220

Use the Max. retry count field to specify the number of times AXIGEN server should try to deliver a mail message in case of a non-critical delivery error in AXIGEN Mail Server.

Attribute Name: maxRetryCount Attribute Class: ProcessingService Attribute Type: VALUE Constraints: minValue = 1; maxValue = 1000; allowZero = false; allowInfinite = false; Default Value: 20 Using the default values of these parameters, the reschedule interval calculated using the above formula is of approximately 2 days.

Note: The mail scheduling feature is only available if the reason for re-scheduling the message is non-critical, i.e. it does not automatically trigger the message being dropped by AXIGEN server (for instance due to its length exceeding the limit specified by the maxDataSize parameter).

AXIGEN User Manual



221

8.3.2. Managing the Queue

The Processing > General page provides parameters that allow you to manage the mail queue.

Use the Queue Path field to specify the path to the internal server queue. If the string does not represent a valid path, the queue is not stored. By default, AXIGEN server queue is stored in /var/opt/axigen/queue.

Attribute Name: queuePath Attribute Class: ProcessingService Attribute Type: VALUE Default Value: "SMTP_QUEUE_PATH" Use the Queue Entry Count field to specify the upper limit for the number of subdirectories in the internal queue. The actual number of subdirectories will be computed based on this value, as maximum power of 2 smaller than 'queueEntryCount' value.

Attribute Name: queueEntryCount Attribute Class: ProcessingService Attribute Type: VALUE Constraints: minValue = 1; maxValue = 256; allowZero = false; allowInfinite = false; Default Value: 64 Use the Processing queue size field to specify the size of internal processing queue. When too many messages have to be processed and this queue is full, the next messages will be rescheduled.

Attribute Name: procQueueSize Attribute Class: ProcessingService Attribute Type: VALUE Constraints: minValue = 2; maxValue = 65536; allowZero = false; allowInfinite = false; Default Value: 256 Remember to hit the Update and Commit buttons to make your changes permanent.

AXIGEN User Manual



222

8.3.3. Specifying Threads for Local Delivery

To specify the threads for local delivery, first access the Processing > General page.

Use the Delivery threads text area to specify the number of threads handling local SMTP delivery. Thus you can fine tune the server behavior to your usage scenario. If you want to use your server mainly for local delivery, you can set a higher number of delivery threads.

Attribute Name: deliveryThreads Attribute Class: ProcessingService Attribute Type: VALUE Constraints: minValue = 1; maxValue = 128; allowZero = false; allowInfinite = false; Default Value: 20

AXIGEN User Manual



223

8.3.4. Configuring Mailbox Related Parameters

In the Processing > General page, you can configure parameters which allow you to adjust the maximum number of messages received per second by one mailbox and the interval in seconds during which that mailbox will be disabled if that maximum is reached. This way, you can avoid flooding attacks.

Use the Max messages per second field to specify the maximum number of messages a mailbox can receive in one second.

Attribute Name: messagesPerSecond Attribute Class: ProcessingService Attribute Type: VALUE Constraints: minValue = 1; maxValue = 1000; allowZero = false; allowInfinite = false; Default Value: 20 Use the Disable interval field to specify the time interval a mailbox is disabled if the limit stipulated by the messagesPerSecond parameter is exceeded. This parameter values are expressed in seconds.

Attribute Name: disableInterval Attribute Class: ProcessingService Attribute Type: VALUE Constraints: minValue = 0; maxValue = 86400; allowZero = true; allowInfinite = false; Default Value: 300 When you are done configuring the above parameters, hit the Update and Commit buttons to save your changes.

AXIGEN User Manual



224

8.3.5. Configuring Log Control Parameters

Log control parameters are accessible through Processing > General Page.

Use the Log Level check boxes to specify the log level for the Processing service.

Attribute Name: logLevel Attribute Class: ProcessingService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for the Processing service. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: ProcessingService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the Processing service remote logging host IP address.

Attribute Name: logHost Attribute Class: ProcessingService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for Processing. For a general description of the logging service and related parameters see Logging Service.

AXIGEN User Manual



225

8.4. SMTP-In Tab

By clicking on the SMTP-In Tab, you have access to two pages: • General page (allowing you to set connection error control, connection thread control, log

control and authentication parameters); • Mapping Data - allowing you to set mapping related parameters; • Listeners page (which allows you to add, edit listeners and allow/deny rules). See Adding and

Editing TCP Listeners for more details.

8.4.1. Configuring SMTP-In Connection Error Control Parameters

Connection error control parameters are accessible through SMTP-In > General page.

Specifying a Maximum Number of Errors for SMTP Incoming Connections

Use the Max error no. field to specify the maximum number of wrong commands that can be received from a SMTP client during one session.

Attribute Name: maxErrors Attribute Class: SMTPInService Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 20

Specifying a max. number of authentication errors for SMTP Incoming connections

Use the Max. auth. error no. field to specify the maximum number of failed authentications allowed during one session.

Attribute Name: maxAuthErrors Attribute Class: SMTPInService Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 5 Important: The value "0" is accepted for both these parameters and its meaning is that the server will accept an unlimited number of errors. Be informed though that this may raise serious security issues. For more information on connection control for the SMTP-In service, see SMTP Incoming.

AXIGEN User Manual



226

8.4.2. Configuring SMTP-In Connection Thread Control Parameters Connection thread control parameters are accessible through SMTP-In > General page.

Use the Maximum Connection Threads field to specify the maximum number of threads handling the SMTP Incoming service connections.

Attribute Name: maxConnThreads Attribute Class: SMTPInService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 20 Use the Minimum Connection Threads field to specify the minimum number of threads handling the SMTP Incoming service connections.

Attribute Name: minConnThreads Attribute Class: IMAPService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 1 For more information on Connection Thread Control, see SMTP Incoming.

AXIGEN User Manual



227

8.4.3. Configuring SMTP-In Log Control Parameters

Log control parameters are accessible through SMTP-In > General Page.

Use the Log Level check boxes to specify the log level for SMTP Incoming.

Attribute Name: logLevel Attribute Class: SMTPInService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for SMTP Incoming. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: SMTPInService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the SMTP Incoming remote logging host IP address.

Attribute Name: logHost Attribute Class: SMTPInService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for SMTP Incoming. For a general description of the logging service and related parameters see Logging Service.

AXIGEN User Manual



228

8.4.4. Setting Further General Parameters

Four further parameters can be set from the SMTP-In > General page, as shown in the below screenshot. These parameters refer to the Received headers, to User dB connectors and to routing settings for the SMTP In service.

Maximum Received Headers Setting a maximum number for the Received headers an email can have is a critical security issue, keeping administrators safe from looping emails. Therefore, the maxReceivedHeaders parameter is first available in The SMPT In tab and can be further configured using the SMTP Policy File. Use the Maximum Received Headers filed to specify a maximum number of Received headers allowed for an email message after which the mail is considered looping and it is bounced. The default value in this case is of 30 such headers. Attribute Name: maxReceivedHeaders Attribute Class: SMTPInService Attribute Type: VALUE Constraints: minValue = 1; maxValue = 1000; allowZero = false; allowInfinite = false; Default Value: 30 For details on SMTP Policy usage, please see the Mail Filtering section. User Database Connector Parameters The User dB connector type dropdown box allows you to set the type of the user database connector. You can choose from the three available options, local, ldap and ldapbind. Administrators can also specify a name for the connector in the User dB connector name field. Attribute Name: userdbConnectorType Attribute Class: SMTPInService Attribute Type: VALUE Possible values: ( local | ldap | ldapBind ) - single choice Default Value: ( local )

AXIGEN User Manual



229

Attribute Name: userdbConnectorName Attribute Class: SMTPInService Attribute Type: VALUE SMTP Routing Configuration In order to specify if SMTP Routing is allowed for the AXIGEN Mail Server, use the Enable SMTP Routing dropdown box. Thus the SMTP-In will become a SMTP Routing service. Attribute Name: enableSmtpRouting Attribute Class: SMTPInService Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no ) To make your changes permanent, hit the Update and Commit buttons.

AXIGEN User Manual



230

8.4.5. Configuring Mapping Data

Mapping data parameters can be configured when accessing the SMTP-In > Mapping Data page.

The User Map drop-down box allows you to select one of the user maps defined at server level.

Attribute Name: userMap Attribute Class: MappingData Attribute Type: VALUE Default Value: none Use the Mapping AXIGEN Host field to specify the name or the IP address of the default AXIGEN machine to be used if the userMap parameter is set to none and the Mapping AXIGEN Port field to specify the port on which to connect to the default AXIGEN machine.

Attribute Name: mappingHost Attribute Class: MappingData Attribute Type: VALUE Default Value: 127.0.0.1 Attribute Name: mappingPort Attribute Class: MappingData Attribute Type: VALUE Constraints: maxValue = 65535; minValue = 1; allowZero = false; Default Value: 1200 When you are done configuring these parameters, hit the Update and Commit buttons.

AXIGEN User Manual



231

8.5. SMTP-Out tab

In the SMTP-Out tab you can access one main configuration page, SMTP-Out > General. The page contains settings related to the SMTP Outgoing module (connection thread and log control parameters). Connection Thread Control Connection thread control parameters are accessible through SMTP-Out > General page. These parameters allow you to adjust the number of threads dedicated to SMTP remote delivery.

Use the Maximum Connection Threads field to specify the maximum number of threads handling the SMTP Outgoing service connections.

Attribute Name: maxConnThreads Attribute Class: SMTPOutService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 20 Use the Minimum Connection Threads field to specify the minimum number of threads handling the SMTP Outgoing service connections.

Attribute Name: minConnThreads Attribute Class: SMTPOutService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 1 For more information on Connection Thread Control, see SMTP Outgoing.

AXIGEN User Manual



232

Log Control Log control parameters are accessible through the SMTP-Out > General Page.

Use the Log Level check boxes to specify the level of events logged in SMTP Outgoing.

Attribute Name: logLevel Attribute Class: SMTPOutService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for SMTP Outgoing. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: SMTPOutService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the SMTP Outgoing remote logging host IP address.

Attribute Name: logHost Attribute Class: SMTPOutService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for SMTP Outgoing. For a general description of the logging service and related parameters see Logging Service.

AXIGEN User Manual



233

8.6. POP3 tab

Clicking on the POP3 tab, you get access to: • General page - allows you to set global POP3 parameters (connection error control,

connection thread control, log control and secure connection parameters) • Listeners page which allows you to configure listeners for the POP3 service. See Adding and


8.6.1. Configuring POP3 Connection Error Control Parameters

Connection error control parameters are accessible through POP3 > General page.

Use the Max error no. field to specify the maximum number of wrong commands that can be received from a POP3 client during one session.

Attribute Name: maxErrors Attribute Class: POP3Service Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 20 Use the Max. auth. error no. field to specify the maximum number of failed authentications allowed during one session.

Attribute Name: maxAuthErrors Attribute Class: POP3Service Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 5 For more information on connection control see POP3 section.

AXIGEN User Manual



234

8.6.2. Configuring POP3 Connection Thread Control Parameters Connection thread control parameters are accessible through POP3 > General page.

Use the Maximum Connection Threads field to specify the maximum number of threads handling the POP3 service connections.

Attribute Name: maxConnThreads Attribute Class: POP3Service Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 20 Use the Minimum Connection Threads field to specify the minimum number of threads handling the POP3 service connections.

Attribute Name: minConnThreads Attribute Class: POP3Service Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 1 For more information on Connection Thread Control, see the POP3 service.

AXIGEN User Manual



235

8.6.3. Configuring POP3 Log Control Parameters

Log control parameters are accessible through POP3 > General Page.

Use the Log Level check boxes to specify the log level for POP3.

Attribute Name: logLevel Attribute Class: POP3Service Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for POP3. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: POP3Service Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the POP3 remote logging host IP address.

Attribute Name: logHost Attribute Class: POP3Service Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for POP3. For a general description of the logging service and related parameters see Logging Service.

AXIGEN User Manual



236

8.6.4. POP3 Encryption and Authentication Parameters

In the POP3 > General Tab, you can use the Allow TLS field to specify whether you want to enable secure connections for POP3.

By setting this parameter to 'yes', you allow sending the STARTTLS command for encrypting the connection if the server supports this command.

Attribute Name: allowStartTLS Attribute Class: POP3Service Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) On the same page, you can choose to further allow plain or secure connection and specify the authentication types corresponding to each type of connection.

Use the Allow secure connection dropdown box to specify if plain text login is allowed on a secure

AXIGEN User Manual



237

(TLS-enabled) connection. Choose the types of authentication allowed on a secure (TLS-enabled) connection in the TLS Auth. Types checkbox. Possible options are: plain, login, cram-md5, digest-

md5, gssapi and all. Default value is 'all' (all types of authentication are allowed on a secure connection).

Attribute Name: secureConnAllowLogin Attribute Class: POP3Service Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Attribute Name: secureConnAuthTypes Attribute Class: POP3Service Attribute Type: VALUE Possible values: ( plain | login | cram-md5 | digest-md5 | gssapi | all ) - multiple choices Default Value: ( plain login cram-md5 digest-md5 gssapi all ) Use the Allow plain connection dropdown box to specify if plain text login is allowed on a plain (non-TLS-enabled) connection. Choose the types of authentication allowed on a plain (non-TLS-enabled) connection in the Plain Auth. Types checkbox. Possible options are: plain, login, cram-md5, digest-md5, gssapiand all. Default value is 'all' (all types of authentication are allowed on a secure connection).

Attribute Name: plainConnAllowLogin Attribute Class: POP3Service Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Attribute Name: plainConnAuthTypes Attribute Class: POP3Service Attribute Type: VALUE Possible values: ( plain | login | cram-md5 | digest-md5 | gssapi | all ) - multiple choices Default Value: ( plain login cram-md5 digest-md5 gssapi all ) To make your changes permanent, remember to hit the Update and Commit buttons.

AXIGEN User Manual



238

8.6.5. Configuring POP3 User dB Connector Parameters

Parameters relative to user database connectors can be set when accessing the POP3 > General page.

The User dB connector type dropdown box allows you to set the type of the user database connector. You can choose from the three available options, local, ldap and ldapbind. Administrators can also specify a name for the connector in the User dB connector name field.

Attribute Name: userdbConnectorType Attribute Class: POP3Service Attribute Type: VALUE Possible values: ( local | ldap | ldapBind ) - single choice Default Value: ( local ) Attribute Name: userdbConnectorName Attribute Class: POP3Service Attribute Type: VALUE

AXIGEN User Manual



239

8.7. IMAP tab

The IMAP tab in WebAdmin gives you access to: • General page - containing general IMAP module configuration parameters, such as

connection thread control, connection error control, log control and authentication parameters; • Listeners page - where you can add and edit Listeners for the IMAP module. For details on

how to configure IMAP Listeners, see Adding and Editing TCP Listeners.

8.7.1. Configuring IMAP Connection Error Control Parameters

Connection error control parameters are accessible through IMAP > General page.

Use the Max error no. field to specify the maximum number of wrong commands that can be received from a IMAP client during one session.

Attribute Name: maxErrors Attribute Class: IMAPService Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 20 Use the Max. auth. error no. field to specify the maximum number of failed authentications allowed during one session.

Attribute Name: maxAuthErrors Attribute Class: IMAPService Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 5 For more information on connection control, see the IMAP section.

AXIGEN User Manual



240

8.7.2. Configuring IMAP Connection Thread Control Parameters

Connection thread control parameters are accessible through IMAP > General page.

Use the Maximum Connection Threads field to specify the maximum number of threads handling the IMAP service connections.

Attribute Name: maxConnThreads Attribute Class: IMAPService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 20 Use the Minimum Connection Threads field to specify the minimum number of threads handling the IMAP service connections.

Attribute Name: minConnThreads Attribute Class: IMAPService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 1 For more information on Connection Thread Control, see the IMAP section.

AXIGEN User Manual



241

8.7.3. Configuring IMAP Log Control Parameters

Log control parameters are accessible through IMAP > General Page.

Use the Log Level check boxes to specify the log level for IMAP.

Attribute Name: logLevel Attribute Class: IMAPService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for IMAP. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: IMAPService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the IMAP remote logging host IP address.

Attribute Name: logHost Attribute Class: IMAPService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for IMAP. For a general description of the logging service and related parameters see Logging Service.

AXIGEN User Manual



242

8.7.4. Configuring IMAP Encryption and Authentication Parameters

Authentication and encryption parameters are accessible through IMAP>General page.

Use the Allow TLS field to specify whether you allow secure connections for IMAP. By setting this parameter to 'yes', you allow sending STARTTLS command for encrypting the connection if the server supports this command.

Attribute Name: allowStartTLS Attribute Class: IMAPService Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes )

Use the Allow secure connection field, to specify whether you allow or not login with plain text on a secure (TLS-enabled) connection.

Attribute Name: secureConnAllowLogin Attribute Class: IMAPService Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Use the TLS Auth. Types field to specify what type of TLS authentication AXIGEN Mail Server

AXIGEN User Manual



243

should use for its IMAP secure connections. Possible options are: plain, login, cram-md5 and all. Default value is 'all' (all types of authentication are allowed on a secure connection).

Attribute Name: secureConnAuthTypes Attribute Class: IMAPService Attribute Type: VALUE Possible values: ( plain | login | cram-md5 | digest-md5 | gssapi | all ) - multiple choices Default Value: ( plain login cram-md5 digest-md5 gssapi all )

Use the Allow plain connection to specify whether you allow or not login with plain text on a plain (non-TLS-enabled) connection.

Attribute Name: plainConnAllowLogin Attribute Class: IMAPService Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Use the Plain Auth. Types field to specify what type of authentication AXIGEN Mail Server should use for its IMAP plain (not TLS enabled) connections. Possible options are: plain, login, cram-md5 and all). Default value is cram-md5 (only a session authenticated via cram-md5 is allowed on a plain connection).

Attribute Name: plainConnAuthTypes Attribute Class: IMAPService Attribute Type: VALUE Possible values: ( plain | login | cram-md5 | digest-md5 | gssapi | all ) - multiple choices Default Value: ( plain login cram-md5 digest-md5 gssapi all ) For more details on authentication methods, see Authentication and Encryption.

AXIGEN User Manual



244

8.7.5. Configuring IMAP User dB Connector Parameters

Parameters relative to user database connectors can be set when accessing the IMAP > General page.


Attribute Name: userdbConnectorType Attribute Class: IMAPService Attribute Type: VALUE Possible values: ( local | ldap | ldapBind ) - single choice Default Value: ( local ) Attribute Name: userdbConnectorName Attribute Class: IMAPService Attribute Type: VALUE

AXIGEN User Manual



245

8.8. WebMail tab

The WebMail tab gives you access to three configuration pages: • General - contains general configuration parameters relating to WebMail service, WebMail

connections and WebMail sessions • URL redirects - contains parameters allowing you to set up URL redirect rules • Host name resolver - allows you to map host names to domain names • Listeners - allows you to define and edit listeners for the WebMail module. For general

information on listeners, see the Listeners section. For information on how to configure parameters in the Listeners page, see Adding and Editing TCP Listeners.

•

AXIGEN User Manual



246

8.8.1. WebMail Connection Thread Control

Connection thread control parameters are accessible through WebMail > General page.

Use the Maximum Connection Threads field to specify the maximum number of threads handling the WebMail service connections.

Attribute Name: maxConnThreads Attribute Class: WebMailService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 20 Use the Minimum Connection Threads field to specify the minimum number of threads handling the WebMail service connections.

Attribute Name: minConnThreads Attribute Class: WebMailService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 1 For more information on Connection Thread Control, see WebMail in the Product Architecture chapter.

AXIGEN User Manual



247

8.8.2. WebMail Log Control

Log control parameters are accessible through WebMail > General Page.

Use the Log Level check boxes to specify the log level for the WebMail service.

Attribute Name: logLevel Attribute Class: WebMailService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for the WebMail service. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: WebMailService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the WebMail service remote logging host IP address.

Attribute Name: logHost Attribute Class: WebMailService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for WebMail. For a general description of the logging service and related parameters see Logging Service.

AXIGEN User Manual



248

8.8.3. WebMail Connection and Session Control

In the WebMail > General Page, you can also set parameters related to WebMail connections and sessions.

Use the Allow Keep Alive drop-down box in the WebMail > General page to specify if permanent connections for WebMail service are allowed.

Attribute Name: allowKeepAlive Attribute Class: WebMailService Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Use the Session Idle Timeout field in the WebMail > General page to specify after how many seconds an idle WebMail session is closed. Values for this parameter must be entered in seconds.

Attribute Name: sessionIdleTimeout Attribute Class: WebMailService Attribute Type: VALUE Constraints: maxValue = 604800; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 900 Use the Session Activity Timeout field in the WebMail > General page to specify after how many seconds a WebMail session is closed, even if activity exists.

Attribute Name: sessionActivityTimeout Attribute Class: WebMailService Attribute Type: VALUE Constraints: maxValue = 604800; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 216000 To make your changes effective, remember to press the Update and Commit buttons.

AXIGEN User Manual



249

8.8.4. HTTP Limits for WebMail

In the General > WebMail page, you can also use HTTP limits parameters set HTTP limits for WebMail requests.

Use the Allow large incoming data on error drop-down box in the WebMail > General page to specify if you allow receiving incoming data over the limits set using maximum allowed sizes.

Attribute Name: allowLargeIncomingData Attribute Class: WebMailService Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no ) Use the HTTP header max size field in the WebMail > General page to specify the maximum allowed size for incoming HTTP headers for any request made in WebMail.

Attribute Name: httpHeadersMaxSize Attribute Class: WebMailService Attribute Type: VALUE Constraints: minValue = 16; maxValue = 10240; allowZero = false; allowInfinite = false; Default Value: 64 Use the HTTP body max size field in the WebMail > General page to specify the maximum allowed size for incoming HTTP body for any request made in WebMail.

AXIGEN User Manual



250

Attribute Name: httpBodyMaxSize Attribute Class: WebMailService Attribute Type: VALUE Constraints: minValue = 16; maxValue = 163840; allowZero = false; allowInfinite = false; Default Value: 64 Use the HTTP upload max size field in the WebMail > General page to specify the maximum allowed size for incoming upload data (in WebMail this refers particularly to mail attachments).

Attribute Name: uploadMaxSize Attribute Class: WebMailService Attribute Type: VALUE Constraints: minValue = 16; maxValue = 1048576; allowZero = false; allowInfinite = false; Default Value: 16384 Press the Update and Commit buttons to make your changes to the above parameters permanent.

AXIGEN User Manual



251

8.8.5. Setting Further General Parameters

The WebMail > General page gives access to further general parameters that define the WebMail service behavior.

System administrators can specify the authentication type allowed, by selecting it from the Authentication type dropdown box. The available options are plain and gssapi, while the default value is set to plain.

Attribute Name: authType Attribute Class: WebMailService Attribute Type: VALUE Possible values: ( plain | gssapi ) - single choice Default Value: ( plain ) You can also use the HSP path field to specify the path to the location where you wish to store HSP files.

Attribute Name: path Attribute Class: WebMailService Attribute Type: VALUE Default Value: "WEBMAIL_PATH" HSP is an AXIGEN proprietary server-side scripting language, used to generate HTML code for WebMail and WebAdmin, the two web-based components of AXIGEN. HSP code is combined with HTML, to integrate dynamic elements in static HTML pages. See the document on HSP in the documentation section of our website. You can also choose to display or not the domain list when logging in to WebMail.

To specify your choice, use the Show Domain List dropdown box. Attribute Name: showDomainList Attribute Class: WebMailService Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no ) When you are done configuring these parameters, press the Update and Commit buttons.

AXIGEN User Manual



252

8.8.6. URL Redirects for WebMail

Use the options available in the WebMail > URL Redirects page to define redirect rules for WebMail. These rules allow you to redirect connections established on one listener (domain:port location) to a specified host. These can be used, for instance, for redirecting plain connections to secure locations or to set up virtual hosts (if you wish to host several domains on the same IP address). When first entering WebMail > URL Redirects, a list of currently defined URL Redirects is displayed. To add a new redirect rule, press the Add new urlredirect button or press the Edit button next to a rule to edit its parameters. Whether adding or editing a URL redirect, the parameters displayed are the same.

Use the Address field in WebMail > URL Redirects to specify the address of a TCP listener (domain:port location) from which connections will be redirected (when accepted). Attribute Name: address Attribute Class: UrlRedirect Attribute Type: VALUE

AXIGEN User Manual



253

The Port and Hostname parameters are used to specify a location (port and host name) to which the connection will be redirected. In the Host name field, you need to enter the domain name (or host name / IP address written as a string).

Attribute Name: port Attribute Class: UrlRedirect Attribute Type: VALUE Attribute Name: host Attribute Class: UrlRedirect Attribute Type: VALUE When you are done configuring these parameters, press the Add button to add the new rule and the Commit button to enforce your changes.

AXIGEN User Manual



254

8.8.7. Hostname Resolver for Webmail

The WebMail > Hostname Resolver page allows you to map hostnames (IP adress:port) to domain names. When first entering WebMail > Hostname Resolver, a list of currently defined host - domain name value pairs is displayed. To add a new mapping, press the Add new hostresolver button, or press the Edit button next to an existing one to edit its parameters. Whether adding or editing a hostname resolver, the parameters displayed are the same.

Use the Host and Domain fields to specify the host name (IP:port combination) and the domain name you wish to associate to it.

Attribute Name: host Attribute Class: HostNameResolver Attribute Type: VALUE Constraints: Object; Attribute Name: domain Attribute Class: HostNameResolver Attribute Type: VALUE Constraints: Object; This allows setting up virtual hosts, that is specifying different domain names to be hosted on the same IP address (for instance, if you wish to have different WebMail login pages for two local pages).

AXIGEN User Manual



255

8.8.8. WebMail User dB Connector Parameters

Parameters relative to user database connectors can be set when accessing the WebMail > General page.


Attribute Name: userdbConnectorType Attribute Class: WebMailService Attribute Type: VALUE Possible values: ( local | ldap | ldapBind ) - single choice Default Value: ( local ) Attribute Name: userdbConnectorName Attribute Class: WebMailService Attribute Type: VALUE Remember to hit the Update and Commit buttons to make your changes effect.

AXIGEN User Manual



256

8.9. WebAdmin tab

The WebAdmin tab gives you access to WebAdmin related configuration parameters grouped in three pages:

• General - contains general configuration parameters relating to WebAdmin service, WebAdmin connections, sessions and HTTP limits

• URL redirects - contains parameters allowing you to set up URL redirect rules • Listeners - allows you to define and edit listeners for the WebAdmin module. For general

information on listeners, see the Listeners section. For information on how to configure parameters in the Listeners page, see Adding and Editing TCP Listeners.

8.9.1. WebAdmin Connection Thread Control

Connection thread control parameters are accessible through WebAdmin > General page.

Use the Maximum Connection Threads field to specify the maximum number of threads handling the WebAdmin service connections.

Attribute Name: maxConnThreads Attribute Class: WebAdminService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 20 Use the Minimum Connection Threads field to specify the minimum number of threads handling the WebAdmin service connections.

Attribute Name: minConnThreads Attribute Class: WebAdminService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 1 To make your changes effective, remember to press the Update and Commit buttons.

AXIGEN User Manual



257

8.9.2. WebAdmin Log Control

Log control parameters are accessible through WebAdmin> General Page.

Use the Log Level check boxes to specify the log level for the WebAdmin service.

Attribute Name: logLevel Attribute Class: WebAdminService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for the WebAdmin service. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: WebAdminService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the WebAdmin service remote logging host IP address.

Attribute Name: logHost Attribute Class: WebAdminService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for WebAdmin. For a general description of the logging service and related parameters see Logging Service.

AXIGEN User Manual



258

8.9.3. Specifying the HSP Path

In the WebAdmin > General page, you can use the HSP path field to specify the path to the location where you wish to store HSP files.

Attribute Name: path Attribute Class: WebAdminService Attribute Type: VALUE Default Value: "WEBADMIN_PATH" HSP is the AXIGEN proprietary server-side scripting language, used to generate HTML code for WebMail and WebAdmin, the two web-based components of AXIGEN. HSP code is combined with HTML, to integrate dynamic elements in static HTML pages. See the document on HSP in the Documentation section of our website.

8.9.4. WebAdmin Connection and Session Control

In the WebAdmin > General Page, you can also set parameters related to WebAdmin connections and sessions.

Use the Allow Keep Alive drop-down box in the WebAdmin > General page to specify if permanent connections for WebAdmin service are allowed.

Attribute Name: allowKeepAlive Attribute Class: WebAdminService Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes )

AXIGEN User Manual



259

Use the Session Idle Timeout field in the WebAdmin > General page to specify after how many seconds an idle WebAdmin session is closed. Values for this parameter must be entered in seconds.

Attribute Name: sessionIdleTimeout Attribute Class: WebAdminService Attribute Type: VALUE Constraints: maxValue = 604800; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 900 Use the Session Activity Timeout text area in the WebAdmin > General page to specify after how many seconds a WebAdmin session is closed, even if activity exists.

Attribute Name: sessionActivityTimeout Attribute Class: WebAdminService Attribute Type: VALUE Constraints: maxValue = 604800; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 216000 When you are done configuring these parameters, remember to press the Update and Commit buttons.

AXIGEN User Manual



260

8.9.5. HTTP Limits for WebAdmin

In the WebAdmin > General page, you can also use HTTP limits parameters set HTTP limits for WebAdmin requests.

Use the Allow large incoming data on error drop-down box in the WebAdmin > General page to specify if you allow receiving incoming data over the limits set using maximum allowed sizes.

Attribute Name: allowLargeIncomingData Attribute Class: WebAdminService Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no ) Use the HTTP headers max size field in the WebAdmin > General page to specify the maximum allowed size for incoming HTTP headers for any request made in WebAdmin.

Attribute Name: httpHeadersMaxSize Attribute Class: WebAdminService Attribute Type: VALUE Constraints: minValue = 16; maxValue = 10240; allowZero = false; allowInfinite = false; Default Value: 64 Use the HTTP body max size field in the WebAdmin > General page to specify the maximum allowed size for incoming HTTP body for any request made in WebAdmin.

AXIGEN User Manual



261

Attribute Name: httpBodyMaxSize Attribute Class: WebAdminService Attribute Type: VALUE Constraints: minValue = 16; maxValue = 163840; allowZero = false; allowInfinite = false; Default Value: 64 Use the Incoming upload max size field in the WebAdmin > General page to specify the maximum allowed size for incoming upload data (in WebAdmin this refers particularly to license keys, which can be directly uploaded through this interface).

Attribute Name: uploadMaxSize Attribute Class: WebAdminService Attribute Type: VALUE Constraints: minValue = 16; maxValue = 1048576; allowZero = false; allowInfinite = false; Default Value: 16384 In order to make your changes effective, press the Update and Commit buttons after configuring the above parameters.

8.9.6. URL Redirects for WebAdmin

Use the options available in the WebAdmin > URL Redirects page to define redirect rules for WebAdmin. These rules allow you to redirect connections established on one listener (domain:port location) to a specified host. These can be used for instance, for redirecting plain connections to secure locations or to set up virtual hosts (if you wish to host several domains on the same IP address). When first entering WebAdmin > URL Redirects, a list of currently defined URL Redirects is displayed. To add a new redirect rule, press the Add new urlredirect button or press the Edit button next to a rule to edit its parameters.

Whether adding or editing a URL redirect, the parameters displayed are the same.

AXIGEN User Manual



262

Use the Address field in WebAdmin > URL Redirects to specify the address of a TCP listener (domain:port location) from which connections will be redirected (when accepted).

Attribute Name: address Attribute Class: UrlRedirect Attribute Type: VALUE The Port and Hostname parameters are used to specify a location (port and host name) to which the connection will be redirected. In the Host name field, you need to enter the domain name (or host name / IP address written as a string).

Attribute Name: port Attribute Class: UrlRedirect Attribute Type: VALUE Attribute Name: host Attribute Class: UrlRedirect Attribute Type: VALUE When you are done configuring these parameters, press the Add button to add the new rule and the Commit button to enforce your changes.

AXIGEN User Manual



263

8.10. CLI Tab

The CLI tab allows you to configure parameters related to the CLI connections, logs and listeners. CLI (Command Line Interface) is a stand-alone administration tool for AXIGEN Mail Server.

CLI tab allows you to access these pages: • General - contains parameters relating to connection thread, connection error and log control

for CLI • Listeners - contains parameters related to listener configuration for CLI. Refer to Adding and

Editing TCP Listeners for a full configuration procedure

You can find full information on CLI and how to configure AXIGEN using this tool in Configuring AXIGEN using CLI.

AXIGEN User Manual



264

8.10.1. Configuring CLI Connection Error Control Parameters

Connection error control parameters are accessible through CLI > General page.

Use the Max error no. field to specify the maximum number of wrong commands that can be received from a CLI client during one session.

Attribute Name: maxErrors Attribute Class: CLIService Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 20 Use the Max. auth. error no. field to specify the maximum number of failed authentications allowed during one session.

Attribute Name: maxAuthErrors Attribute Class: CLIService Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 5 Use the Max. non-authenticated commands field of the CLI > General page to specify the maximum number of commands allowed before authentication.

Attribute Name: maxAuthCommands Attribute Class: CLIService Attribute Type: VALUE Default Value: 20 If you change any of the default values, make sure you click on Commit to apply your changes.

AXIGEN User Manual



265

8.10.2. Configuring CLI Connection Thread Control Parameters

Connection thread control parameters are accessible through CLI > General page.

Use the Maximum Connection Threads field to specify the maximum number of threads handling the CLI service connections.

Attribute Name: maxConnThreads Attribute Class: CLIService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 20 Use the Minimum Connection Threads field to specify the minimum number of threads handling the CLI service connections.

Attribute Name: minConnThreads Attribute Class: CLIService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 1 If you change any of the default values, make sure you click on Commit to apply your changes.

AXIGEN User Manual



266

8.10.3. Configuring CLI Log Control Parameters

Log control parameters are accessible through CLI > General Page.

Use the Log Level check boxes to specify the log level for CLI.

Attribute Name: logLevel Attribute Class: CLIService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for CLI. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: CLIService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the CLI remote logging host IP address.

Attribute Name: logHost Attribute Class: CLIService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for the CLI service. For a general description of the logging service and these parameters see Logging service.

AXIGEN User Manual



267

8.11. Log tab

The WebAdmin > Log tab gives you access to four different Log configuration pages:

• General - contains general Log service configuration parameters; • Listeners - contains parameters for listener configuration - see Adding and Editing UDP

Listeners, for a detailed configuration procedure; • Rules - contains parameters related to log rule configuration; • Log files - displays a list of log files to view and delete.

For a functional description of this service, please see Logging in the Architecture chapter. 8.11.1. General Log Service Parameters

In the Log > General page you can configure the log level, type and host for the Logging service itself. This means that information can be logged about the activity of this service, just as for any other AXIGEN service.

AXIGEN User Manual



268

Use the Log Level check boxes to specify the log level for the service.

Attribute Name: logLevel Attribute Class: LogService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: LogService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the remote logging host IP address.

Attribute Name: logHost Attribute Class: LogService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for the Log Service. For a general description of the logging service and related parameters see Logging service.

8.11.2. Adding and Editing Log Rules

Log Rules are used to define circumstances under which certain restrictions will be imposed on log files and the log level. Rules can be associated with host names, module names or both. For instance, a rule can be defined in order to specify the size, duration and number of old files kept for logs generated on a certain host, for a certain module (SMTP In). For a general description of the Log service and log rules, see Logging in the Architecture chapter. To configure log rules, go to the Log > Rules page. When first entering the Log > Rules page, a list of currently defined log rules is displayed. If none has been defined, the list is empty.

AXIGEN User Manual



269

To add or edit a rule, click the corresponding button. Whether adding or editing a rule, the parameters displayed are the same.

Use the Rule Priority text area to specify the rule priority. If several rules are defined for the same log client, rules are applied in the order of priority. A lower priority value denotes a higher priority. '1' denotes the highest priority, thus a rule with priority 1 will always be applied first.

Attribute Name: priority Attribute Class: LogRule Attribute Type: VALUE Constraints: maxValue = 1000; minValue = 1; allowZero = false; The following three parameters refer to the user of the current rule. Use the Hostname field to specify the hostname of the user of this rule. '*' stands for 'any host'.

Attribute Name: hostname Attribute Class: LogRule Attribute Type: VALUE Constraints: maxLength = 256; Default Value: * Use the Module field to specify the module (i.e. AXIGEN Mail Server service) of the user of this rule. You can specify smtp, pop3, imap, webmail or all these modules. '*' stands for 'any module'.

Attribute Name: module Attribute Class: LogRule Attribute Type: VALUE Constraints: maxLength = 256; Default Value: *

AXIGEN User Manual



270

Use the Log Level checkboxes to specify the level of log generated by the user of this log. The log level is computed by adding the following defined levels:

• 0 - no log • 1 - critical messages • 2 - error messages • 4 - warning messages • 8 - informational messages • 16 - protocol communication

Example: level 15 contains critical, error, warning and informational messages.

Attribute Name: logLevel Attribute Class: LogRule Attribute Type: VALUE Constraints: maxValue = 31; minValue = 0; Default Value: 15 A set of additional parameters define the output of this rule (the log file).

Use the File Name field to specify the name of the destination file. This is the file where log data will be stored according to the rule enforced.

Attribute Name: fileName Attribute Class: LogRule Attribute Type: VALUE Constraints: maxLength = 64; Default Value: default.txt Use the File Size field to specify the maximum size of the destination file (in KB). In case you assign this parameter the value 0, the maximum size will be 2GB.

AXIGEN User Manual



271

Attribute Name: fileSize Attribute Class: LogRule Attribute Type: VALUE Constraints: maxValue = 2097151; minValue = 100; Default Value: 5120 Use the File Duration field to specify the maximum duration the destination file is used (in seconds).

Attribute Name: fileTime Attribute Class: LogRule Attribute Type: VALUE Constraints: maxValue = 2592000; minValue = 600; Default Value: 86400 Use the File Count field to specify the maximum number of old (saved) files kept by AXIGEN Mail Server Log service.

Attribute Name: fileCount Attribute Class: LogRule Attribute Type: VALUE Constraints: maxValue = 1000; minValue = 0; Default Value: 0 Use the Rotate period to specify how often you wish a new log file to be created (daily, weekly, monthly). The default value "none" means that information will be written to the same log file until the file reaches its maximum size specified using the fileSize parameter.

Attribute Name: rotatePeriod Attribute Class: LogRule Attribute Type: VALUE Possible values: ( none | day | week | month ) - single choice When you are done configuring these parameters, don't forget to click the Add and Commit buttons to add and commit your rule.

AXIGEN User Manual



272

8.11.3. Log Files Page

The Log > Log files page is displayed after selecting the Log files page in WebAdmin Log tab. You can use this page to manage/view different logs generated by AXIGEN Mail Server Log service. When first entering the Log > Rules page, a list of current log files is displayed.

To view a log file, press on the View button on the right of the log file you want to view. The log file is then displayed. To delete a log file, press on the Delete button on the right of the log file you want to delete. A confirmation dialog box is displayed. Press OK to delete the specified log file or Cancel to cancel the deletion and return to the previous window.

AXIGEN User Manual



273

8.12. FTP Backup Tab

The FTP Backup Tab allows you to access two pages: • General page - containing general FTP Backup module configuration parameters, such as

connection thread control, connection error control, log control and authentication parameters • Listeners page - where you can add and edit Listeners for the FTP Backup service. For

details on how to configure IMAP Listeners, see Adding and Editing TCP Listeners.

For information on the FTP Backup service and its functions, see FTP Backup section in the Architecture Chapter.

8.12.1. Configuring FTP Backup Connection Error Control Parameters

Connection error control parameters are accessible through FTP Backup > General page.

Use the Max error no. field to specify the maximum number of wrong commands that can be received from a FTP client during one session.

Attribute Name: maxErrors Attribute Class: FTPBackupService Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 20 Use the Max. auth. error no. field to specify the maximum number of failed authentications allowed during one session.

Attribute Name: maxAuthErrors Attribute Class: FTPBackupService Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 5 For more information on connection control, see FTP Backup section.

AXIGEN User Manual



274

8.12.2. Configuring FTP Backup Connection Thread Control Parameters

Connection thread control parameters are accessible through FTP Backup > General page.

Use the Maximum Connection Threads field to specify the maximum number of threads handling the IFTP Backup service connections.

Attribute Name: maxConnThreads Attribute Class: FTPBackupService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 20 Use the Minimum Connection Threads field to specify the minimum number of threads handling the FTP Backup service connections.

Attribute Name: minConnThreads Attribute Class: FTPBackupService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 1 For more information on Connection Thread Control, see FTP Backup section.

AXIGEN User Manual



275

8.12.3. Configuring FTP Backup Log Control Parameters

Log control parameters are accessible through FTP Backup > General Page.

Use the Log Level check boxes to specify the log level for FTP Backup.

Attribute Name: logLevel Attribute Class: FTPBackupService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for the FTP Backup service. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: FTPBackupService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the FTP Backup service remote logging host IP address.

Attribute Name: logHost Attribute Class: FTPBackupService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for FTP Backup. For a general description of the logging service and related parameters, see Logging service.

AXIGEN User Manual



276

8.13. RPOP Tab

The RPOP tab gives access to parameters related to connection thread control and log control for the POP service. Configuring Connection Thread Parameters

Use the Maximum Connection Threads field to specify the maximum number of threads handling the RPOP service connections.

Attribute Name: maxConnThreads Attribute Class: RPOPService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 20 Use the Minimum Connection Threads field to specify the minimum number of threads handling the RPOP service connections.

Attribute Name: minConnThreads Attribute Class: RPOPService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 1 For more information on Connection Thread Control, see RPOP Service.

AXIGEN User Manual



277

Configuring Logging Parameters

Use the Log Level check boxes to specify the level of events logged for the RPOP service.

Attribute Name: logLevel Attribute Class: RPOPService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for RPOP. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: RPOPService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the RPOP remote logging host IP address.

Attribute Name: logHost Attribute Class: RPOPService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for RPOP. For a general description of the logging service and related parameters see Logging Service.

AXIGEN User Manual



278

8.14. UserDb Tab

The UserDb tab gives you access to two different pages: • General - gives access to parameters relative to threads and logging • Ldap Connectors - enables ldap connector management (adding, editing or deleting such

connectors)

8.14.1. UserDb Thread Control

When accessing the UserDb >General page, you can set the number of maximum threads handled by the User Database service. To do so, type the desired value in the Maximum Number of Threads field. The available values range from 1 to 128.

Attribute Name: maxThreads Attribute Class: USERDBService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; Default Value: 5

8.14.2. Configuring UserDb Log Control Parameters

Log control parameters are accessible through the UserDb > General Page.

AXIGEN User Manual



279

Use the Log Level check boxes to specify the level of events logged in UserDb.

Attribute Name: logLevel Attribute Class: USERDBService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for UserDb. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: USERDBService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the UserDb remote logging host IP address.

Attribute Name: logHost Attribute Class: USERDBService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for UserDb. For a general description of the logging service and related parameters see Logging Service.

8.14.3. LDAP Connectors

The list of existing LDAP connectors is displayed when first accessing the UserDB > LDAP Connectors page. To edit an existing connector, press its corresponding Edit button. If you want to delete and existing connector, press the Delete button corresponding to its name. The Add new ldapconn button allows you to create a new LDAP Connector.

Whether adding or editing a LDAP connector, the available parameters are the same.

AXIGEN User Manual



280

Use the Name text field to specify the name you have chosen for the connector you are configuring.

Attribute Name: name Attribute Class: LdapConnector Attribute Type: VALUE Constraints: maxLength = 32; The Host URL text field allows you to specify the LDAP server host URL for the currently defined connector.

Attribute Name: hosturl Attribute Class: LdapConnector Attribute Type: VALUE Constraints: maxLength = 512; In the Bind DN and Bind Password fields you can specify the distinguished name and password used for binding.

Attribute Name: bindDN Attribute Class: LdapConnector Attribute Type: VALUE Constraints: maxLength = 256;

AXIGEN User Manual



281

Attribute Name: bindPass Attribute Class: LdapConnector Attribute Type: VALUE Constraints: maxLength = 32;

The Search Base and Search pattern fields allow you to specify the formatted strings based on which the LDAP Connector will know where to search for the user and what search pattern to use.

Attribute Name: searchBase Attribute Class: LdapConnector Attribute Type: VALUE Constraints: maxLength = 512; Attribute Name: searchPattern Attribute Class: LdapConnector Attribute Type: VALUE Constraints: maxLength = 512; Use the Password field text box to specify the name of the field containing the password.

Attribute Name: passwordField Attribute Class: LdapConnector Attribute Type: VALUE Constraints: maxLength = 128; You can specify the name of the field containing the AXIGEN server hostname in the AXIGEN Hostname field.

Attribute Name: axigenHostField Attribute Class: LdapConnector Attribute Type: VALUE Constraints: maxLength = 128;

AXIGEN User Manual



282

To specify if the first returned field should be used when more than one are found, select one of the values in the Use first returned field dropdown box. The available values are "yes" and "no".

Attribute Name: useFirst Attribute Class: LdapConnector Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no ) To make your changes permanent, press the Update and Commit buttons.

AXIGEN User Manual



283

8.15. POP3 Proxy Tab

The POP3 Proxy tab gives access to three four different pages: • General - containing parameters relative to error control, thread control, log control and other

such paramters. • Mapping Data - gives access to parameters relative to user databases and mapping hosts

and ports. • Connection Data - allows imposing certain limits for connections established via POP3 Proxy • Listeners - allows you to configure listeners for the POP3 service. See Adding and Editing

TCP Listeners for more details.

8.15.1. Configuring General POP3 Proxy Parameters

When accessing the POP3 Proxy > General page, system administrators can configure parameters relative to connection threads, error control, log control and other such parameters.

POP3 Proxy Connection Error Control Parameters

Use the Max error no. field to specify the maximum number of wrong commands that can be received from a POP3 Proxy client during one session.

Attribute Name: maxErrors Attribute Class: ProxyPOP3Service Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 20 Use the Max. auth. error no. field to specify the maximum number of failed authentications allowed during one session.

Attribute Name: maxAuthErrors Attribute Class: ProxyPOP3Service Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 5 For more information on connection control see POP3 Proxy.

AXIGEN User Manual



284

POP3 Proxy Connection Thread Control Parameters

Use the Maximum Connection Threads field to specify the maximum number of threads handling the POP3 Proxy service connections.

Attribute Name: maxConnThreads Attribute Class: ProxyPOP3Service Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 20 Use the Minimum Connection Threads field to specify the minimum number of threads handling the POP3 Proxy service connections.

Attribute Name: minConnThreads Attribute Class: ProxyPOP3Service Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 1 For more information on Connection Thread Control, see POP3 Proxy.

POP3 Proxy Log Control Parameters

Use the Log Level check boxes to specify the log level for POP3 Proxy.

AXIGEN User Manual



285

Attribute Name: logLevel Attribute Class: ProxyPOP3Service Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for POP3 Proxy. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: ProxyPOP3Service Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the POP3 Proxy remote logging host IP address.

Attribute Name: logHost Attribute Class: ProxyPOP3Service Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for POP3 Proxy. For a general description of the logging service and related parameters see Logging Service.

POP3 Proxy User dB Connector Parameters


Attribute Name: userdbConnectorType Attribute Class: ProxyPOP3Service Attribute Type: VALUE Possible values: ( local | ldap | ldapBind ) - single choice Default Value: ( local ) Attribute Name: userdbConnectorName Attribute Class: ProxyPOP3Service Attribute Type: VALUE

AXIGEN User Manual



286

Other POP3 Proxy General Parameters

You can use the Allow TLS field to specify whether you want to enable secure connections for POP3 Proxy.


Attribute Name: allowStartTLS Attribute Class: ProxyPOP3Service Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) In the same page, system administrator can specify if user authentication should be required on proxy using the Proxy user authentication dropdown selection box.

Available options are "yes" and "no". By choosing "yes", you require user authentication on the proxy.

Attribute Name: authenticateOnProxy Attribute Class: ProxyPOP3Service Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no ) When you are done configuring these parameters, remember to press the Update and Commit buttons to make your changes permanent.

AXIGEN User Manual



287

8.15.2. Configuring POP3 Proxy Mapping Data

Mapping parameters for the POP3 Proxy service can be accessed on the POP3 Proxy > Mapping Data page.

Select a user map from the list of maps already defined on the server from the User map drop down box.

Attribute Name: userMap Attribute Class: MappingData Attribute Type: VALUE Default Value: none If the userMap parameter is set to the "none" value, system administrators can specify the name or IP address of a default AXIGEN machine to be used for mapping and port used to connect to the respective machine. To do so, use the Mapping AXIGEN host and Mapping AXIGEN port text fields.

Attribute Name: mappingHost Attribute Class: MappingData Attribute Type: VALUE Default Value: 127.0.0.1 Attribute Name: mappingPort Attribute Class: MappingData Attribute Type: VALUE Constraints: maxValue = 65535; minValue = 1; allowZero = false; Default Value: 1200 To make the changes effective, press the Update and Commit buttons.

AXIGEN User Manual



288

8.15.3. Configuring POP3 Proxy Connection Data Parameters

The POP3 Proxy > Connection Data page allows system administrators to configure parameters relative to the connections established through the POP3 Proxy service.

Use the RW Timeout field to set the timeout for the read/write operations performed via POP3 Proxy.

Attribute Name: rwTimeout Attribute Class: ConnectionData Attribute Type: VALUE Constraints: maxValue = 65535; minValue = 10; allowZero = true; Default Value: 400 In the Max. number of connections field, specify the maximum number of simultaneous connections established to AXIGEN backservers.

Attribute Name: maxConnections Attribute Class: ConnectionData Attribute Type: VALUE Constraints: maxValue = 65535; minValue = 1; allowZero = true; Default Value: 64 Choose if the respective connection should be secured through SSL using the Enable SSL drop down box.

Attribute Name: sslEnable Attribute Class: ConnectionData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no )

AXIGEN User Manual



289

Use the Local interface field to specify the address of the interface used to establish POP3 Proxy connections.

Attribute Name: localInterface Attribute Class: ConnectionData Attribute Type: VALUE Remember to press the Update and Commit buttons when you are done configuring these parameters.

AXIGEN User Manual



290

8.16. IMAP Proxy Tab

The IMAP Proxy tab gives access to three four different pages: • General - containing parameters relative to error control, thread control, log control and other

such paramters. • Mapping Data - gives access to parameters relative to user databases and mapping hosts

and ports. • Connection Data - allows imposing certain limits for connections established via IMAP Proxy • Listeners - allows you to configure listeners for the IMAP Proxy service. See Adding and


8.16.1. Configuring General IMAP Proxy Parameters

When accessing the IMAP Proxy > General page, system administrators can configure parameters relative to connection threads, error control, log control and other such parameters.

IMAP Proxy Connection Error Control Parameters

Use the Max error no. field to specify the maximum number of wrong commands that can be received from a IMAP Proxy client during one session.

Attribute Name: maxErrors Attribute Class: ProxyIMAPService Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 20 Use the Max. auth. error no. field to specify the maximum number of failed authentications allowed during one session.

Attribute Name: maxAuthErrors Attribute Class: ProxyIMAPService Attribute Type: VALUE Constraints: maxValue = 100; Default Value: 5 For more information on connection control, see IMAP Proxy Service.

AXIGEN User Manual



291

IMAP Proxy Connection Thread Control Parameters

Use the Maximum Connection Threads field to specify the maximum number of threads handling the IMAP Proxy service connections.

Attribute Name: maxConnThreads Attribute Class: ProxyIMAPService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 20 Use the Minimum Connection Threads field to specify the minimum number of threads handling the IMAP Proxy service connections.

Attribute Name: minConnThreads Attribute Class: ProxyIMAPService Attribute Type: VALUE Constraints: maxValue = 128; minValue = 1; allowZero = false; Default Value: 1 For more information on Connection Thread Control, see IMAP Proxy Service.

IMAP Proxy Log Control Parameters

Use the Log Level check boxes to specify the log level for IMAP Proxy.

Attribute Name: logLevel Attribute Class: ProxyIMAPService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15

AXIGEN User Manual



292

Use the Log Type drop-down box to specify the log type for IMAP Proxy. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: ProxyIMAPService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the POP3 Proxy remote logging host IP address.

Attribute Name: logHost Attribute Class: ProxyIMAPService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for IMAP Proxy. For a general description of the logging service and related parameters see Logging Service.

IMAP Proxy User dB Connector Parameters


Attribute Name: userdbConnectorType Attribute Class: ProxyIMAPService Attribute Type: VALUE Possible values: ( local | ldap | ldapBind ) - single choice Default Value: ( local ) Attribute Name: userdbConnectorName Attribute Class: IMAPService Attribute Type: VALUE

AXIGEN User Manual



293

Other IMAP Proxy General Parameters

You can use the Allow TLS field to specify whether you want to enable secure connections for IMAP Proxy.


Attribute Name: allowStartTLS Attribute Class: ProxyIMAPService Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) In the same page, system administrator can specify if user authentication should be required on proxy using the Proxy user authentication dropdown selection box.

Available options are "yes" and "no". By choosing "yes", you require user authentication on the proxy.

Attribute Name: authenticateOnProxy Attribute Class: ProxyIMAPService Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no ) To make your changed permanent, press the Update and Commit buttons.

AXIGEN User Manual



294

8.16.2. Configuring IMAP Proxy Mapping Data

Mapping parameters for the POP3 Proxy service can be accessed on the IMAP Proxy > Mapping Data page.

Select a user map from the list of maps already defined on the server from the User map drop down box.

Attribute Name: userMap Attribute Class: MappingData Attribute Type: VALUE Default Value: none If the userMap parameter is set to the "none" value, system administrators can specify the name or IP address of a default AXIGEN machine to be used for mapping and port used to connect to the respective machine. To do so, use the Mapping AXIGEN host and Mapping AXIGEN port text fields.

Attribute Name: mappingHost Attribute Class: MappingData Attribute Type: VALUE Default Value: 127.0.0.1 Attribute Name: mappingPort Attribute Class: MappingData Attribute Type: VALUE Constraints: maxValue = 65535; minValue = 1; allowZero = false; Default Value: 1200 Remember to press the Update and Commit buttons when you are done configuring these parameters.

AXIGEN User Manual



295

8.16.3. Configuring IMAP Proxy Connection Data Parameters

The IMAP Proxy > Connection Data page allows system administrators to configure parameters relative to the connections established through the IMAP Proxy service.

Use the RW Timeout field to set the timeout for the read/write operations performed via IMAP Proxy.

Attribute Name: rwTimeout Attribute Class: ConnectionData Attribute Type: VALUE Constraints: maxValue = 65535; minValue = 10; allowZero = true; Default Value: 400 In the Max. number of connections field, specify the maximum number of simultaneous connections established to AXIGEN backservers.

Attribute Name: maxConnections Attribute Class: ConnectionData Attribute Type: VALUE Constraints: maxValue = 65535; minValue = 1; allowZero = true; Default Value: 64 Choose if the respective connection should be secured through SSL using the Enable SSL drop down box.

Attribute Name: sslEnable Attribute Class: ConnectionData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no )

AXIGEN User Manual



296

Use the Local interface field to specify the address of the interface used to establish IMAP Proxy connections.

Attribute Name: localInterface Attribute Class: ConnectionData Attribute Type: VALUE When you are done configuring these parameters, press the Update and Commit buttons to make your changes effective.

AXIGEN User Manual



297

8.17. Domains tab

Pressing on the Domains tab in WebAdmin left panel displays the Domain List page, containing a list with all existing domains.

Remember: When you create a new domain, the default values are loaded from the domain.cfg file. The actions executed in the corresponding Domain pages from WebAdmin have a direct effect on the parameters stored in this file.

If you have an extensive list of domains administered, you can sort the domain list view using filters:

To add a new domain, type the name of the new domain in the Domain Name box. Also, specify in the Domain location box the exact path where you want your domain stored. Note that each domain must have a unique location. The default path assigned to a domain is the result of adding the domain name to /var/opt/axigen/domains/. For example, for the example.com domain, the location will be /var/opt/axigen/domains/example.com.

Finally, type and confirm the domain postmaster password in the Postmaster password and Confirm password fields and press the Add new domain button.

Important! When creating domains, one message storage location is recommended for each predicted 20GB of message occupied storage space. For larger spaces, additional message storage locations should be created to correspond to the number of 20GB storages you need. You can add multiple message storage locations using CLI only within the domain creation context. After creating the domain, additional locations cannot be added. The command to create multiple message storage locations is as follows: ADD MessagesLocation <path>

AXIGEN User Manual



298

To edit a specific domain, in the Domains>Domain List page, press on the Edit button next to the domain you want to edit. To delete a domain, press the Delete button corresponding to it. Please note that in this case the domain is only erased from the server configuration, but its location will be preserved. Should you later want to use the deleted domain, you will only have to register its location in the Commands tab. Press the Edit button to display the Domain Properties page for the corresponding domain. This page is also displayed when adding new domains and has 6 different sub-pages:

• General: use this sub-page to specify general domain parameters, such as domain name, aliases etc., and WebMail specific data for the current domain;

• Migration data: use this sub-page to configure automatic migration parameters for users within this domain;

• Public folder: use this sub-page to configure public folders parameters within the selected domain;

• SPE: allows system administrators to establish certain requirements for user selected passwords, such as a minimum length;

• Filters: use this sub-page to configure domain level filters; • Info: this page displays domain location information (domain objects, domain messages path)

and registry info (creation, access and modify date).

AXIGEN User Manual



299

8.17.1. General Domain Configuration

The Domains > General page allows you to configure general parameters for domains.

The name of the domain currently edited is displayed in the upper part of the window. You can change the name of the current domain using the Name field. The domain name can include the following characters: any letter a-z, any capital letter, A-Z, any figure 0-9, the '.' character and the '-' character (not allowed at the beginning or the end of the file).

Attribute Name: name Attribute Class: Domain Attribute Type: VALUE Constraints: Object; You can add aliases to the domain currently being edited using the Add alias field.

AXIGEN User Manual



300

To delete an alias previously added, in the Aliases list area, click on the Delete alias option available on the right of the text box corresponding to the alias you want to delete.

If you want to set different aliases for the same domain, add them one by one. An alias name can include the following characters: any letter a-z, any capital letter, A-Z, any figure 0-9, the '.' character and the '-' (not allowed at the beginning or the end of the name).

Attribute Name: aliases Attribute Class: Domain Attribute Type: VALUESET Constraints: Object; You can specify an IP address to be assigned to this specific domain. This might be useful when the AXIGEN Mail Server is installed on a machine with multiple network cards and you want to split the flow of incoming messages for this domain from the rest of the message flow.

Attribute Name: assignedIP Attribute Class: Domain Attribute Type: VALUE You can specify what AXIGEN services are allowed for each specific domain, by selecting the checkboxes corresponding to the services you want to run.

Attribute Name: services Attribute Class: Domain Attribute Type: VALUE Possible values: ( smtpIncoming | smtpOutgoing | smtp | pop3 | imap | webmail | rpop ) - multiple choices Default Value: ( smtpIncoming smtpOutgoing smtp pop3 imap webmail ) To specify if you want domain recipients contacts to be published, use the Publish domain rcpts to contacts dropdown box.

Attribute Name: publishRcptContacts Attribute Class: Domain Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Using the Show webmail login dropdown box, you can specify if you wish to have the domain displayed in the WebMail login drop down box.

Attribute Name: showWebmailLogin Attribute Class: Domain Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no )

AXIGEN User Manual



301

Appender Settings The appender allows system administrators to specify a certain text that will then be appended to all emails sent by AXIGEN.

To enable the appender, select 'yes' in the enableAppender dropdown menu. Then use the Appender message text field to type in your text of choice. After configuring these parameters, don't forget to click the Update and Commit buttons to update and save your changes.

8.17.2. Domain Migration Data

Use this tab to enable and configure automatic migration for a particular domain.

AXIGEN User Manual



302

Use the Enable migration field to enable automatic migration for this domain data. By setting the enable parameter to yes, you enable automatic migration for that domain.

Attribute Name: enable Attribute Class: DomainMigrationData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no ) When the domain has the enabled attribute set to yes and some account tries to login (via any of WebMail, IMAP, POP3), AXIGEN verifies if the account exists in its accounts storage. If it does, it considers the account already migrated and doesn't perform any special migration-related operation. If the account doesn't exist, it will try to connect to an IMAP host at the address you specify when setting the remoteImapHost and remoteImapPort parameters (remoteImapHost:remoteImapPort). When connecting, AXIGEN uses the account credentials received. If the credentials allow AXIGEN to login successfully, it will create the account with the same username and password as the ones previously used to login and authenticate the user. It will also transfer the messages in this account via IMAP. This operation is equivalent to the one performed using the CLI MIGRATE command). If the credentials are not correct, the account is not created and the user receives an authentication failure message.

Important! The migration operation will only work if the remote host has a working IMAP server. Attribute Name: remoteImapHost Attribute Class: DomainMigrationData Attribute Type: VALUE Default Value: [127.0.0.1] Attribute Name: remoteImapPort Attribute Class: DomainMigrationData Attribute Type: VALUE Constraints: maxValue = 65535; minValue = 1; allowZero = false; allowInfinite = false; Default Value: 1430 On the SMTP-side, if AXIGEN receives an e-mail to an account for a migration-enabled domain and the account does not exist, it will relay the e-mail to the address you specify when setting the remoteSmtpHost and remoteSmtpPort parameters. This way, space is saved by storing all the e-mails for the accounts that were not yet migrated, in the old MTA storage. The messages only get transferred to the AXIGEN storage when the user tries to login for the first time.

Important! This mail relay operation to the old MTA storage will only work if the remote host has a SMTP server working. Attribute Name: remoteSmtpHost Attribute Class: DomainMigrationData Attribute Type: VALUE Default Value: [127.0.0.1]

AXIGEN User Manual



303

Attribute Name: remoteSmtpPort Attribute Class: DomainMigrationData Attribute Type: VALUE Constraints: maxValue = 65535; minValue = 1; allowZero = false; allowInfinite = false; Default Value: 2500 Important! Some mail servers allow you to create folder names containing the "/" character. AXIGEN cannot migrate folders whose names contain this specific character, therefore you need to rename them before migrating, so that the process is completed successfully.

AXIGEN User Manual



304

8.17.3. Domain Public Folders Configuration

The Domain > Public Folders tab gives access to two sub-pages: • General - containing general parameters relative to public folders and contained mailboxes. • Quota - allowing to set parameters that impose certain limitations on the public folder content. • Mboxes - allows you to further edit the Mboxes added in the general sub-page.

8.17.3.1. General Public Folders Configuration

The Public Folders > General sub-page allows you to choose the public folder name for the selected domain and to edit its related mailbox list.

Use the Public Folder's name field to specify the desired name for the public folder.

Attribute Name: name Attribute Class: PublicFolder Attribute Type: VALUE When accessing the sub-page, a list of the already added public folders Mboxes is displayed.

To add a new folder to the existing list, specify its email address in the Mboxes field, then press the Add button. To delete and existing mailbox, press the delete mbox button on the right side of the mailbox you want to delete. To be able to send an email to a specific Mbox of the domain public folder, you need to create a folder recipient for the respective domain; the FolderRCPT name and mboxName parameters should be set to match the existing Public Folder Mbox and have the value "yes" for the enable parameter. For details

AXIGEN User Manual



305

on how to configure these parameters using WebAdmin, see the Folder Recipients section. If you make any changes to the default settings, do not forget to press the Update and Commit buttons to make the changes effective.

8.17.3.2. Public Folder Quota Configuration

The Public Folders > Quota sub-page allows you to access message and folder related parameters for the mailbox container corresponding to the public folder being edited. These parameters allow you to specify in the finest details the structure and size of a certain mailbox container.

Use the Mbox Count field to specify the maximum number of folders that can be created within a public folder mailbox.

Attribute Name: mboxCount Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 100000; minValue = 0; allowZero = true; Default Value: 1000

The "0" value is allowed and means no folder will be created. Using the Total message count field, you can specify the maximum number of messages contained by all the mailbox folders.

AXIGEN User Manual



306

Attribute Name: totalMessageCount Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 2000000; minValue = 0; allowZero = true; Default Value: 500000 The Total message size field enables you to specify a maximum size of all messages contained by all mailbox folders. The size is measured in KB.

Attribute Name: totalMessageSize Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 4294967295; minValue = 0; allowZero = true; Default Value: 4294967295 Use the Folder message count field to specify the maximum number of email messages contained by a mailbox folder.

Attribute Name: messageCount Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 1000000; minValue = 0; allowZero = true; Default Value: 100000 The Folder message size field allows you to specify a maximum size for the messages contained by a mailbox folder. The size is measured in KB.

Attribute Name: messageSize Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 4294967295; minValue = 0; allowZero = true; Default Value: 4294967295 Remember to press the Update and Commit buttons to save your changes.

8.17.3.3. Public Folder Mbox Configuration

When first accessing the Public Folders > Mboxes sub-page, a list of the mboxes already added on the General sub-page is displayed.

AXIGEN User Manual



307

To edit an existing mbox, press the Edit button corresponding to its name.

The Mbox Name field cannot be edited. To change the name, you should first delete the mbox, then add it again, with the desired name.

Attribute Name: mboxName Attribute Class: PublicFolder Attribute Type: VALUE Constraints: Object; Use the Message count and Message size fields to specify the maximum number of messages the mbox can contain and the maximum size in KB of all messages contained by it.

Attribute Name: messageCount Attribute Class: MboxQuota Attribute Type: VALUE Constraints: maxValue = 1000000; minValue = 0; allowZero = true; Default Value: 100000 Attribute Name: messageSize Attribute Class: MboxQuota Attribute Type: VALUE Constraints: maxValue = 4294967295; minValue = 0; allowZero = true; Default Value: 4294967295 To make the changes permanent, remember to press the Update and Commit buttons when you are done configuring these parameters.

AXIGEN User Manual



308

8.17.4. Domain SPE Page

In the SPE > WebMail tab, you can configure parameters determining the length and the types of required characters for all account passwords set by the domain users. SPE stands for Secure Password Enforcement.

Use the Enable SPE dropdown box to specify if you want secure password enforcement to be enabled for the configured domain.

Attribute Name: enable Attribute Class: DomainPasswordEnforcement Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no ) The Minimum length and Maximum length fields allow you to specify a desirable length for account passwords. The minimul length values range from 1 to 32 characters, while the maximum lengths range from 16 to 64 for characters.

Attribute Name: minimumLength Attribute Class: DomainPasswordEnforcement Attribute Type: VALUE Constraints: maxValue = 32; minValue = 1; allowZero = false; Default Value: 5

AXIGEN User Manual



309

Attribute Name: maximumLength Attribute Class: DomainPasswordEnforcement Attribute Type: VALUE Constraints: maxValue = 128; minValue = 16; allowZero = false; Default Value: 16 To specify the types of characters you want the password to contain, use the Required characters dropdown box. Available values are letters, letters and numbers, or letter, numbers and special characters.

Attribute Name: requiredCharacters Attribute Class: DomainPasswordEnforcement Attribute Type: VALUE Possible values: ( letters | lettersAndNumbers | lettersAndNumbersAndSpecial ) - single choice Default Value: ( letters ) When you are done configuring these parameters, press the Update and Commit buttons to make your changes permanent.

AXIGEN User Manual



310

8.17.5. Domain Filter Configuration

Filter configuration and activation at Domain level is identical with Server level filter configuration, as described in the Filter Configuration section except that one additional field is present on the activation page: Filter Parent. This field, located in the Domains>Filters>Active filters page allows activating higher level filters that have been previously added. For instance, at domain level you can activate filters previously added at Server level.

AXIGEN User Manual



311

8.17.6. Domain Info Page

The Domain > Info page displays different details relative to the selected domain. The first group of data concerns the storage parameters of the domain in question. It contains details on domain object, domain and message storage locations. The second block of information is relative to the Registry. It displays the domain's creation data, the last time it has been accessed accessed and the last time it has been modified.

AXIGEN User Manual



312

8.18. Accounts tab

Pressing on the Accounts tab in WebAdmin left panel displays the Domain List page, containing a list with all domains already created. Each domain has a corresponding View button you can use to display the accounts for this domain.

After pressing the View button for a domain, all the accounts for the corresponding domain are displayed. To delete a currently existing account, press on the Delete button next to the account you want to delete. To edit a currently existing account, press on the Edit button next to the account you want to edit. To add a new account in the current domain, enter the name of the account in the Account name field, enter the account password in the Password filed, and press the Add new account button.

AXIGEN User Manual



313

Whether editing or adding an account, the parameters displayed are the same. They are organized on seven pages:

• General - contains general account configuration parameters (mailbox related, user personal data)

• WebMail data - contains parameters for configuring this account's behavior in WebMail • Quota - contains parameters allowing you to set the number and size of messages and

folders in the account • Limits - contains parameters allowing you to set up message, attachments and connection

related limits for an account • Mboxes • Filters - contains configuration parameters for account level filters • Info - contains information on the creation and last modification dates of the account and also

the latest login date and IP details for POP 3, IMAP and WebMail.

For general information on accounts and account management in AXIGEN, see User Accounts.

8.18.1. General Account Configuration

The Accounts > General page allows you to configure general account parameters and personal data of the respective user. The configuration options available when creating a new account are the same as the configuration options available when editing an existing account. General Parameters

AXIGEN User Manual



314

Use the Account's name field to enter a name for the new account. This is the part of the email address that appears before the @ sign, that is the user name for this email account.

Attribute Name: name Attribute Class: Account Attribute Type: VALUE Constraints: Object; You can add aliases to the account currently being edited using the Add alias field.

Attribute Name: aliases Attribute Class: User Attribute Type: VALUESET Constraints: Object; To delete an alias previously added, in the Aliases list area, click on the Delete alias option available on the right of the text box corresponding to the alias you want to delete. You can specify what AXIGEN services are allowed for each specific account, by selecting the checkboxes corresponding to the services you want to run. Attribute Name: services Attribute Class: Account Attribute Type: VALUE Possible values: ( smtpIncoming | smtpOutgoing | smtp | pop3 | imap | webmail | rpop ) - multiple choices Default Value: ( smtpIncoming smtpOutgoing smtp pop3 imap webmail ) Use the Password field to specify/edit the password used for accessing this account. This field cannot be left empty.

Attribute Name: password Attribute Class: Account Attribute Type: VALUE Constraints: maxLength = 256; Personal Data In a separate region of this screen, you can enter the personal data for an account (user's first name and last name).

AXIGEN User Manual



315

Attribute Name: firstName Attribute Class: Contact Attribute Type: VALUE Constraints: maxLength = 64; Attribute Name: lastName Attribute Class: Contact Attribute Type: VALUE Constraints: maxLength = 64; After entering this data, click on the Update and Commit buttons, to save your newly created account.

AXIGEN User Manual



316

8.18.2. Account WebMail Data

Account configuration pages allow you to edit various configurations regarding the account behavior in WebMail. To list the WebMail related parameters for one account, do the following:

1. Click on the Accounts tab. 2. Click on the View button corresponding to the domain of your choice in the Domain list. 3. Click on the Edit button corresponding to the account you wish to edit. Alternatively, you can

enter a new account name in the Account name field and click the Add new account button. 4. In the page displayed, click the Webmail data tab. The screen displayed will be as follows:

In the User's skin name field, specify the WebMail skin that should be used for this account.

Attribute Name: skin Attribute Class: AccountWebmailData Attribute Type: VALUE Default Value: default To configure the WebMail language settings for the respective account, use the Language filed. The available options are English (en), Romanian (ro), German (de) Norwegian (no), Dutch (nl), Spanish (es), Portuguese (pt), Italian (it), Danish (dk) and Swedish (se). The default selected language is English.

AXIGEN User Manual



317

Attribute Name: language Attribute Class: AccountWebmailData Attribute Type: VALUE Default Value: en You can specify the number of messages to be displayed on a WebMail page for the currently edited mailbox using the Page size field.

Attribute Name: pageSize Attribute Class: AccountWebmailData Attribute Type: VALUE Constraints: maxValue = 100; minValue = 10; allowZero = false; allowInfinite = false; Default Value: 20 You can specify if a confirmation should be requested or not before deleting a message via WebMail from the currently edited mailbox using the Confirm mail deletion dropdown box.

Attribute Name: confirmMailDelete Attribute Class: AccountWebmailData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) You can specify if a confirmation should be requested or not before emptying a folder in WebMail in the currently edited mailbox using the Confirm empty folder dropdown box.

Attribute Name: confirmFolderEmpty Attribute Class: AccountWebmailData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) You can specify if a message sent from WebMail should be saved or not in the Sent folder in the currently edited mailbox using the Save to sent dropdown box.

Attribute Name: saveToSent Attribute Class: AccountWebmailData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes )

AXIGEN User Manual



318

Additional parameters are available for account WebMail configuration:

You can specify if a message deleted from this mailbox in WebMail should be sent to Trash (select Yes) or deleted permanently (select No) using the Delete to Trash dropdown box.

Attribute Name: deleteToTrash Attribute Class: AccountWebmailData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) You can specify a filtering level for all HTML format emails using the HTML Body Filtering Level field. Level 1 is the least restrictive and level 4 the strictest (basically converting HTML to text). The default value, 0 means that the level is inherited from domain configuration.

Attribute Name: htmlFilterLevel Attribute Class: AccountWebmailData Attribute Type: VALUE Constraints: minValue = 0; maxValue = 3; allowZero = true; Default Value: 0 The Use contacts from public address book dropdown box allows you to specify if the account user should contact details added to the public address book when accessing his address book.

AXIGEN User Manual



319

Attribute Name: usePublicContacts Attribute Class: UserWebmailData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) In the Use contacts from domain dropdown box, you can specify if the account user should use the domain recipient contacts when accessing his address book.

Attribute Name: useRcptContacts Attribute Class: UserWebmailData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Use the Auto refresh interval field to specify the automatic refresh interval stated in minutes for the WebMail interface.

Attribute Name: autoRefreshInterval Attribute Class: AccountWebmailData Attribute Type: VALUE Constraints: minValue = 1; maxValue = 86400; allowZero = true; Default Value: 3 You can also set a signature for all emails sent from this account, by entering the signature text in the signature text box.

Attribute Name: signature Attribute Class: AccountWebmailData Attribute Type: VALUE Constraints: maxLength = 1024; If you add or modify values for any of these parameters, don't forget to click Update and Commit to save and commit your changes.

AXIGEN User Manual



320

8.18.3. Account Quota Parameters

The Accounts > Quota page allows you to access message and folder related parameters for the mailbox container corresponding to the account being edited. These parameters allow you to specify in the finest details the structure and size of a certain mailbox container. When clicking on the Quota page, the following parameters are displayed:

The Used Quota field is non-editable and displays the currently occupied quota for a specific user account. Use the MBox count to specify the maximum number of folders to be created for this mailbox.

Attribute Name: mboxCount Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 100000; minValue = 0; allowZero = true; Default Value: 1000 The value "0" is allowed and means that no folders will be created.

AXIGEN User Manual



321

Use the Total message count to specify the maximum total number of messages in all folders.

Attribute Name: totalMessageCount Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 2000000; minValue = 0; allowZero = true; Default Value: 500000 Use the Total message size field to specify a maximum total size in KB for all messages in all folders. Values for this parameter are specified in KB.

Attribute Name: totalMessageSize Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 4294967295; minValue = 0; allowZero = true; Default Value: 4294967295 Use the Folder message count parameter to set the maximum number of messages that can be stored in a folder of the account being edited.

Attribute Name: messageCount Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 1000000; minValue = 0; allowZero = true; Default Value: 100000 Use the Folder message size field to specify the maximum total size in KB of all messages that can be stored in a folder of this account.

Attribute Name: messageSize Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 4294967295; minValue = 0; allowZero = true; Default Value: 4294967295 If you modify any of the default values, do not forget to click Update and then Commit to update your changes and make them effective.

AXIGEN User Manual



322

8.18.4. Account Limits

By accessing the Limits page, you can set various parameters setting limits for the account being edited.

Sent Messages Limits Three interconnected parameters are available to you for imposing limitations on messages sent from one account. The first two specify limits for the number and size of messages, and the third one specifies the time interval for which these limits are enforced.

Use the Interval sent messages count to set a maximum limit for the number of email messages the user of this account can send in the specified time interval.

Attribute Name: sentMessagesCount Attribute Class: AccountLimits Attribute Type: VALUE Constraints: maxValue = 100000; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 1000 Use the Interval sent messages size field to set a maximum limit for the total size of email messages the user of this account can send in the specified time interval. The sizes are specified in kB.

Attribute Name: sentMessagesSize Attribute Class: AccountLimits Attribute Type: VALUE Constraints: maxValue = 1048576; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 102400

Use the Sent messages interval to specify the time interval for which the two limits described above are enforced.

AXIGEN User Manual



323

Attribute Name: sentMessagesInterval Attribute Class: AccountLimits Attribute Type: VALUE Constraints: maxValue = 360000; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 3600 Connection Limits Two parameters are available for limiting the number of simultaneous POP3 and IMAP connections allowed for this account.

Use the POP3 connection count field to set a maximum limit for simultaneous POP3 connections opened by this account.

Attribute Name: pop3ConnectionCount Attribute Class: AccountLimits Attribute Type: VALUE Constraints: maxValue = 16; Default Value: 4 Use the IMAP connection count field to set a maximum limit for simultaneous IMAP connections opened by this account.

Attribute Name: imapConnectionCount Attribute Class: AccountLimits Attribute Type: VALUE Constraints: maxValue = 16; Default Value: 8 WebMail Limits Several parameters are available for imposing limitations related to the behavior of the account in WebMail.

AXIGEN User Manual



324

Use the Webmail RCPT count field to set a maximum limit for the number recipients of any email composed in this account using WebMail.

Attribute Name: webmailRCPTCount Attribute Class: AccountLimits Attribute Type: VALUE Constraints: minValue = 1; maxValue = 2048; allowZero = false; allowInfinite = false; Default Value: 1024 Use the WebMail session count field to set a maximum limit for the number of Webmail sessions opened simultaneously by the account being edited.

Attribute Name: webmailSessionCount Attribute Class: AccountLimits Attribute Type: VALUE Constraints: minValue = 1; maxValue = 1024; allowZero = false; allowInfinite = false; Default Value: 4 Use the Webmail attachment max. size field to set a maximum limit for size of individual attachments uploaded in this account using WebMail. Values for this parameter are expressed in kB.

Attribute Name: webmailAttSize Attribute Class: AccountLimits Attribute Type: VALUE Constraints: minValue = 0; maxValue = 102400; allowZero = true; allowInfinite = false; Default Value: 1024 Use the Webmail attachment max. count field to set a maximum limit for the number of attachments uploaded with one email message in this account.

Attribute Name: webmailAttCount Attribute Class: AccountLimits Attribute Type: VALUE Constraints: minValue = 0; maxValue = 1024; allowZero = true; allowInfinite = false; Default Value: 10 Use the Webmail max. message size field to set a maximum limit for the total size of one email message (body + attachments) composed in this account using WebMail. Values for this parameter are expressed in kB.

Attribute Name: webmailMessageSize Attribute Class: AccountLimits Attribute Type: VALUE Constraints: minValue = 0; maxValue = 1048576; allowZero = true; allowInfinite = false; Default Value: 10240 Threshold limit

AXIGEN User Manual



325

Use the Over-quota threshold to set the percent of used quota which triggers an alert, letting the user know he is close to reaching his/her quota limit.

Attribute Name: overQuotaThreshold Attribute Class: AccountLimits Attribute Type: VALUE Constraints: minValue = 0; maxValue = 100; Default Value: 90 RPOP Limits

To set a limit for the maximum number of RPOP connections a user is allowed to define, use the Max. RPOP Connection Count field.

Attribute Name: rpopConnectionCount Attribute Class: UserLimits Attribute Type: VALUE Constraints: maxValue = 64; Default Value: 4 Use the RPOP Connection Polling Interval field to specify the minimum time interval in minutes between two RPOP email retrievals on the same connection.

Attribute Name: rpopRetrievalInterval Attribute Class: UserLimits Attribute Type: VALUE Constraints: maxValue = 10080; minValue = 1; Default Value: 10 To add the new account or save the changes to the account being edited make sure to press the Add or Update button and the press the Commit button.

AXIGEN User Manual



326

8.18.5. Account Mboxes Page

When first accessing the Accounts > Mboxes page, a list of all existing folders for the respective account is displayed. If the account user has not logged in with the respective account, the list will be empty.

To add any of the folders displayed, press its corresponding Edit button. The following parameters will become available in the lower part of the page:

The first parameter, Mbox name, is non-editable using WebAdmin. mboxName merely displays the name chosen by the user when creating the folder or the default name of the folder (for folders such as INBOX).

AXIGEN User Manual



327

Attribute Name: mboxName Attribute Class: FolderRecipient Attribute Type: VALUE Constraints: Object; Use the Message count field to set a maximum number of email messages that can be stored in the respective folder.

Attribute Name: messageCount Attribute Class: MboxQuota Attribute Type: VALUE Constraints: maxValue = 1000000; minValue = 0; allowZero = true; Default Value: 100000 Specify a maximum size for the messages to be stored in this folder using the Message size field. The size is measured in KB.

Attribute Name: messageSize Attribute Class: MboxQuota Attribute Type: VALUE Constraints: maxValue = 4294967295; minValue = 0; allowZero = true; Default Value: 4294967295 When you are done configuring these parameters, remember to press the Update and Commit buttons to save your settings.

AXIGEN User Manual



328

8.18.6. Account Filter Configuration

Filter configuration and activation at account level is identical with Server level filter configuration, as described in the Filter Configuration section except that one additional field is present on the activation page: Filter Parent. This field, located in the Accounts>Filters>Active filters page allows activating higher level filters that have been previously added. At account level you can activate filters previously added at Server or Domain level.

AXIGEN User Manual



329

8.18.7. Account Info

The Accounts > Info page displays detailed information on the selected account. It registers the account creation date and time and also the latest date when it was modified. It further displays the most recent information (date and IP used) used to login to IMAP, POP 3 and WebMail.

AXIGEN User Manual



330

8.19. Lists tab

Use the WebAdmin Lists tab to manage the mail lists in AXIGEN Mail Server. When selecting this tab, a list of the currently existing domains is displayed. To see the lists for a specific domain, press the View button next to the corresponding domain name.

If no lists have been defined, this view is empty. To add a new list, enter the name of the list you wish to create and specify a password for it, then press the Add new list button. In the screenshot below, a list is added to the example.com domain.

When already created lists are displayed for an existing domain, you can edit, delete it or clone them (i.e. create a new list with the same General and Advanced parameters) by using the corresponding buttons displayed next to its name. Whether editing / or adding a new mail list, the parameters displayed will be the same. These parameters are grouped on 10 different pages:

• General page - contains basic list definition parameters; • Advanced page - contains advanced list configuration parameters ( moderation, connection

types, adding header and body text messages, specifying error messages, etc); • User List - allowing you to add new users to the respective mail list; • Webmail data page - contains parameters related to list appearance and behavior in

WebMail; • Quota - containing parameters related to mailbox limitations for the selected mail list; • Limits (displayed only for already created lists) - allowing you to impose limitations on sent

and received messages in what numbers, connection and size are concerned; • Mboxes - containing folder management parameters; • Filters page - contains parameters for filter configuration at mail list level; • Info - presenting data on login and modification dates for the respective list.

AXIGEN User Manual



331

For general information on lists and list management in AXIGEN, see the Lists section, in the User and Domain Configuration chapter.

AXIGEN User Manual



332

8.19.1. General List Configuration

The List > General page gives you access to basic configuration parameters for mail lists.

Use the Name field to edit the name of the current mail list. This will be the RCPT for the current list.

Attribute Name: name Attribute Class: Maillist Attribute Type: VALUE Constraints: Object; Use the Services field to specify what services are enabled for this rule. If you want the list to be accessible via WebMail, click the corresponding service.

Attribute Name: services Attribute Class: Maillist Attribute Type: VALUE Possible values: ( smtpIncoming | smtpOutgoing | smtp | pop3 | imap | webmail | rpop ) - multiple choices Default Value: ( smtpIncoming smtpOutgoing smtp pop3 imap webmail ) Use the Password text area to specify the password for accessing the mailbox of this list.

AXIGEN User Manual



333

Attribute Name: password Attribute Class: Maillist Attribute Type: VALUE Constraints: maxLength = 256; Use the Description field to specify a description for the list. This will be the text displayed in the RCPT, next to the list address.

Attribute Name: description Attribute Class: Maillist Attribute Type: VALUE At this stage, you can make a few more additional settings for your mail list:

The Subscribe recipient, Unsubscribe recipient and Request recipient fields allow you to enter RCPTs used for subscribing, unsubscribing recipients and making requests. So, for instance, in order to subscribe to the list [email protected], the user needs to send an email to the address [email protected], because mail-list-subscribe was specified in the Subscribe recipient field.

Attribute Name: subscribeRcpt Attribute Class: Maillist Attribute Type: VALUE Constraints: Object; Attribute Name: unsubscribeRcpt Attribute Class: Maillist Attribute Type: VALUE Constraints: Object;

AXIGEN User Manual



334

Attribute Name: requestRcpt Attribute Class: Maillist Attribute Type: VALUE Constraints: Object; Use the checkboxes in the Enabled RCPTs area to specify which of the three addresses specified above you want to enable.

Attribute Name: enabledRcpts Attribute Class: Maillist Attribute Type: VALUE Possible values: ( request | subscribe | unsubscribe ) - multiple choices If you change any of the default values, make sure you click the Update and Commit buttons to save your changes and make them effective.

AXIGEN User Manual



335

8.19.2. Advanced List Settings

In the Lists > Advanced page, you can further configure an already created mail list.

Using the Admin confirm dropdown box, you can specify whether requests need to be confirmed by the administrator.

Attribute Name: adminConfirm Attribute Class: Maillist Attribute Type: VALUE Possible values: ( no | yes ) - single choice Use the Sender allow drop-down box to specify who can send messages on the list. Available options are: anyone (anyone can send message to the list); users (only users the list can send messages to the list) and admin (only the admin can send messages to the list).

Attribute Name: senderAllow Attribute Class: Maillist Attribute Type: VALUE Possible values: ( anyone | users | admin ) - single choice

AXIGEN User Manual



336

Use the Moderate drop-down box to specify what messages on the list are moderated. Available options are: all (all messages sent to the list are moderated); guests (only messages sent by guests to the list are moderated) and none (no message sent on the list is moderated).

Attribute Name: moderate Attribute Class: Maillist Attribute Type: VALUE Possible values: ( all | guests | none ) - single choice Use the ctypeAllow drop-down box to specify what type of content can be posted on the list. Available options are:

• plain (only plain text is accepted - Content Type: text/plain); • text (any type of text is accepted - Content Type: text/*, i.e. text/html) • garbage (no restriction is imposed).

Attribute Name: ctypeAllow Attribute Class: Maillist Attribute Type: VALUE Possible values: ( plain | text | garbage ) - single choice Use the adminEmail text area to specify an e-mail address for the admin that needs to be recognized (validated) when input is filtered.

Attribute Name: adminEmail Attribute Class: Maillist Attribute Type: VALUE Constraints: Object; Use the Remove headers field, to specify the list of headers that will be removed from a message that is published. After entering each header name, press the Add header button.

Attribute Name: removeHeader Attribute Class: Maillist Attribute Type: VALUESET Use the Add header field to specify headers that will be added to the headers of the messages that will be published. These headers follow the format specified by the RFC2822. This is a template and will expand the % format according to the settings specified in the Lists section (Templates explained) in the User and Domain Configuration chapter. Example: addHeader = "From: %l@%d\r\n" The following fields allow you to specify templates used for sending messages for various situations and standard text to be inserted at the beginning or at the end of the email body, welcome and goodbye texts for new users or error messages in case the request needs confirmation or the user has already subscribed. Most of these text boxes allow entering templates that expand the % token. The list below displays the name of these fields, the name or the corresponding parameter, and their function.

• Body begin text - bodyBegin - template for the text that will be inserted before the body of the mail to be published

AXIGEN User Manual



337

• Body end text - bodyEnd - template for the text that will be inserted at the end of the body of the mail to be published

• Unknown command - unknownCommand - error message returned by the filter in case of a request containing an unknown command

• Invalid username - invalidUserName - error message returned by the filter in case of null or invalid user name

• Not a user - notAUser - error message returned by the filter in case the sender is not a user of the list and it should be

• Bad confirmation – badConfirmation - error message returned by the filter in case of an invalid confirmation

• Request needs confirmation - requestNeedsConfirmation - template for the message telling the user to wait for a confirmation

• Request needs admin's confirmation - requestNeedsAdminConfirmation - template for the message telling the user to wait for admin's confirmation

• User already subscribed – userAlreadySubscribed - error message returned by the filter in case the user already exists on this list

• Auto reject response - autoRejectResponse- template for the message telling the user that his/her mail was rejected

• Welcome - welcome - template for the message telling the user that his/her email address has been added as list user

• Goodbye - goodbye - template for the message telling the user that his/her email address has been removed from list users

• Invalid format - invalidFormat - error message returned by the filter in case the user has sent a wrong format email

• Subscription denied - subscribeDenied - template for message telling the user that his/her address has not been added to list users

In case you enter any values in these fields or change default values, don't forget to press the Update and Commit buttons to save your changes and make them effective.

AXIGEN User Manual



338

8.19.3. Adding New List Users

The Lists > User list page is displayed when selecting the User list tab in the Lists page. Use this page to manage the list users. When first entering this page, a list of current users in the list is displayed. To add a new user to the list, press on the Add new user button.

After pressing on the Add new user button, a page similar to the one below is displayed. Use this page to specify the new list user e-mail address and name.

Attribute Name: email Attribute Class: MaillistUser Attribute Type: VALUE Constraints: Object; Attribute Name: name Attribute Class: MaillistUser Attribute Type: VALUE

AXIGEN User Manual



339

After entering the user data, press the Add button and then the Commit button to make your changes effective.

AXIGEN User Manual



340

8.19.4. List WebMail Data

The Lists >Webmail data tab allows you to configure the way the list mailbox is displayed in WebMail.

In the User's skin name field, specify the WebMail skin that should be used for the list mailbox.

Attribute Name: skin Attribute Class: MaillistWebmailData Attribute Type: VALUE Default Value: default To specify the preferred language for a certain user, use the Language field. The available options are English (en), Romanian (ro), German (de) Norwegian (no), Dutch (nl), Spanish (es), Portuguese (pt), Italian (it), Danish (dk) and Swedish (se).

Attribute Name: language Attribute Class: MaillistWebmailData Attribute Type: VALUE Default Value: en You can specify the number of messages to be displayed on a WebMail page for the list mailbox using the Page size field.

Attribute Name: pageSize Attribute Class: MaillistWebmailData Attribute Type: VALUE Constraints: maxValue = 100; minValue = 10; allowZero = false; allowInfinite = false; Default Value: 20

AXIGEN User Manual



341

You can specify if a confirmation should be requested or not before deleting a message via WebMail from list mailbox using the Confirm mail deletion dropdown box.

Attribute Name: confirmMailDelete Attribute Class: MaillistWebmailData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) You can specify if a confirmation should be requested or not before emptying a folder in WebMail in the list mailbox using the Confirm empty folder dropdown box.

Attribute Name: confirmFolderEmpty Attribute Class: MaillistWebmailData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Additional parameters are available for list mailbox WebMail configuration:

You can specify if a message sent from WebMail should be saved or not in the Sent folder in the list mailbox using the Save to sent dropdown box.

AXIGEN User Manual



342

Attribute Name: saveToSent Attribute Class: MaillistWebmailData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) You can specify if a message deleted from a WebMail mailbox should be sent to Trash (select Yes) or deleted permanently (select No) using the Delete to Trash dropdown box.

Attribute Name: deleteToTrash Attribute Class: MaillistWebmailData Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) You can specify a filtering level for all HTML format emails received in this list mailbox using the HTML Body Filtering Level field. Level 1 is the least restrictive and level 4 the strictest (basically converting HTML to text). The default value, 0 means that the level is inherited from domain configuration.

Attribute Name: htmlFilterLevel Attribute Class: MaillistWebmailData Attribute Type: VALUE Constraints: minValue = 0; maxValue = 3; allowZero = true; Default Value: 0 You can also set a signature for all emails sent from this list mailbox, by entering the signature text in the signature text box.

Attribute Name: signature Attribute Class: MaillistWebmailData Attribute Type: VALUE Constraints: maxLength = 1024; In case you modify their default values, make sure you click the Update and Commit buttons to save your changes and make them effective.

AXIGEN User Manual



343

8.19.5. List Quota Parameters

The Lists > Quota page allows you to access message and folder related parameters for the mailbox container corresponding to the list being edited. These parameters allow you to specify in the finest details the structure and size of a certain mailbox container. When clicking on the Quota page, the following parameters are displayed:

Use the MBox count to specify the maximum number of folders to be created for this list mailbox.

Attribute Name: mboxCount Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 100000; minValue = 0; allowZero = true; Default Value: 1000 The value "0" is allowed and means that no folders will be created. Use the Total message count to specify the maximum total number of messages in all folders of this list mailbox.

Attribute Name: totalMessageCount Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 2000000; minValue = 0; allowZero = true; Default Value: 500000 Use the Total message size field to specify a maximum total size in KB for all messages in all folders of this list mailbox. Values for this parameter are specified in kB.

AXIGEN User Manual



344

Attribute Name: totalMessageSize Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 4294967295; minValue = 0; allowZero = true; Default Value: 4294967295 Use the Folder message count parameter to set the maximum number of messages that can be stored in a folder of the list mailbox being edited.

Attribute Name: messageCount Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 1000000; minValue = 0; allowZero = true; Default Value: 100000 Use the Folder message size field to specify the maximum total size in KB of all messages that can be stored in a folder of this list mailbox.

Attribute Name: messageSize Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 4294967295; minValue = 0; allowZero = true; Default Value: 4294967295 If you modify any of the default values, do not forget to click Update and then Commit to update your changes and make them effective.

AXIGEN User Manual



345

8.19.6. List Limits

By accessing the Limits page, you can set various parameters setting limits for the list being edited. Sent Messages Limits Three interconnected parameters are available to you for imposing limitations on messages sent from this list mailbox. The first two specify limits for the number and size of messages, and the third one specifies the time interval for which these limits are enforced.

Use the Interval sent messages count to set a maximum limit for the number of email messages that can be sent in the specified time interval from this list mailbox.

Attribute Name: sentMessagesCount Attribute Class: MaillistLimits Attribute Type: VALUE Constraints: maxValue = 100000; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 1000 Use the Interval sent messages size field to set a maximum limit for the total size of email messages that can be sent in the specified time interval from this list mailbox. The sizes are specified in KB.

Attribute Name: sentMessagesSize Attribute Class: MaillistLimits Attribute Type: VALUE Constraints: maxValue = 1048576; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 102400 Use the Sent messages interval to specify the time interval for which the two limits described above are enforced.

AXIGEN User Manual



346

Attribute Name: sentMessagesInterval Attribute Class: MaillistLimits Attribute Type: VALUE Constraints: maxValue = 360000; minValue = 0; allowZero = true; allowInfinite = true; Default Value: 3600 Connection Limits Two parameters are available for limiting the number of simultaneous POP3 and IMAP connections allowed for this list mailbox.

Use the POP3 connection count field to set a maximum limit for simultaneous POP3 connections opened for this list mailbox.

Attribute Name: pop3ConnectionCount Attribute Class: MaillistLimits Attribute Type: VALUE Constraints: maxValue = 16; Default Value: 4 Use the IMAP connection count field to set a maximum limit for simultaneous IMAP connections opened for this list mailbox.

Attribute Name: imapConnectionCount Attribute Class: MaillistLimits Attribute Type: VALUE Constraints: maxValue = 16; Default Value: 8

AXIGEN User Manual



347

WebMail Limits Several parameters are available for imposing limitations related to the behavior of the list mailbox in WebMail.

Use the Webmail RCPT count field to set a maximum limit for the number recipients of any email composed in this list mailbox using WebMail.

Attribute Name: webmailMessageSize Attribute Class: MaillistLimits Attribute Type: VALUE Constraints: minValue = 0; maxValue = 1048576; allowZero = true; allowInfinite = false; Default Value: 10240 Use the Webmail session count field to set a maximum limit for the number of WebMail sessions opened simultaneously for this list mailbox.

Attribute Name: webmailSessionCount Attribute Class: MaillistLimits Attribute Type: VALUE Constraints: minValue = 1; maxValue = 1024; allowZero = false; allowInfinite = false; Default Value: 4 Use the Webmail attachment max. size field to set a maximum limit for size of individual attachments uploaded in this list mailbox using WebMail. Values for this parameter are expressed in KB.

Attribute Name: webmailAttSize Attribute Class: MaillistLimits Attribute Type: VALUE Constraints: minValue = 0; maxValue = 102400; allowZero = true; allowInfinite = false; Default Value: 1024 Use the Webmail attachment max. count field to set a maximum limit for the number of attachments uploaded with one email message in this list mailbox.

AXIGEN User Manual



348

Attribute Name: webmailAttCount Attribute Class: MaillistLimits Attribute Type: VALUE Constraints: minValue = 0; maxValue = 1024; allowZero = true; allowInfinite = false; Default Value: 10 Use the Webmail message max. size field to set a maximum limit for the total size of one email message (body + attachments) composed in this list mailbox using WebMail. Values for this parameter are expressed in KB.

Attribute Name: webmailMessageSize Attribute Class: MaillistLimits Attribute Type: VALUE Constraints: minValue = 0; maxValue = 1048576; allowZero = true; allowInfinite = false; Default Value: 10240

Threshold limit

Use the Over-quota threshold to set the percent of used quota which triggers an alert, letting the user know he is close to reaching his/her quota limit.

Attribute Name: overQuotaThreshold Attribute Class: MaillistLimits Attribute Type: VALUE Constraints: minValue = 0; maxValue = 100; Default Value: 90 To add the new list or save the changes to the list being edited make sure to press the Add or Update button and the press the Commit button.

AXIGEN User Manual



349

8.19.7. Lists Mboxes

When first accessing the Lists > Mboxes page, a list of all existing folders for the respective list mailbox is displayed.

To modify any of the folders displayed, press its corresponding Edit button. The following parameters will become available in the lower part of the page:

The first parameter, Mbox name, is non-editable using WebAdmin. mboxName merely displays of the current folder. Use the Message count field to set a maximum number of email messages that can be stored in the respective folder.

AXIGEN User Manual



350

Attribute Name: messageCount Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 1000000; minValue = 0; allowZero = true; Default Value: 100000 Specify a maximum size for the messages to be stored in this folder using the Message size field. The size is measured in KB.

Attribute Name: messageSize Attribute Class: MboxContainerQuota Attribute Type: VALUE Constraints: maxValue = 4294967295; minValue = 0; allowZero = true; Default Value: 4294967295 Remember to press the Update and Commit buttons when you are done configuring these parameters.

AXIGEN User Manual



351

8.19.8. List Filter Configuration

Filter configuration and activation at mail list level is identical with Server level filter configuration, as described in the Filter Configuration section except that one additional field is present on the activation page: Filter Level. This field, located in the Lists>Filters>Active filters page allows activating higher level filters that have been previously added. At account level you can activate filters previously added at Server or Domain level.

AXIGEN User Manual



352

8.19.9. Lists Info

The Lists > Info page displays detailed data on the logins and modifications of the selected mail list. Information referring to the creation date of the lists, its last modification and IMAP/POP3/WebMail

last login details can be monitored by the system administrator at any time.

AXIGEN User Manual



353

8.20. Forwarders Tab

In order to access the Forwarder configuration page, you need to be in Forwarders tab and click on the Show Forwarders button next to the desired domain.

The Forwarders list will be empty if no forwarders have been previously set. In the next screen, enter the desired name for your forwarder and click the Add new forwarder button.

Three Forwarder configuration pages are then available:

• General page- containing general forwarder parameters; • Filters page - contains parameters for filter configuration at folder recipient level • Info page - containing information on the forwarder creation date, the last message received,

the number of messages contained and the date of the last modification.

AXIGEN User Manual



354

8.20.1. Forwarders General Parameters

In the Forwarder > General page, you will need to set the following parameters: name, addresses and enabled

The forwarder name parameter is stored from the previous screen. In our example, the forwarder name is 'contact' and the forwarder email address will be [email protected]. Attribute Name: name Attribute Class: Forwarder Attribute Type: VALUE Constraints: Object; Use the addresses parameter to specify to which addresses will be forwarder email sent to the forwarder address (i.e. [email protected]). Real email addresses can be associated with the forwarder, provided that they are correctly formatted. You can add up to 64 email addresses in the addresses field.

Attribute Name: adresses Attribute Class: Forwarder Attribute Type: VALUESET Constraints: value = 1;

Important! If the addresses parameter is empty, emails sent to the forwarder address are discarded. If emails cannot be delivered to the address specified in the forwarder, the sender gets an NDR message.

AXIGEN User Manual



355

The enabled parameter is used to enable/disable the forwarder email address.

Attribute Name: enable Attribute Class: Forwarder Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) After setting these parameters, click on the Update button. You can edit the forwarder at any later time, by clicking the Edit button displayed in the forwarder list. For general information on forwarders and their management in AXIGEN, see Forwarders section in the User and Domain Configuration chapter.

AXIGEN User Manual



356

8.20.2. Forwarders Filter Configuration

Filter configuration and activation at folder recipient level is identical with Server level filter configuration, as described in the Filter Configuration section except that one additional field is present on the activation page: Filter Level. This field, located in the Forwarders>Filters>Active filters page allows activating higher level filters that have been previously added. At folder recipient level you can activate filters previously added at Server, Domain or Forwarder level.

AXIGEN User Manual



357

8.20.3. Forwarders Info Tab

The Forwarders > Info page displays information relative to the creation data, the last modification of the parameters, message count and other such data on the selected Forwarder.

AXIGEN User Manual



358

8.21. Folder Recipients

Use the WebAdmin Folder RCPTs tab to create and manage the folder recipients in AXIGEN Mail Server. Folder recipients are used to specify a certain folder within a domain's Public Folder to which email messages should be delivered. This feature is only available for mailboxes within the local domains and allows users to deliver messages directly to a specified folder in the recipient mbox defined in Domains>Public Folders (i.e. to the Work folder within example.com Public Folder). For details on how to configure Public Folders Mboxes using WebAdmin, see the Domain Public Folders Configuration section. When selecting this tab, a list of the currently existing domains is displayed. To see the lists for a specific domain, press the View button next to the corresponding domain name.

If no folder recipients have been defined, this view is empty. To add a new folder recipient, enter the name of the folder recipient you wish to create and press the Add new folderrcpt button. In the screenshot below, a folder recipient named Technology is added to example.com.

AXIGEN User Manual



359

The name specified in the Folder-rcpt name field is actually the RCPT folder (Public Folder Mbox) within the local domain for which you define this rule (i.e. if you want to define a folder recipient for [email protected], you should enter the value "Technology" in this field). When already created folder recipients are displayed for an existing domain, you can edit or delete them by using the corresponding buttons displayed next to their name. Whether editing / or adding a new folder recipient, the parameters displayed will be the same. These parameters are grouped on the following pages:

• General page - contains basic folder recipient definition parameters • Filters page - contains parameters for filter configuration at folder recipient level • Info - containing information on the folder recipient and the messages sent to it.

For general information on folder recipients and their usage with Public Folder, see the Public Folders section in the User and Domain Configuration chapter.

AXIGEN User Manual



360

8.21.1. General Folder Recipients Parameters

Use the General page to configure the folder recipients' general parameters.

Use the Folder-RCPT's name field to specify the name you wish to assign to this delivery rule. This name can refer to any folder within the local domain Public Folder.

Attribute Name: name Attribute Class: FolderRecipient Attribute Type: VALUE Constraints: Object; Use the Folder-RCPT's mailbox name field to specify the Mbox name within the public folder you want to define as recipient.

Attribute Name: mboxName Attribute Class: FolderRecipient Attribute Type: VALUE Constraints: Object; Use the Enable drop down box to specify if you want to enable or not this folder recipient rule. This way you can store folder recipient rules and enable them at a later time.

Attribute Name: enable Attribute Class: FolderRecipient Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) When you are done editing these parameters, make sure you press the Update and Commit buttons to save the changes and make them effective.

AXIGEN User Manual



361

8.21.2. Folder Recipients Filter Configuration

Filter configuration and activation at folder recipient level is identical with Server level filter configuration, as described in the Filter Configuration section except that one additional field is present on the activation page: Filter Level. This field, located in the FolderRCPTs>Filters>Active filters page allows activating higher level filters that have been previously added. At folder recipient level you can activate filters previously added at Server, Domain or Folder RCPT level.

AXIGEN User Manual



362

8.21.3. Folder Recipients Info

The FolderRCPT > Info page displays information relative to the creation data, the last modification of the parameters, number or received and failed messages and other such data on the selected Folder recipient.

AXIGEN User Manual



363

8.22. Queue Tab

The Queue tab displays all the messages which are currently on the AXIGEN Queue and their respective status (processed, received, sent). It also allows locating certain emails and removing or rescheduling them. When first accessing the tab, the list of emails on the AXIGEN Queue is displayed:

Select the page you want to jump to, then press the Apply filter button to go directly to a specific page of the Queue tab. If you want to change the number of emails displayed on each page, modify the Pagesize filed and apply the respective filter. To view a certain email, press its corresponding View button. To return to the initial queue view, press on the List link on the upper right side of the tab. When viewing an email, the following screen is displayed in the lower part of the tab:

AXIGEN User Manual



364

You can thus check at any time the size, date, status, and other such details relative to any email message on your queue. You can also remove or reschedule email messages at any time using the Reschedule message and Remove message buttons. To view the details of the email recipient, press the show info button. In a information box opened under the selected recipient, the email status, the destination folder and eventual failure information will be displayed. To hide the data displayed, press the hide info button.

AXIGEN User Manual



365

8.23. Reporting tab

The Reporting tab gives you access to four pages to furthe configure the AXIGEN reports: • General page - contains general parameters relative to the synchronization time and log

service of the Reporting service. • Database - contains database configuration parameters. • Templates - contains the parameters needed to select and configure a certain template for

the Reporting module. • Graphics - contains parameters managing the graphics generated by the Reporting service.

Important! The last three pages will be presented as they should be configured, not in the order they appear in the Reporting tab. The correct order to configure the parameters is Template first, Database second and Graphics last. For a functional description of the reporting service, please see Reporting & Monitoring in the Architecture chapter.

AXIGEN User Manual



366

8.23.1. General Reporting Parameters

The Reporting > General page enables you to configure synchronization time and the logging service behavior for the Reporting module.

Use the Synchronization Time field to specify the activation interval measured in seconds for the Reporting service. This stipulates a time interval after which the module will be synchronized with the values measured for the monitored parameteres and stored in the repository. Attribute Name: syncTime Attribute Class: ReportingService Attribute Type: VALUE Constraints: maxValue = 86400; minValue = 60; allowZero = false; allowInfinite = false; Default Value: 60 Note: The value set for the syncTime parameter should not be greater than the Round Robin Archive query time. Log control parameters are also accessible through the Reporting > General Page.

AXIGEN User Manual



367

Use the Log Level check boxes to specify the log level for the Reporting service.

Attribute Name: logLevel Attribute Class: ReportingService Attribute Type: VALUE Constraints: maxValue = 31; Default Value: 15 Use the Log Type drop-down box to specify the log type for the Reporting service. Possible values are: internal, system and remote.

Attribute Name: logType Attribute Class: ReportingService Attribute Type: VALUE Possible values: ( internal | system | remote ) - single choice Use the Log Host field to specify the Reporting service remote logging host IP address.

Attribute Name: logHost Attribute Class: ReportingService Attribute Type: VALUE Default Value: 127.0.0.1:2000 Note: This option is used and valid only if logType=remote for Processing. For a general description of the logging service and related parameters see Logging Service.

AXIGEN User Manual



368

8.23.2. Reporting Template Configuration

When accessing the Reporting > Templates page, a list of the already configured Databases is displayed. If none has been previously created, the list will be empty.

To add a new database, press the Add new template button. To edit a template, press the Edit button on the right side of its name. To delete an existing template, press the Delete button corresponding to the template selected for deletion.

Important! If a template is used by at least one database, then it cannot be edited or deleted. Whether you are adding a new template or editing an existing one, the parameters to be configured are the same.

Use the Name field to specify the name used to identify the template archive.

Attribute Name: name Attribute Class: ReportingTemplate Attribute Type: VALUE Constraints: maxLength = 256;

AXIGEN User Manual



369

Using the Consolidation functional interval field, you can specify the time interval in seconds after which consolidation occurs.

Attribute Name: sampleInterval Attribute Class: ReportingTemplate Attribute Type: VALUE Constraints: maxValue = 86400; minValue = 60; Default Value: 60 You can specify the number of consolidated values after which rotation occurs using the Round Rotate Count field.

Attribute Name: rotateCount Attribute Class: ReportingTemplate Attribute Type: VALUE Constraints: maxValue = 1000000; minValue = 1; Default Value: 1440 After configuring the parameters of a template, remember to press the Update and Commit buttons to make the changes effective.

AXIGEN User Manual



370

8.23.3. Reporting Database Configuration

When accessing the Reporting > Databases page, a list of the already configured Databases is displayed. If none has been previously created, the list will be empty.

To add a new database, press the Add new database button. To delete an existing database, press the Delete button corresponding to the database selected for deletion.

Important! At this time, existing databases cannot be editied. Such an action will result in an error message. The only available actions at this time are to add or delete databases. Whether you are adding a new database the parameters to be configured are the same.

Use the Name field to specify the name of your new Database which will then be used to identify it.

AXIGEN User Manual



371

Attribute Name: name Attribute Class: ReportingDatabase Attribute Type: VALUE Constraints: maxLength = 256; You can select the name of the parameter to be monitored, used to identify the data source, from the Report Parameter dropdown box.

Attribute Name: parameter Attribute Class: ReportingDatabase Attribute Type: VALUE Constraints: maxLength = 256; The available parameters to be monitored are:

• SMTP_InboundConnection • SMTP_InboundConnectionAuthenticated • SMTP_InboundConnectionAuthenticatedSuccess • SMTP_InboundMessage • SMTP_InboundMessageMessageBytes • SMTP_InboundMessageTOcommandsAccepted • SMTP_InboundMessageTOcommandsRejected • SMTP_InboundMessageFROMAccepted • SMTP_InboundMessageDATAUsed • SMTP_InboundMessageDATAAccepted • SMTP_InboundMessageBDATAccepted • SMTP_InboundMessageBodyAccepted • SMTP_OutboundConnection • SMTP_OutboundConnectionAuthenticated • SMTP_OutboundConnectionAuthenticatedSuccess • SMTP_OutboundConnectionErrorFinish • SMTP_OutboundMessage • SMTP_OutboundMessageMessageBytes • SMTP_OutboundMessageTOcommandsAccepted • SMTP_OutboundMessageTOcommandsRejected • SMTP_OutboundMessageFROMAccepted • SMTP_OutboundMessageDATAUsed • SMTP_OutboundMessageDATAAccepted • SMTP_OutboundMessageBDATAccepted • SMTP_OutboundMessageBodyAccepted • POP3_InboundConnection • POP3_InboundConnectionMessagesDelivered • POP3_InboundConnectionToppedMessagesDelivered • POP3_InboundConnectionMessagesDeleted • POP3_InboundConnectionMessagesSent • HTTP_InboundConnection • HTTP_InboundConnectionAuthenticated • HTTP_InboundConnectionAuthenticatedSuccess • HTTP_InboundConnectionProtocolError • HTTP_User • HTTP_UserUploadedBytes • HTTP_UserMessagesRead • HTTP_UserMessagesComposed

AXIGEN User Manual



372

• HTTP_UserFinishInError • IMAP_InboundConnection • IMAP_InboundConnectionAuthenticated • IMAP_InboundConnectionAuthenticatedSuccess • IMAP_InboundConnectionSyntaxError • IMAP_InboundConnectionCloseConnectionForced • IMAP_InboundConnectionConnectionTimeout • IMAP_FetchRequest • IMAP_FetchRequestSentBytes • IMAP_FetchRequestTimeSpan • IMAP_FetchRequestError • IMAP_SearchRequest • IMAP_SearchRequestSentBytes • IMAP_SearchRequestTimeSpan • IMAP_SearchRequestError • IMAP_AppendRequest • IMAP_AppendRequestSentBytes • IMAP_AppendRequestTimeSpan • IMAP_AppendRequestError • IMAP_ListRequest • IMAP_ListRequestSentBytes • IMAP_ListRequestTimeSpan • IMAP_ListRequestError • QUEUE_Size • SYSTEM_LoadAverage

The selection of consolidation functions used to compute final values can be specified using the Reporting consolidation functions dropdown box. The available choices are average, minimum, maximum and total.

Attribute Name: function Attribute Class: ReportingDatabase Attribute Type: VALUE Possible values: ( average | count | minimum | maximum | total ) - single choice Default Value: ( average ) Use the Data template name dropdown box to select the template of the Round Robin archive for your Database.

Attribute Name: template Attribute Class: ReportingDatabase Attribute Type: VALUE Constraints: maxLength = 256; When you are done configuring these parameters, remember to press the Update and Commit buttons to save your settings.

AXIGEN User Manual



373

8.23.4. Reporting Graphics Configuration

When accessing the Reporting > Graphics page, a list of the already configured graphics is displayed. If none has been previously created, the list will be empty.

To add a new database, press the Add new graphic button. To edit a graphic, press the Edit button on the right side of its name. To delete an existing graphic, press the Delete button corresponding to the template selected for deletion. Whether you are adding a new graphic or editing an existing one, the parameters to be configured are the same.

AXIGEN User Manual



374

Use the Name field to specify the desired name for your graphic. You can further select the database you want to monitor using the Database name dropdown box, allowing you to select one of the existing databases.

Attribute Name: name Attribute Class: ReportingGraphic Attribute Type: VALUE Constraints: maxLength = 256; Attribute Name: database Attribute Class: ReportingGraphic Attribute Type: VALUE Constraints: maxLength = 256; To choose one of the predefined graphic types, use the Graphic Type dropdown box. Available options are bars, fill, outline, fillWithOutline, descreteDots and descreteLines.

Attribute Name: type Attribute Class: ReportingGraphic Attribute Type: VALUE Possible values: ( bars | fill | outline | fillWithOutline | discreteDots | discreteLines ) - single choice Default Value: ( bars ) You can further customize the colors of your defined graphic using the Graphic fill color and Graphic outline color dropdown boxes.

Attribute Name: fillColor Attribute Class: ReportingGraphic Attribute Type: VALUE Constraints: maxLength = 32; Default Value: LightGray Attribute Name: outlineColor Attribute Class: ReportingGraphic Attribute Type: VALUE Constraints: maxLength = 32; Default Value: Black The History Page no. dropdown box allows you to select the page of the Graphics tab the defined graph will be displayed on.

Attribute Name: onPage Attribute Class: ReportingGraphic Attribute Type: VALUE Constraints: maxValue = 16; minValue = 1; Default Value: 1 Remember to press the Update and Commit buttons to save the settings you have made for your graphic.

AXIGEN User Manual



375

8.24. Graphics Tab

The Graphics tab displays the graphics for the monitored parameters, as defined in the Reporting tab. For details on how to configure graphics, please see the Reporting Graphics Configuration section. For each graphic displayed, the monitored parameter and database are displayed. If you configure more such graphics, they will be displayed on subsequent numbered pages. Press the Refresh button to refresh de data displayed by the graphics. If you want all data to be automatically refreshed every 60 seconds, press the Automatical refresh button. Should you leave the Graphics tab, the automatical refresh function will be stopped.

Important! No data is displayed on the Graphics tab if the Reporting service is stopped.

AXIGEN User Manual



376

8.25. Commands tab

In the Commands tab, several commands relative to the Server service are available.

• Save config: press the Save config button when you have made some changes to the configuration file used by AXIGEN Mail Server and you want these changes to be preserved after server restart.

• Force queue: Press the Force queue button to force an immediate scanning of all the messages currently in AXIGEN Mail Server queue and an immediate processing for any messages that are scheduled for later delivery.

• Synch with server: Press the Synchronize button when you want to synchronize your Webadmin configuration with the currently running server configuration.

• Lincense file upload: Press the Browse button to specify the path to the AXIGEN Mail Server license key, after acquiring the product. After specifying the correct path, press the Apply license key button

• Register domain location: Use the Register domain button to register a new domain location in your AXIGEN Mail Server. It is also used to register the locations of domains upgraded from the 1.2 versions of AXIGEN. Make sure you have specified the correct path in the corresponding text box.

AXIGEN User Manual



377

8.26. Adding and Editing TCP Listeners

In AXIGEN, it is possible to configure TCP listeners for all TCP services: SMTP-In, POP3, IMAP, WebMail, WebAdmin and CLI.

To access listener configuration in WebAdmin, click on the service tab (SMTP-In, POP3, IMAP, WebMail, WebAdmin or CLI) and then on the Listeners page. These pages are identical in terms of parameters displayed.

Important! Some of these parameters displayed on different service Listeners pages may have different default values: for instance, maxconnections has a default value of 1000 in WebMail, while for all other modules the default value is 200. To find out a parameter default value, click on the details button for the respective parameter to see what its default value is.

Use the Listeners page to configure listener-related settings, such as maximum connections accepted on a specific listener, maximum connections accepted from a single host on the listener, inactivity timeout, etc.

When first entering Listeners page, a list of currently defined listeners is displayed (see below), sorted by their IP addresses (lowest first), if any have been defined previously.

To add a new TCP listener, click on the Add new listener button. If you want to edit an existing listener, click on the Edit button displayed next to that specific listener in the list. The parameters displayed both when adding and editing a listener are the same.

AXIGEN User Manual



378

The Listeners page contains 4 (four) different tabs. You can select them in the right uppermost corner of the page:

• General tab • Allow rules tab • Deny rules tab • SSL settings tab

The configurations pertaining strictly to the listener definition are listed in the General and SSL settings tab. For details on how to configure rules associated with listeners, using the Allow rules and Deny rules tabs, see Adding and Editing Rules.

General Tab Parameters

Use the Address field to specify the listener bind address. Listeners are uniquely identified by their address attribute. Two or more listeners cannot have the same address value - only the first object correctly defined is considered. This will be the IP address followed by a colon and the port number.

Attribute Name: address Attribute Class: TCPListener Attribute Type: VALUE Use the Enable drop-down box to enable/disable the TCP listener. This way you can store defined listeners and enable them only when you need to.

Attribute Name: enable Attribute Class: TCPListener Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Connection parameters By setting all these connection related parameters, you can limit the number of simultaneous connections, and specify a number of maximum connections on the listener during a specified time interval. This way, you can manage the connection requests for a certain service, using the current listener and ensure higher service availability.

AXIGEN User Manual



379

Use the Max. connections field to specify the maximum number of simultaneous connections accepted by this TCP listener.

Attribute Name: maxConnections Attribute Class: TCPListener Attribute Type: VALUE Constraints: maxValue = 2048; minValue = 1; allowZero = false; Default Value: smtp: 200 pop3: 200 imap: 200 webmail: 1000 webadmin: 1000 cli: 200 ftpBackup: 200 Use the Time interval and Max. interval connections to specify a time interval and a maximum number of connections to be accepted during that interval. For instance, if you use the default values of these parameters, a maximum number of 60 connections will be accepted within an interval of 600 seconds. These two parameters are used in conjunction.

Attribute Name: timeInterval Attribute Class: TCPListener Attribute Type: VALUE Constraints: maxValue = 86400; minValue = 30; allowZero = false; Default Value: 60 Attribute Name: maxIntervalConnections Attribute Class: TCPListener Attribute Type: VALUE Constraints: maxValue = 100000; Default Value: smtp: 600 pop3: 600 imap: 600 webmail: 1200 webadmin: 1200 cli: 600 ftpBackup: 600

AXIGEN User Manual



380

The value of this parameter is specified in seconds.

Use the Peer max. connections field to specify the maximum number of simultaneous connections to the listener accepted with a single host.

Attribute Name: peerMaxConnections Attribute Class: TCPListener Attribute Type: VALUE Constraints: maxValue = 2048; minValue = 1; allowZero = false; Default Value: smtp: 20 pop3: 20 imap: 20 webmail: 100 webadmin: 100 cli: 20 ftpBackup: 20 Use the Peer time interval and Peer max. interval connections fields to specify a time interval and a maximum number of connections to be accepted with a single host during that time interval. These two parameters are used in conjunction.

Attribute Name: peerTimeInterval Attribute Class: TCPListener Attribute Type: VALUE Constraints: maxValue = 86400; minValue = 30; allowZero = false; Default Value: 60 Attribute Name: peerMaxIntervalConnections Attribute Class: TCPListener Attribute Type: VALUE Constraints: maxValue = 100000; Default Value: 600 The value of this parameter is specified in seconds. Use the Idle timeout field to specify the inactivity timeout on the listener (in seconds), that is the time interval before the connection is reset.

Attribute Name: idleTimeout Attribute Class: TCPListener Attribute Type: VALUE Constraints: maxValue = 86400; Default Value: smtp: 300 pop3: 300 imap: 1800 webmail: 300 webadmin: 300 cli: 300 ftpBackup: 300 You can specify a domain that will act as primary domain for connections made on the listener you are editing in the Listener's domain filed. When you are done defining these parameters make sure you click the Update and Commit buttons to add your listener to save your listener. If you want to further configure your listener by enabling SSL and setting SSL related parameters, go to the SSL settings page (see SSL Parameters for Listeners) If you want to define additional rules for your listener, go to the Allow rules or respectively Deny rules tab within the Listener page. For details on rule configuration, see Adding and Editing Rules. For a general description of listeners and their usage in AXIGEN, see Listeners in the Architecture chapter

AXIGEN User Manual



381

8.26.1. Adding and Editing TCP Listener Rules

Allow Rules For each existing TCP listener, you can define allow rules. These rules impose further limitations on accepted connections through current listener. Use the Allow rules tab to specify a set of rules for allowing specific IP addresses on the currently edited/created TCP listener. When entering the Listeners > Allow rules tab, a list of allow rules already defined for the current TCP listener is displayed. If none has been defined so far, the rule list is empty. Whether adding or editing rules, the parameters displayed will be the same.

Use the IP Set field to specify the IP address range. Connections with IP addresses within this range will be automatically accepted by AXIGEN Mail Server.

Attribute Name: ipSet Attribute Class: IpRule Attribute Type: VALUE Use the Enable drop-down box to enable/disable the TCP listener allow rule. This way you can store defined listeners and enable them only when you need to.

AXIGEN User Manual



382

Attribute Name: enable Attribute Class: IpRule Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Use the Priority field to specify what priority level you associate with this rule. When a connection is initiated with an IP address which subject to two or more different rules, priority levels are used to decide which rules will be given precedence. See the Rules section for a detailed description of the rules enforcement policy.

Attribute Name: priority Attribute Class: IpRule Attribute Type: VALUE Constraints: maxValue = 1000; minValue = 1; allowZero = false; Default Value: 500

Connection parameters

By setting all these connection related parameters, you can limit the number of simultaneous connections, and specify a number of maximum connections during a specified time interval, thus specifying extra limitations for all connections with addresses within the allow rule range.

AXIGEN User Manual



383

Use the Max. connections field to specify the maximum number of simultaneous connections accepted by the TCP listener.

Attribute Name: maxConnections Attribute Class: TcpRule Attribute Type: VALUE Constraints: maxValue = 2048; minValue = 1; allowZero = false; Default Value: 200 Use the Time interval and Max. interval connections to specify a time interval and a maximum number of connections to be accepted during that interval. For instance, if you use the default values of these parameters, a maximum number of 60 connections will be accepted within an interval of 600 seconds. These two parameters are used in conjunction.

Attribute Name: timeInterval Attribute Class: TcpRule Attribute Type: VALUE Constraints: maxValue = 86400; minValue = 30; allowZero = false; Default Value: 60 Attribute Name: maxIntervalConnections Attribute Class: TcpRule Attribute Type: VALUE Constraints: maxValue = 100000; Default Value: 600 The value of this parameter is specified in seconds. Use the Peer max. connections field to specify the maximum number of simultaneous connections on the listener accepted with a single host. Attribute Name: peerMaxConnections Attribute Class: TcpRule Attribute Type: VALUE Constraints: maxValue = 2048; minValue = 1; allowZero = false; Default Value: 20 Use the Peer time interval and Peer max. interval connections fields to specify a time interval and a maximum number of connections to be accepted from a single host during that time interval. These two parameters are used in conjunction.

Attribute Name: peerTimeInterval Attribute Class: TcpRule Attribute Type: VALUE Constraints: maxValue = 86400; minValue = 30; allowZero = false; Default Value: 60 Attribute Name: peerMaxIntervalConnections Attribute Class: TcpRule Attribute Type: VALUE Constraints: maxValue = 100000; Default Value: 600

AXIGEN User Manual



384

The value of this parameter is specified in seconds. After setting all these parameters, make sure you click on the Update and Commit buttons to save and commit your changes.

Deny Rules

For each existing TCP or currently added/edited listener, you can define deny rules. These rules impose further limitations on connections through the current listener, by denying connections with addresses within a specified IP range. Use the Deny rules tab to define deny rules associated with a specific listener. When entering the Listeners page > Deny rules tab page, a list of deny rules already defined for the current listener is displayed.

If none have been defined, the list is empty. Whether adding or editing rules, the parameters displayed will be the same:

AXIGEN User Manual



385

Use the IP Set field to specify the IP address range. Connections initiated by IP addresses within this range will be automatically rejected by AXIGEN Mail Server. Attribute Name: ipSet Attribute Class: IpRule Attribute Type: VALUE Use the Enable drop-down box to enable/disable the TCP listener deny rule. This way you can store defined rules and enable them only when you need to.

Attribute Name: enable Attribute Class: IpRule Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Use the Priority field to specify what priority level you associate with this rule. When a connection is initiated with an IP address which subject to two or more different rules, priority levels are used to decide which rules will be given precedence. See the Rules section for a detailed description of the rules enforcement policy.

Attribute Name: priority Attribute Class: IpRule Attribute Type: VALUE Constraints: maxValue = 1000; minValue = 1; allowZero = false; Default Value: 500 After setting all these parameters, make sure you click on the Update and Commit buttons to save and commit your changes.

AXIGEN User Manual



386

8.26.2. SSL Parameters for Listeners

For each TCP listeners created, you can enable SSL support and further configure SSL settings using the Listeners > SSL settings page:

AXIGEN implements OpenSSL compliant SSL settings for all TCP listeners.

Use the Enable SSL drop-down box in WebAdmin Listeners page > SSL Settings tab to enable/disable the SSL for the current listener.

Attribute Name: sslEnable Attribute Class: TCPListener Attribute Type: VALUE Possible values: ( no | yes ) - single choice Use the Allowed version checkboxes to specify the SSL versions to be used by AXIGEN Mail Server. Possible values are: ssl2, ssl3 and tls1. While SSL 3 and TLS1 are the most recent versions, you can use any combination of these you may find useful. All three versions are enabled by default.

Attribute Name: allowedVersions Attribute Class: SSLControl Attribute Type: VALUE Possible values: ( ssl2 | ssl3 | tls1 | all ) - multiple choices Default Value: ( ssl2 ssl3 tls1 )

Use the Certificate file field to specify the file containing the containing the certificate chain used for the current listener. The certificate chain refers to a chain of intermediate certificate issuers, that is, Certificate Authority certificates that are followed while verifying the remote server certificate.

AXIGEN User Manual



387

If this attribute is set to "none", to an invalid file or to a file not containing a valid certificate chain, then any attempt to use SSL on this listener or STARTTLS on any of the connections accepted on this listeners will fail because of lack of a valid certificate chain. Attribute Name: certFile Attribute Class: SSLControl Attribute Type: VALUE Constraints: value = none; Default Value: none Specify the file containing the certificate authorities for the current listener using the Certificate authorities filed.

Attribute Name: caFile Attribute Class: SSLControl Attribute Type: VALUE Constraints: value = none; Default Value: none Use the DH parameter field in SSL Settings tab to specify the path in local file system to the file containing the (OpenSSL) Diffie-Hellman parameter used by this listener. If keyword value "none" is used, no file will be used.

The Diffie-Hellman key agreement protocol (also called exponential key agreement) allows two users to exchange a secret key over an insecure medium without any prior secrets. Find more information about this protocol and how to configure this protocol, on RSA Laboratories website.

Attribute Name: dhParamFile Attribute Class: SSLControl Attribute Type: VALUE Constraints: value = none; Default Value: none

AXIGEN User Manual



388

Use the Max. chain depth field to specify the depth of verification for the certificate chain. The depth refers the maximum number of intermediate certificate issuers, i.e. the number of CA certificates which are max allowed to be followed when verifying the remote server certificate. For instance, a depth of 1 means the remote server certificate can be self-signed or has to be signed by a CA which is directly known to the server. The default value of 4 means that 4 intermediate certificate issuers are accepted.

Attribute Name: maxChainDepth Attribute Class: SSLControl Attribute Type: VALUE Constraints: maxValue = 16; minValue = 1; allowZero = false; Default Value: 4 Use the Cipher suite field in the SSL Settings tab to specify the OpenSSL-like string indicating the cipher suite to be used.

Attribute Name: cipherSuite Attribute Class: SSLControl Attribute Type: VALUE Default Value: ALL:ADH AXIGEN implements cipher suites active in OpenSSL, except for idea, rc5 and mdc2. Click here to see the corresponding OpenSSL documentation file, listing ciphers and their OpenSSL equivalents. In the Use ephemeral key drop-down box to specify ephemeral keys should be used or not. This options allows generating ephemeral keys, which actually transform all keys exchanged during one connection session into ephemeral keys (valid only for the current connection).

Attribute Name: useEphemeralKey Attribute Class: SSLControl Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) Use the Request client auth. drop-down box to specify if client certificate-based authentication should be requested or not.

Attribute Name: requestClientAuth Attribute Class: SSLControl Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( no ) If you modify any of the default values, make sure you click the Update and Commit buttons to make your changes effective.

AXIGEN User Manual



389

8.26.3. Example of Listener Configuration

This section presents some examples of a possible listener configuration. The default values specified here are applied for all listeners specific to AXIGEN main modules. Some exceptions may apply, and they are presented accordingly for each parameter. maxConnections Parameter used for specifying the maximum number of connection accepted by this listener. Type: UINT Accepted values: 1-2048 Default value: 200 (for all AXIGEN main modules but WebMail, where default value is 1000). Example: maxConnections = 200 timeInterval Parameter used for specifying the time interval used to enforce maxIntervalConnections. Type: UINT Accepted values: 30-86400 Default value: 60 Example: timeInterval = 60 maxIntervalConnections Parameter used for specifying the maximum number of connections accepted in 'timeInterval' seconds Type: UINT Accepted values: 0-100000 (0=unlimited) Default value: 600 (for all AXIGEN main modules but WebMail, where default value is 1200). Example: maxIntervalConnections = 600 peerMaxConnections Parameter used for specifying the maximum connection accepted from a single host on the listener. Type: UINT Accepted values: 1-2048 Default value: 10 (for all AXIGEN main modules but WebMail, where default value is 100, and SMTP Incoming, where default value is 20). Example: peerMaxConnections = 20 peerTimeInterval Parameter used for specifying the time interval used to enforce peerMaxIntervalConnections. Type: UINT Accepted values: 30-86400 Default value: 60 Example: peerTimeInterval = 60

AXIGEN User Manual



390

peerMaxIntervalConnections Parameter used for specifying the maximum connections accepted in 'peerTimeInterval' seconds from a single host. Type: UINT Accepted values: 0-100000 (0=unlimited) Default value: 20. Example: peerMaxIntervalConnections = 20 idleTimeout Parameter used for specifying the inactivity timeout on the listener (in seconds). Type: UINT Accepted values: 0-86400 (0=unlimited) Default value: 300 Example: idleTimeout = 300

denyrules Use the following sub-section to specify the list of rejected hosts, i.e. hosts from which mail traffic is automatically rejected by AXIGEN.

ipSet Parameter used for specifying the IP addresses to be automatically rejected by AXIGEN Mail Server. Type: REQUIRED IP_SET Default value: None Example: ipSet = 10.0.0.128-10.0.0.255 enable Parameter used for specifying if this rule should be enabled/disabled. Type: CHOICE (yes | no) Default value: yes Example: enable = yes priority Parameter used for specifying the rule's priority. 1 means the highest priority. Type: UINT Accepted values: 1-1000 Default value: 500 Example: priority = 100

AXIGEN User Manual



391

allowRules Use the following sub-section to specify the list of allowed hosts, i.e. hosts from which mail traffic is automatically accepted by AXIGEN. The following parameters should be used in connection with denyRules, in order to specify exceptions from the rules defined there (i.e. reject all mail traffic from IP class 168.168.0.1-168.168.0.255, but accept mail traffic from IP address 168.168.0.22). ipSet Parameter used for specifying the IP addresses to be automatically accepted by AXIGEN Mail Server. Type: IP_SET Default value: N/A Example: ipSet = 10.0.0.1/8 enable Parameter used for specifying if this rule should be enabled/disabled. Type: CHOICE (yes | no) Default value: yes Example: enable = yes priority Parameter used for specifying the rule's priority. 1 means the highest priority. Type: UINT Accepted values: 1-1000 Default value: 500 Example: priority = 500 maxConnections Parameter used for specifying the maximum connections accepted on the listener. Type: UINT Accepted values: 1-2048 Default value: 200 Example: maxConnections = 200 timeInterval Parameter used for specifying the time interval used to enforce maxIntervalConnections. Type: UINT Accepted values: 30-86400 Default value: 60 Example: timeInterval = 60 maxIntervalConnections Parameter used for specifying the maximum connections accepted in 'timeInterval' seconds. Type: UINT Accepted values: 0-100000 (0=unlimited) Default value: 600 Example: maxIntervalConnections = 600

AXIGEN User Manual



392

peerMaxConnections Parameter used for specifying the maximum connection accepted from a single host on the listener. Type: UINT Accepted values: 1-2048 Default value: 20 Example: peerMaxConnections = 20 peerTimeInterval Parameter used for specifying the time interval used to enforce peerMaxIntervalConnections. Type: UINT Accepted values: 30-86400 Default value: 60 Example: peerTimeInterval = 60 peerMaxIntervalConnections Parameter used for specifying the maximum connections accepted in 'peerTimeInterval' seconds from a single host. Type: UINT Accepted values: 0-100000 (0=unlimited) Default value: 600 Example: peerMaxIntervalConnections = 20

Limiting the Number of Allowed Connections for a Given Listener

The maxConnections attribute specifies the maximum number of simultaneous connections the TCP service will allow for the specific listener from any Internet host. The maxIntervalConnections and timeInterval attributes are used in conjunction: maxIntervalConnections specifies the maximum number of connections the TCP service will allow for the specific listener from any Internet host in a specific time interval defined in seconds by the value of the timeInterval attribute. The maxConnections attribute therefore limits the number of simultaneous connections from any host, while maxIntervalConnections limits temporarily (for the time interval specified by the timeInterval attribute) the number of connections from any host. Example: Assuming maxIntervalConnections=4 and timeInterval=60. If on t0 moment (in seconds) AXIGEN received a first connection, and after 40 seconds (at t0 40 moment) other 3 connections have been received (for a total of 4 accepted connections, no matter what their current status is - closed or not), then no other connection will be accepted by the TCP service on that listener for another 20 seconds (by t0 60 moment). In order to avoid limiting the number of connections accepted on a specific listener, you can set and maxIntervalConnections=0 (an unlimited number of connections are accepted for any given time interval; in this case, the value of the 'timeInterval' attribute is ignored). The maxConnections attribute accepts values between 1-2048. AXIGEN Mail Server will not accept an unlimited number of simultaneous connections.

AXIGEN User Manual



393

Limiting the Number of Accepted Connections for a Specific IP Address

These attributes have a similar applicability with maxConnections, maxIntervalConnections and timeInterval, but they are applied to the number of connections from the same IP address to be accepted by the listener.

The peerMaxConnections attribute specifies the maximum number of simultaneous connections coming from the same host (no matter what that host is) that are accepted by the TCP service on the listener.

The peerMaxIntervalConnections and peerTimeInterval attributes are used in conjunction: peerMaxIntervalConnections specifies the maximum number of connections accepted by the TCP service on the current listener, from the same host (same IP address), in the time interval in seconds defined by the value of the peerTimeInterval attribute.

The peerMaxConnections attribute therefore limits the number of connections from the same host, while peerMaxIntervalConnections limits temporarily (for the time interval specified by the peerTimeInterval attribute) the number of connections from the same host.

Limiting the Inactivity for a Given Listener

Sometimes active connection threads can be blocked with stagnating communication sessions - for instance in case of full bandwidth, when messages cannot be sent and the session must wait until some bandwidth is free). For an efficient usage of all available connections, communication threads can be stopped after a certain interval of inactivity. The communication session can be re-established later (when the mail client resends its query). The system administrator can configure the inactivity interval with the timeout attribute. The idleTimeout attribute specifies the inactivity period (in seconds) after which the TCP service will close the idle connection. To disable this limitation, you can use 'idleTimeout'=0, meaning no timeout will occur for an idle connection.

Note: The limitations defined by these attributes are applied for any host connecting to the current listener.

AXIGEN User Manual



394

8.27. Adding and Editing UDP Listeners

Currently, UDP listeners are only available for the Log service, the only AXIGEN UDP Service. They are used to specify the socket to listen to for connecting to the Log service.

To access UDP listener configuration in WebAdmin, click on the Log tab and then on the Listeners page. When first entering Listeners page, a list of currently defined listeners is displayed (see below), sorted by their IP addresses (lowest first), if any have been defined previously.

To add a new UDP listener, click on the Add new listener button. If you want to edit an existing listener, click on the Edit button displayed next to that specific listener in the list.

The parameters displayed both when adding and editing a listener are the same.

The General Listeners page allows you to set the parameters relative to the UDP Listeners:

Use the Address field to specify the listener bind address. Listeners are uniquely identified by their address attribute. Two or more listeners cannot have the same address value - only the first object correctly defined is considered. This will be the IP address followed by a colon and the port number. The default value for this parameter is '127.0.0.1:2000'

AXIGEN User Manual



395

Attribute Name: address Attribute Class: UDPListener Attribute Type: VALUE Use the Enable drop-down box to enable/disable the UDP listener. This way you can store defined listeners and enable them only when you need to.

Attribute Name: enable Attribute Class: UDPListener Attribute Type: VALUE Possible values: ( no | yes ) - single choice Default Value: ( yes ) For a detailed view of listeners usage in AXIGEN, see the Listeners section.

AXIGEN User Manual



396

9. Configuring AXIGEN using CLI The Command Line Interface (in short CLI) is an interface for configuring AXIGEN remotely. In order to do that, a socket will listen on a specified address for connections, thus the commands can be issued using common tools such as Telnet, Netcat, etc.

Service Description

CLI is for AXIGEN another service, more precisely a TCP service, just like SMTP, IMAP, POP3, etc. The CLI service can be configured in its turn similarly to the other services, either by editing the configuration files or by using the remote configuration tools like CLI and WebAdmin. It has common parameters such as maxErrors, logLevel, etc. and also a list of listeners for configuring incoming connections. The connection to the service must be authenticated using the default ‘admin’ username and the password previously set for it. For more details on how to set the admin password using the AXIGEN Configuration Wizard see this section. For details on how to set the admin password manually, please read this section. See Connecting to CLI for a detailed login procedure. CLI is structured in contexts, each of them including a specific set of commands. CLI also uses a common set of commands. Each context provides commands allowing switching to the previous and next context and a HELP command to view the available commands at that specific location. When connected, the login context is activated and an username and password must be provided; after activation, the initial context becomes active. The initial context is the only one not having a name in the command prompt. Commands are not case sensitive, meaning that you can enter HELP, help, Help, HeLP, it will still mean HELP. Also, when you need to assign values to parameters of certain commands, these values can be entered in 3 ways:

1. escaped 2. quoted 3. double quoted.

This is useful when entering regular expressions and spaces and is very similar to the way the strings are entered in unix bash.

1. escaped string: in this form, the string cannot contain not printable characters, and the characters that must be escaped with a backslash are: spaces, quotes and double-quotes.

2. quoted string: (e.g.: 'something') in this form, the string will preserve the literal value of each character within the quotes. A single quote may not occur between single quotes, even when preceded by a backslash

3. double quoted string: (e.g. "something"): in this form, the string will behave just like in the escaped form, ignoring the backslash before any character. The difference is that all the characters, including non-printables, are accepted and that the spaces and single quotes need not be escaped.

In the escaped and double-quoted form, the backslash character must be escaped in order to have a backslash as a result. The CLI parent / child contexts follow the structure of the configuration file where some objects are children of other parent objects. In general, a context that uses COMMIT for saving changes is considered a parent and a context that uses DONE for saving changes is considered a child.

AXIGEN User Manual



397

Contexts are, with a few exceptions, associated with configuration objects that appear in the config file. The notion of key parameter-value pair is related to the primary key concept. It uniquely identifies an object in a list of objects. The key value cannot be changed if the context was created using an ADD command. The configuration contexts corresponding config objects (like server, all services, etc.) update only when entering and leaving the respective context and when one of the reset commands is issued. Thus, if anything is changed using another version of CLI or WEBADMIN, the change will be present only when leaving and entering the context again or after a reset command is issued. When leaving the context using COMMIT and the commit fails, update of the context is NOT performed. This happens because any modifications made before commit would be lost. As a result, invalid settings may appear to exist in config. If you want to reset the configuration for that context, issue a CANCEL or a RESET command. Any changes made to a TCP service like: CLI, WEBMAIL, WEBADMIN, etc. affect only new connections to that service and not the active ones. The subsections of this chapter contain the following:

• Special Contexts - the most important contexts in CLI are explained • Common commands - commands used in all AXIGEN contexts • Context Specific Commands - a list of all contexts and commands available in CLI you can

use for reference to see all the different operations you can perform using CLI

Important! Within all CLI contexts and commands, the term "Script Filters" refers to Message rules, "Socket Filters" refers to Antivirus/Antispam Filters, while "SMTP Filters" generically defines Message Acceptace, Processing and Realy Policies.

AXIGEN User Manual



398

9.1. Special Contexts

The action of each command may differ in specific contexts that represent exceptions to the general behavior. As said before, some contexts have additional commands that have an exceptional character. Thus a detailed overview of each context is presented below.

Login Context prompt: <login> parent: none The login context is used only for authentication and has the following commands: HELP, USER, EXIT/QUIT, SET. The USER command usage is USER <username>. This context is associated with the maxAuthErrors config parameter: when this parameter is exceeded, the connection is closed; the maxAuthCommands parameter also applies to this context: if the number of commands issued is greater (with or without error), the connection is closed. In this context, global options can be set. The CONSOLE-CODES option allows console codes used for colors to be turned on/off. The QUIET option, if set to on, will display in all contexts and with all commands only the minimum amount of text needed to present the information, thus making the output script friendly. WARNING: if the CONSOLE_CODES option is set to off, the password will also be visible in the command line (not applicable if connecting through a script). Initial Context prompt: <#> parent: none The initial context is the starting point of configuring the server. Here, several actions can be started: domain configuration (including accounts and lists), server configuration and also reports can be viewed. Also, the Commands context is accessible from here where some commands can be issued to the server. This context does not have COMMIT/DONE or CANCEL commands because it is the first context. It neither has SHOW without parameters because it is not related to any config object. From the Initial context, we can access the REPORTING, MIGRATION and COMMANDS contexts which are detailed below. The LIST DOMAINDATA command is here because a domain database location must be provided when adding a domain. The ADD DOMAIN command, takes 2 parameter-value pairs, one for setting the domain name and one for specifying in which domain database location the domain should be created. Reporting Context prompt: <reporting#> parent: Initial This context is for viewing various reports for the server. It has the BACK command for switching back to the Initial context but does not have COMMIT/DONE because it is a read-only context.

AXIGEN User Manual



399

The commands available are: VIEW CONTORS with a parameter of all, others and domain. If domain is the parameter, a value must be specified, that is, a list of domains separated by '+'. The list must be in double quoted format. Another command is VIEW QUEUE which displays a snapshot of the mail queue and information on the emails in processing stage. The VIEW CONTORS domain command, makes a sum of all counter of the domains given as parameters. If a domain does not exist, it will not be counted in the sum. This means, to an extent, that if the list is made of one or more domains that do not exist, the list will show for all counters, a value of 0. Server Context prompt: <server#> parent: Initial The server context is where the server configuration is started. It has commands for entering the configuration context of every service for configuring filters and domain database locations, etc. It has the common commands CANCEL, COMMIT, HELP, QUIT/EXIT, and SHOW. The SHOW command will show the value parameters of the server like services, primaryDomain, etc. In the case of the services param, it will show the services started but it is updated only when the server context is entered or left with commit or cancel. So if a service was stopped while in the server context, it will Not show up stopped. The SET command, will set the one or more param-value pairs that are given as parameters. In the case of the services value parameter, it will stop or start the services only when COMMIT is issued. If CLI is removed from the list of services, it will be stopped at COMMIT but it will show up as started wehen SHOW is issued. The ADD FILTER command, takes 3 parameter-value pairs because the respective values are required. The commands for configuring the services are CONFIG <SERVICE_NAME> and the context will witch to the one corresponding to that specific service. From this context domains database locations can be managed. Thus there are functions to LIST, ADD, REMOVE, CREATE and DESTROY a domain database location. Before a location can be added, it must be created, otherwise the commit command will fail and no location will be added. The CREATE command, aside from the path, takes an additional parameter: an unique id that has to be from 0 to 255. It is impossible to add two locations with the same id on the server's list. Commands Context prompt: <commands#> parent: Initial The Commands context is a special context that allows the remote administrator to issue commands to the server. It has two subcontexts, the Server and Storage contexts that will be described below. Directly from the Commands context, the password for the CLI and Webadmin sessions can be changed and the two subcontexts can be entered. As in the case of MIGRATION and REPORTING contexts, the COMMANDS context has the BACK command for switching back to the Initial context and does not have COMMIT/DONE commands.

AXIGEN User Manual



400

Commands-Server Context prompt: <commands-server#> parent: Commands The Server subcontext, is used to issue server-related commands to AXIGEN. There is a command for trying to force all mail in the queue to be processed and/or sent, regardless of their rescheduled time. This command is FORCE QUEUE. The command SAVE CONFIG, saves the configuration. If no parameter is given, it will be saved in the default location. If a path parameter is given, it will be saved in that location but for security reasons, a suffix will be added to the file. The SHOW CONFIG command, will dump the configuration as it is written in the config file. This command is also available from the Initial and Initial-Server contexts. The START/STOP service command will start/stop a service immediately without the need for COMMIT command as in the case where services are modified from the Initial-Server context. Commands-Storage Context prompt: <commands-storage#> parent: Commands This context allows several operations with the AXIGEN Storage System. The storage system, is composed of Message Containers, where messages for a certain domain are kept. The operations available are LIST containers, CHECK container, COMPACT container, LOCK container and UNLOCK container. The LIST container command takes as parameter the domain name and lists all message containers available for that domain. The LOCK and UNLOCK container commands, as their names suggest, lock and unlock the container given as parameter, meaning respectively that messages can or cannot be stored. These commands are useful when a snapshot of the container needs to be saved. The CHECK container command, starts a check on the structure of a certain container. After a check is started, the status can be seen by issuing the LIST containers command. The COMPACT container command, will start a defragmentation of the specified container and, similarly to CHECK, issuing the LIST command will show the status of the container. The optional parameter priority, if set to high, will increase the speed of that operation but the container will be unavailable to any service, even for reading. The default value is low. Migration Context prompt: <migration#> parent: Initial The Migration context, allows messages to be migrated from other servers to AXIGEN. The common commands are the same as in the case of REPORTING and COMMANDS and it has one command with many parameters for migration. The MIGRATE command will migrate all emails from an account on a remote server using the IMAP protocol. The migration is completed when the entire directory structure is migrated.

AXIGEN User Manual



401

The mandatory domain and account parameters, will identify an account into which the messages will be migrated. The remoteHost, remotePort, remoteUser and remotePass parameters are self explanatory. All the optional parameters have the default value of no. A complete list of commands available in each AXIGEN context is available in the CLI Context Specific Commands page.

AXIGEN User Manual



402

9.2. Common commands

The following commands are common to a subset of contexts: HELP, QUIT, EXIT, CANCEL, BACK, COMMIT|DONE, SHOW, LIST, SET, ADD, REMOVE, UPDATE, CONFIG, RESET. Some of the commands described below apply only to a set of contexts, others apply to all contexts, and others have different flavors according to certain contexts. Below are listed only the common and most important commands used in CLI, but other commands are also available.

• HELP - the help command is present in all contexts, including Login and is used for displaying a list of available commands in that context

• QUIT - this command exits CLI. It is available from all contexts • EXIT - the same as QUIT • BACK - this command, cancels any changes (where it applies) and switches back to the

previous context. This is available from every context except Login and Initial. • COMMIT - this command saves the changes and also writes these changes to the server

configuration. This also includes the changes done in child contexts and saved with DONE. A switch back to the previous context is also done.

• DONE - this command saves the changes for a child context and switches back to the previous context but does not write anything to the server's configuration.

• SHOW - the SHOW command has two flavors, one without parameters, and in this case, the value parameters (that means not the children or child lists) are shown, and one with parameters, in this case, the value parameters of a child from a child list are shown. In both cases, there is an optional ATTR parameter which, if present, will only show the specified attribute.

• LIST - this command lists the members of a given child list in the form of a table. If the list has a separate context, some parameters are put in the table, otherwise all value parameters are present.

• SET - the SET command sets a value for a specified value parameter of the given object associated with the context (if there is one). To the SET command, one or several parameter-value pair can be given.

• ESET - the ESET command (SET Extended) enters a new context in which large amounts of data can be entered. The context can be left with <empty line> <.> <empty line>, the same as in the case of the SMTP protocol. This command is useful for parameters that require large amounts of text.

• ADD - This command has several flavors. The simplest one is for adding values to a value list. In this case, the parameter is the name of the value list and a value (for instance ADD nameserver ip). Another form is used to add objects to list of objects. This form has three versions: one that takes the list and the key parameter-value pair of the object and changes the context; another that is the same except it takes additional required parameter-value pairs; and one that takes the key param-value pair and other optional pairs and doesn't change context but directly adds the object to the list.

• UPDATE - This command changes an object from a list of objects. It is similar to add, except it does not apply to value lists.

• REMOVE - This usually takes as parameters the list name, and key param-value pair for object lists, and list name and value for value lists and as the name suggests, removes an object from a list. It does not change the context.

• CONFIG - The config command changes the context for configuring a child object. A child object is different form a list by the fact that it is a single object and it exists permanently. A list may have one, none or several objects.

• RESET - The RESET command will update the context to the active one on the server. This also means that any changes made to that part of the context will be lost. The reset command, depending on the parameter, will reset the value attributes, or a list of objects or values.

AXIGEN User Manual



403

• ENTER - This command, changes a context, entering a sub-context. This usually applies to contexts unrelated to the object-child object configuration hierarchy.

The action of each command may differ in specific contexts that represent exceptions to the general behavior. As said before, some contexts have additional commands that have an exceptional character. Thus a detailed overview of each context is presented in the Special Contexts section.

AXIGEN User Manual



404

9.3. Connecting to CLI

To connect to AXIGEN command line interface (CLI), after installing AXIGEN with its default settings, please enter in your terminal, while logged as root: [root@example ~]# telnet 127.0.0.1 7000 In order to be able to connect to AXIGEN CLI, you should enable the CLI listener and connect to the correct IP:port address. You can verify the CLI listeners using the CLI > Listeners page in WebAdmin. You should see a welcome message similar to the one below Connected to <hostname> (127.0.0.1). Escape character is '^]'. Welcome to AXIGEN's Command Line Interface You must login first. For a list of available commands, type HELP <login> Enter the username (admin) and password set in WebAdmin, for instance. A list of commands available in different contexts and sub-contexts of AXIGEN command-line interface is included in CLI Commands section.

AXIGEN User Manual



405

9.4. Troubleshoot the CLI Connection

If you cannot connect to CLI, please check if:

• You have enabled the CLI service (open the Server>Global Settings page in WebAdmin, for instance, CLI is enabled in the Running Services area)

• You have correctly configured the CLI listener (the list with the listeners currently defined in AXIGEN can be found in the CLI > Listeners page in WebAdmin; check if your listener is enabled);

• You’re connecting using the correct username: for the current version, please use the “admin” username and the password you have previously configured using WebAdmin and CLI.

AXIGEN User Manual



406

9.5. Context Specific Commands

This section lists all CLI contexts and their specific commands, as displayed in the Command Line Interface. You may use this list as reference to find out what operations you can perform using CLI.

Login Context <login>

The commands available for the Login context are: HELP - prints this help message EXIT/QUIT - exits CLI and closes connection to AXIGEN USER <user> - CLI username, (in this version only "admin" username is implemented) GET VERSION - gets the AXIGEN version SET CONSOLE-CODES on|off - sets the color and other console codes on/off SET QUIET off|on - enables/disables detailed information SHOW - shows the options for this context

Initial Conext <#>

The commands available for the Initial context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message LIST Domains [wildcard (ex: domain*)] - lists the domains of this server LIST Requests - lists the requests made for domain reqistration CLEAR Requests - clear the list of requests not pending SAVE CONFIG [<path>] - saves the server's running configuration (a suffix will be added) CONFIG SERVER - enters the Server context ENTER REPORTING - enters the Reporting context ENTER MIGRATION - enters the Migration context ENTER COMMANDS - enters the Commands context ENTER DEBUG - enters the Debug context CREATE Domain name <name> domainLocation <path> postmasterPasswd <pass> - creates a domain (changes context) REGISTER Domain domainLocation <path> - registers a domain to the server (changes context) UNREGISTER Domain name <domainName> - unregisters a domain from the server UPDATE Domain name <domainName> - updates a domain from the server (changes context) SHOW Domain name <domainName> [ATTR <param>] - shows the given domain Server Context <server#> The commands available for the Server context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context SAVE CONFIG [<path>] - saves the server's running configuration (a suffix will be added) SET [services (list of services)] - sets the services for the server SET [primaryDomain <name>] - sets the server's primary domain SET [sslRandomFile <file>] - sets file for entropy data used when generating random RESET - resets the service to the currently active configuration

AXIGEN User Manual



407

CONFIG LOG - enters the Log context CONFIG CLI - enters the CLI context CONFIG SMTP-INCOMING - enters the SMTP-Incoming context CONFIG SMTP-OUTGOING - enters the SMTP-Outgoing context CONFIG PROCESSING - enters the Processing context CONFIG POP3 - enters the POP3 context CONFIG IMAP - enters the IMAP context CONFIG WEBMAIL - enters the Webmail context CONFIG WEBADMIN - enters the Webadmin context CONFIG FTP-BACKUP - enters the FTP-Backup context CONFIG DNR - enters the DNR context CONFIG REPORT - enters the Report context CONFIG FILTERS - enters the Filters context CLI Context <server-cli#> The commands available for the CLI context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST Listeners - lists available listeners SET [maxErrors <maxErrors>] - sets max no. of wrong commands SET [maxAuthErrors <maxErrors>] - sets max no. of failed authentications SET [maxAuthCommands <maxCmds>] - sets max no. of commands that can be issued before authentication SET [maxConnThreads <maxThreads>] - sets max no. of threads handling the conn. SET [minConnThreads <minThreads>] - sets min no. of threads handling the conn. SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host RESET - resets the service to the currently active configuration ADD Listener address <address> - adds a listener to the service (changes context) UPDATE Listener address <address> - updates a listener from the service (changes context) REMOVE Listener address <address> - removes a listener from the service SHOW Listener address <address> [ATTR <param>] - shows the given listener Listener context <server-(service_name)-listener#> The commands available for the Listener context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST AllowRules - lists the allow rules for this listener LIST DenyRules - lists the deny rules for this listener SET [address <address>] - sets the listener's address - only usable in an UPDATE operation SET [enable <yes|no>] - enable/disable the listener SET [maxConnections <maxConn>] - sets max number of connections SET [timeInterval <interval>] - sets the time interval

AXIGEN User Manual



408

SET [maxIntervalConnections <interval>] - sets max connections in time interval SET [peerMaxConnections <maxConnr>] - sets sets max connections no. from a single host SET [peerTimeInterval <interval>] - sets the time interval - single host SET [peerMaxIntervalConnections <interval>] - sets max connections in time interval - single host SET [idleTimeout <timeout>] - sets the inactivity timeout SET [sslEnable <yes|no>] - enable/disable SSL on the listener CONFIG SSLCONTROL - enters the SslControl context ADD DenyRule ipSet <ipRange> [enable <yes|no>] [priority <priority>] - adds a deny rule to the listener(changes context) UPDATE DenyRule ipSet <ipRange> [enable <yes|no>] [priority <priority>] - updates a deny rule from the listener(changes context) REMOVE DenyRule ipSet <ipRange> - removes a deny rule from the listener SHOW DenyRule ipSet <ipRange> - shows the given rule ADD AllowRule ipSet <ipRange> - adds an allow rule to the listener(changes context) UPDATE AllowRule ipSet <ipRange> - updates an allow rule from the listener(changes context) REMOVE AllowRule ipSet <ipRange> - removes an allow rule from the listener SHOW AllowRule ipSet <ipRange> - shows the given rule Allow Rule Context <server-(service_name)-listener-allowrule#> The commands available for the AllowRule context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [ipSet <ipSet>] - sets the ipSet parameter - only usable in an UPDATE operation SET [enable <yes|no>] - enable/disable the rule SET [priority <priority>] - sets the rule's priority SET [maxConnections <maxConn>] - sets max number of connections SET [timeInterval <interval>] - sets the time interval SET [maxIntervalConnections <interval>] - sets max connections in time interval SET [peerMaxConnections <maxConnr>] - sets sets max connections no. from a single host SET [peerTimeInterval <interval>] - sets the time interval - single host SET [peerMaxIntervalConnections <interval>] - sets max connections in time interval - single host SSL Control Context <server-(service_name)-listener-sslcontrol#> The commands available for the SSLControl context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [allowedVersions (version list)] - sets SSL versions allowed SET [maxChainDepth <maxDepth>] - sets max depth of verification SET [chipherSuite <chipher>] - sets the chipher suite to be used SET [useEphemeralKey <yes|no>] - use/not use ephemeral keys SET [certFile <file>] - sets path for certification chain file SET [caFile <file>] - sets path for certificate authorities file SET [dhParamFile <file>] - sets path to Diffie-Hellman param file SET [requestClientAuth <yes|no>] - request/not request client authentication

AXIGEN User Manual



409

Log Context <server-log#> The commands available for the Log context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST Listeners - lists available listeners LIST Rules - lists rules SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host RESET - resets the service to the currently active configuration ADD Listener address <address> - adds a listener to the service (changes context) UPDATE Listener address <address> - updates a listener from the service (changes context) REMOVE Listener address <address> - removes a listener from the service SHOW Listener address <address> [ATTR <param>] - shows the given listener ADD Rule priority <priority> - adds a rule (changes context) UPDATE Rule priority <priority> - updates a rule (changes context) REMOVE Rule priority <priority> - removes a rule SHOW Rule priority <priority> [ATTR <param>] - shows the given rule Rule Context <server-log-rule#> The commands available for the Rule context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [priority <priority>] - sets the rule's priority - only usable in an UPDATE operation SET [hostname <hostname>] - sets hostname of the user of this rule SET [module <module>] - sets module of the user of this rule SET [logLevel <level>] - sets the log level SET [fileName <name>] - sets the name of the destination file ET [fileSize <size>] - sets the maximum duration the destination file is used in seconds SET [fileTime <time>] - sets the maximum duration the destination file is used in seconds SET [fileCount <count>] - sets the maximum number of old (saved) files kept SET [rotatePeriod <period>] - sets the period after which a file change is forced (choice: day|week|month) SMTP-Incoming Contxt <server-smtpIncoming#> The commands available for the SMTP-Incoming context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context

AXIGEN User Manual



410

LIST Listeners - lists available listeners SET [maxErrors <maxErrors>] - sets max no. of wrong commands SET [maxAuthErrors <maxErrors>] - sets max no. of failed authentications SET [maxConnThreads <maxThreads>] - sets max no. of threads handling the conn. SET [minConnThreads <minThreads>] - sets min no. of threads handling the conn. SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host SET [maxReceivedHeaders <maxHeaders>] - sets max no. of received headers for a mail RESET - resets the service to the currently active configuration ADD Listener address <address> - adds a listener to the service (changes context) UPDATE Listener address <address> - updates a listener from the service (changes context) REMOVE Listener address <address> - removes a listener from the service SHOW Listener address <address> [ATTR <param>] - shows the given listener SMTP-Outgoing Context <server-smtpOutgoing#> The commands available for the SMTP-Outgoing context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context SET [maxConnThreads <maxThreads>] - sets max no. of threads handling the conn. SET [minConnThreads <minThreads>] - sets min no. of threads handling the conn. SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host RESET - resets the service to the currently active configuration Processing Context <server-processing#> The commands available for the Processing context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context SET [maxSchedInterval <maxInterval>] - sets max interval for rescheduling a mail SET [schedInterval <interval>] - sets interval for rescheduling queue checking SET [maxRetryCount <count>] - sets max no. of times for trying to deliver SET [queuePath <path>] - sets path to internal server queue SET [queueEntryCount <count>] - sets upper limit for no. of subdirectories in queue SET [deliveryThreads <threads>] - sets no. of threads handling SMTP delivery SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host SET [procQueueSize <size>] - sets the size of internal processing queue SET [messagesPerSecond <no>] - sets the maximum number of messages a mail box can receive in one second SET [disableInterval <no>] - sets the time interval a mail box will be disabled if messagesPerSecond limit is exceded RESET - resets the service to the currently active configuration

AXIGEN User Manual



411

POP3 Context <server-pop3#> The commands available for the POP3 context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST Listeners - lists available listeners SET [maxErrors <maxErrors>] - sets max no. of wrong commands SET [maxAuthErrors <maxErrors>] - sets max no. of failed authentications SET [maxConnThreads <maxThreads>] - sets max no. of threads handling the conn. SET [minConnThreads <minThreads>] - sets min no. of threads handling the conn. SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host SET [allowStartTLS <yes|no>] - allow|not allow secure connections (STLS command) RESET - resets the service to the currently active configuration ADD Listener address <address> - adds a listener to the service (changes context) UPDATE Listener address <address> - updates a listener from the service (changes context) REMOVE Listener address <address> - removes a listener from the service SHOW Listener address <address> [ATTR <name>] - shows the given listener IMAP Context <server-imap#> The commands available for the IMAP context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST Listeners - lists available listeners SET [maxErrors <maxErrors>] - sets max no. of wrong commands SET [maxAuthErrors <maxErrors>] - sets max no. of failed authentications SET [maxConnThreads <maxThreads>] - sets max no. of threads handling the conn. SET [minConnThreads <minThreads>] - sets min no. of threads handling the conn. SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host SET [allowStartTLS <yes|no>] - allow/not allow secure connections SET [secureConnAuthTypes <types>] - sets types of authentication on secure conn. SET [plainConnAuthTypes <types>] - sets types of authentication on plain conn. SET [secureConnAllowLogin <yes|no>] - allow/not allow plain text login on secure conn. SET [plainConnAllowLogin <yes|no>] - allow/not allow plain text login on plain conn. RESET - resets the service to the currently active configuration ADD Listener address <address> - adds a listener to the service (changes context) UPDATE Listener address <address> - updates a listener from the service (changes context) REMOVE Listener address <address> - removes a listener from the service SHOW Listener address <address> [ATTR <param>] - shows the given listener

AXIGEN User Manual



412

Webmail Context <server-webmail#> The commands available for the Webmail context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST Listeners - lists available listeners LIST UrlRedirects - lists the rules used for secure login LIST HostNameResolvers - lists the hostname resolvers SET [maxErrors <maxErrors>] - sets max no. of wrong commands SET [maxAuthErrors <maxErrors>] - sets max no. of failed authentications SET [maxConnThreads <maxThreads>] - sets max no. of threads handling the conn. SET [minConnThreads <minThreads>] - sets min no. of threads handling the conn. SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host SET [path <path>] - sets the location of HSP files SET [sessionIdleTimeout <timeout>] - sets the inactivity timeout SET [sessionActivityTimeout <timeout>] - sets maximum living time for a session SET [allowKeepAlive <yes|no>] - enables/disables persistent connection SET [allowLargeIncomingData <yes|no>] - enables/disables receiving incoming data after the limit is exceeded SET [httpHeadersMaxSize <size>] - sets the maximum allowed size for received HTTP headers SET [httpBodyMaxSize <size>] - sets the maximum allowed size for incoming HTTP body SET [uploadMaxSize <size>] - sets the maximum allowed size for incoming upload data SET [showDomainList <yes|no>] - enables/disables displaying domains list at user login RESET - resets the service to the currently active configuration ADD Listener address <address> - adds a listener to the service (changes context) UPDATE Listener address <address> - updates a listener from the service (changes context) REMOVE Listener address <address> - removes a listener from the service SHOW Listener address <address> [ATTR <param>] - shows the given listener ADD HostNameResolver host <host> domain <domain> UPDATE HostNameResolver host <host> domain <domain> REMOVE HostNameResolver host <host> ADD UrlRedirect address <address> port <port> host <host> UPDATE UrlRedirect address <address> [port <port>] [host <host>] REMOVE UrlRedirect address <address> Webadmin Context <server-webadmin#> The commands available for the Webadmin context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST Listeners - lists available listeners LIST UrlRedirects - lists the rules used for secure login SET [maxErrors <maxErrors>] - sets max no. of wrong commands SET [maxAuthErrors <maxErrors>] - sets max no. of failed authentications SET [maxConnThreads <maxThreads>] - sets max no. of threads handling the conn.

AXIGEN User Manual



413

SET [minConnThreads <minThreads>] - sets min no. of threads handling the conn. SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host SET [path <path>] - sets the location of HSP files SET [sessionIdleTimeout <timeout>] - sets the inactivity timeout SET [sessionActivityTimeout <timeout>] - sets maximum living time for a session SET [allowKeepAlive <yes|no>] - enables/disables persistent connection SET [allowLargeIncomingData <yes|no>] - enables/disables receiving incoming data after the limit is exceeded SET [httpHeadersMaxSize <size>] - sets the maximum allowed size for received HTTP headers SET [httpBodyMaxSize <size>] - sets the maximum allowed size for incoming HTTP body SET [uploadMaxSize <size>] - sets the maximum allowed size for incoming upload data RESET - resets the service to the currently active configuration ADD Listener address <address> - adds a listener to the service (changes context) UPDATE Listener address <address> - updates a listener from the service (changes context) REMOVE Listener address <address> - removes a listener from the service SHOW Listener address <address> [ATTR <param>] - shows the given listener ADD UrlRedirect address <address> port <port> host <host> UPDATE UrlRedirect address <address> [port <port>] [host <host>] REMOVE UrlRedirect address <address> FTP Backup Context <server-ftpBackup#> The commands available for the FTP-Backup context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST Listeners - lists available listeners SET [maxErrors <maxErrors>] - sets max no. of wrong commands SET [maxAuthErrors <maxErrors>] - sets max no. of failed authentications SET [maxConnThreads <maxThreads>] - sets max no. of threads handling the conn. SET [minConnThreads <minThreads>] - sets min no. of threads handling the conn. SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host RESET - resets the service to the currently active configuration ADD Listener address <address> - adds a listener to the service (changes context) UPDATE Listener address <address> - updates a listener from the service (changes context) REMOVE Listener address <address> - removes a listener from the service SHOW Listener address <address> [ATTR <param>] - shows the given listener DNR Context <server-dnr#> The commands available for the DNR context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context

AXIGEN User Manual



414

LIST Nameservers - lists the nameservers SET [timeout <timeout>] - sets the timeout SET [retries <retries>] - sets the number of retries SET [cacheSize <cacheSize>] - sets the cache size SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host RESET - resets the service to the currently active configuration ADD Nameserver priority <priority> - adds a nameserver to the service (changes context) UPDATE Nameserver priority <priority> - updates a nameserver from the service (changes context) REMOVE Nameserver priority <priority> - removes a nameserver from the service SHOW Nameserver priority <priority> [ATTR <param>] - shows the given nameserver Name Server Context <server-dnr-nameserver#> The commands available for the NameServer context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [priority <priority>] - sets the priority of the nameserver SET [address <address>] - sets the IP of the nameserver SET [timeout <timeout>] - sets the timeout for first DNS query SET [retries <retries>] - sets the maximum number of DNS queries retries Report Context <server-report#> The commands available for the Report context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context SET [logLevel <level>] - sets the service's logging level SET [logType <type>] - sets the service's logging type SET [logHost <host>] - sets the service's remote logging host RESET - resets the service to the currently active configuration Filters Context <server-filters#> The commands available for the Filters context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - switches back to the previous context LIST ScriptFilters - lists the script filters defined LIST SocketFilters - lists the socket filters defined LIST ActiveFilters - lists the active filters LIST Filters - lists all three categories of filters ADD ScriptFilter name <name> file <file> - adds a script filter (changes context) UPDATE ScriptFilter name <name> - updates a script filter (changes context)

AXIGEN User Manual



415

REMOVE ScriptFilter name <name> - removes a script filter from the listener SHOW ScriptFilter name <name> [ATTR <param>] - shows the given script filter ADD SocketFilter name <name> address <addr> protocolFile <file> - adds a socket filter (changes context) UPDATE SocketFilter name <name> - updates a socket filter (changes context) REMOVE SocketFilter name <name> - removes a socket filter from the listener SHOW SocketFilter name <name> [ATTR <param>] - shows the given socket filter ADD ActiveFilter priority <no.> filterName <name> filterType <type> - adds an active filter to the active filter list (changes context) UPDATE ActiveFilter priority <no.> - updates a filter (changes context) REMOVE ActiveFilter priority <no.> - removes a filter from the active filter list SHOW ActiveFilter priority <no.> [ATTR <param>] - shows the given filter Script Filters Context <server-filters-script#> The commands available for the ScriptFilter context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [name <name>] - sets the name of the filter - only usable in an UPDATE operation SET [type <type>] - sets the type of the script filter SET [file <path>] - sets the path to the file where the script is located Socket Filter Context<server-filters-socket#> The commands available for the SocketFilter context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [name <name>] - sets the name of the filter - only usable in an UPDATE operation SET [address <addr>] - sets the address of the filter, used to communicate with the filter SET [protocolFile <path>] - sets the path to the ASFL file that describes the communication protocol SET [idleTimeout <timeout>] - sets the inactivity timeout of the connection (in seconds) SET [actionOnMatch <action>] - sets the action to be taken in case the filter matches an email SET [maxConnections <no.>] - sets the maximum numnber of connections that will be made to the filter Active Filter Context <server-filters-active#> The commands available for the ActiveFilter context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [priority <priority>] - sets the priority of the filter - only usable in an UPDATE operation SET [filterName <name>] - sets the name of the filter as defined in the socket/script object sets

AXIGEN User Manual



416

SET [filterType <type>] - sets type of the filter (to which object set belongs) SET [applyOnRelay <yes|no>] - specifies if a relay message will be filterd with this filter Domain Context <domain#> Important! When creating domains, one message storage location is recommended for each predicted 20GB of message occupied storage space. For larger spaces, additional message storage locations should be created to correspond to the number of 20GB storages you need. You can add multiple message storage locations using CLI only within the domain creation context. After creating the domain, additional locations cannot be added. The command to create multiple message storage locations is as follows: ADD MessagesLocation <path> The commands available for the Domain context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST Aliases - lists aliases for current domain LIST Accounts [wildcard (ex: user*)] - lists accounts for current domain LIST Forwarders [wildcard (ex: user*)] - lists forwarders for current domain LIST FolderRcpts [wildcard (ex: user*)] - lists folder recipients for current domain LIST Lists [wildcard (ex: user*)] - lists mail lists for current domain SHOW RegistryInformation - shows registry information SET [name <name>] - sets the domain's name - only usable in an UPDATE operation SET [assignedIp <ip>] - sets the assigned ip SET [services (list of services)] - sets the services for this domain SET [showWebmailLogin <yes|no>] - enables/disables displaying this domain at Webmail login CONFIG MIGRATIONDATA - enters the migrationdata context CONFIG FILTERS - enters the filters context CONFIG PUBLIC-FOLDER - enters the Public Folder context CONFIG QUOTAS - enters the quotas context ADD Account name <name> passwd <passwd> - adds an account to the domain (changes context) UPDATE Account name <name> - updates an account from the domain (changes context) REMOVE Account name <name> - removes an account from the domain SHOW Account name <name> [ATTR <param>] - shows the given account ADD Forwarder name <name> - adds a forwarder to the domain (changes context) UPDATE Forwarder name <name> - updates a forwarder from the domain (changes context) REMOVE Forwarder name <name> - removes a forwarder from the domain SHOW Forwarder name <name> [ATTR <param>] - shows the given forwarder ADD FolderRcpt name <name> - adds a folder recipient to the domain (changes context) UPDATE FolderRcpt name <name> - updates a folder recipient from the domain (changes context) REMOVE FolderRcpt name <name> - removes a folder recipient from the domain SHOW FolderRcpt name <name> [ATTR <param>] - shows the given folder recipient ADD List name <listName> passwd <passwd> adminEmail <email> - adds a list to this domain (changes context) UPDATE List name <listName> - updates a list from this domain (changes context) REMOVE List name <listName> - removes a list from this domain SHOW List name <listName> [ATTR <param>] - shows the given list ADD Alias <aliasName> - adds an alias for the domain REMOVE Alias <aliasName> - removes an alias from the domain

AXIGEN User Manual



417

Fillters Context <parent_context-filters#> The commands available for the Filters context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - switches back to the previous context LIST ScriptFilters - lists the script filters defined LIST SocketFilters - lists the socket filters defined LIST ActiveFilters - lists the active filters LIST Filters - lists all three categories of filters ADD ScriptFilter name <name> file <file> - adds a script filter (changes context) UPDATE ScriptFilter name <name> - updates a script filter (changes context) REMOVE ScriptFilter name <name> - removes a script filter from the listener SHOW ScriptFilter name <name> [ATTR <param>] - shows the given script filter ADD SocketFilter name <name> address <addr> protocolFile <file> - adds a socket filter (changes ontext) UPDATE SocketFilter name <name> - updates a socket filter (changes context) REMOVE SocketFilter name <name> - removes a socket filter from the listener SHOW SocketFilter name <name> [ATTR <param>] - shows the given socket filter ADD ActiveFilter priority <no.> filterName <name> filterType <type> - adds an active filter to the active filter list (changes conte UPDATE ActiveFilter priority <no.> - updates a filter (changes context) REMOVE ActiveFilter priority <no.> - removes a filter from the active filter list SHOW ActiveFilter priority <no.> [ATTR <param>] - shows the given filter Script Filter Context <parent_context-filters-script#> The commands available for the ScriptFilter context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [name <name>] - sets the name of the filter - only usable in an UPDATE operation SET [type <type>] - sets the type of the script filter SET [file <path>] - sets the path to the file where the script is located SocketFilter Context /<parent_context-filters-socket#> The commands available for the SocketFilter context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [name <name>] - sets the name of the filter - only usable in an UPDATE operation SET [address <addr>] - sets the address of the filter, used to communicate with the filter SET [protocolFile <path>] - sets the path to the ASFL file that describes the communication protocol SET [idleTimeout <timeout>] - sets the inactivity timeout of the connection (in seconds) SET [actionOnMatch <action>] - sets the action to be taken in case the filter matches an email SET [maxConnections <no.>] - sets the maximum numnber of connections that will be made to the filter

AXIGEN User Manual



418

ActiveFilter Context <parent_context-filters-active#> The commands available for the ActiveFilter context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [priority <priority>] - sets the priority of the filter - only usable in an UPDATE operation SET [filterName <name>] - sets the name of the filter as defined in the socket/script object sets SET [filterType <type>] - sets type of the filter (to which object set belongs) Note: “parent_context” refers to any of the domain or account contexts. Accounts Context <domain-account#> The commands available for the Account context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST Aliases - lists aliases for current account SHOW RegistryInformation - shows registry information SET [name <name>] - sets the account's name - only usable in an UPDATE operation SET [services (list of services)] - sets the services for this account SET [passwd <passwd>] - sets password for the account SET [firstName <firstName>] - sets the first name of the user SET [lastName <lastName>] - sets the last name of the user CONFIG WEBMAILDATA - enters the webmaildata context CONFIG FILTERS - enters the filters context CONFIG QUOTAS - enters the quotas context CONFIG LIMITS - enters the limits context SHOW ContactInfo [ATTR <param>] - shows the firstName and lastName parameters ADD Alias <aliasName> - adds an alias for the account REMOVE Alias <aliasName> - removes an alias from the account WebmailData Context <domain-account-webmaildata#> The commands available for the WebmailData context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [skin <skin>] - sets the skin for webmail SET [pageSize <pageSize>] - sets page size SET [saveToSent <yes|no>] - sets keep a mail copy in "Sent" folder SET [deleteToTrash <yes|no>] - sets delete mail to trash SET [confirmMailDelete <yes|no>] - sets confirmation of mail delete SET [confirmFolderEmpty <yes|no>] - sets confirmation of empty folder SET [htmlFilterLevel <no.>] - sets the security level for a html mail body SET [signature <signature>] - sets the account's signature SET [language <language>] - sets the webmail's language

AXIGEN User Manual



419

Quotas Context<domain-account-quotas#> The commands available for the Quotas context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [mboxCount <count>] - sets the maximum number of folders SET [totalMessageCount <count>] - sets maximum number of messages in all folders SET [totalMessageSize <size>] - sets maximum size in KB of all messages in all folders SET [messageCount <count>] - sets default maximum number of messages in a folder SET [messageSize <size>] - sets default maximum size in KB of messages in a folder LIST Mboxes - list the available mboxes for this account SET MboxQuota mboxName <name> messageCount <count> messageSize <size> - sets quotas for a given mbox SHOW MboxQuota mboxName <name> - shows quotas for a given mbox Limits Context<domain-account-limits#> help The commands available for the Limits context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [sentMessagesCount <count>] - max. no. of mails a user can send in a specified interval SET [sentMessagesSize <size>] - max. size of mails a user can send in a specified interval SET [sentMessagesInterval <interval>] - specified interval in seconds SET [pop3ConnectionCount <count>] - SET [imapConnectionCount <count>] - SET [webmailRCPTCount <count>] - max. no. of recipients for an email conposed using Webmail SET [webmailSessionCount <count>] - webmail sessions number limit for an account SET [webmailAttSize <size>] - sets the attachments number limit for a composed mail SET [webmailAttCount <count>] - sets the size limit for a mail (body + attachments) SET [webmailMessageSize <size>] - sets the Webmail sessions number limit Forwarder Context <domain-forwarder#> The commands available for the Forwarder context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST Addresses - lists addresses for current forwarder SHOW RegistryInformation - shows registry information SET [name <name>] - sets the forwarder's name - only usable in an UPDATE operation SET [enabled <yes|no>] - enables/disables the forwarder CONFIG FILTERS - enters the filters context ADD Address <address> - adds an address for the forwarder REMOVE Address <address> - removes an address from the forwarder

AXIGEN User Manual



420

Folder Recipient Context <domain-folderRcpt#> The commands available for the Folder Recipient context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context SHOW RegistryInformation - shows registry information SET [name <name>] - sets the folder recipient's name - only usable in an UPDATE operation SET [enabled <yes|no>] - enables/disables the folder recipient SET [mboxName <name>] - sets the mbox name of this folder recipient) CONFIG FILTERS - enters the filters context Lists Context<domain-list#> The commands available for the List context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST Users - lists available users for this list LIST RemoveHeaders - shows the list of headers that will be removed from a mail SHOW RegistryInformation - shows registry information SET [name <name>] - sets the list's name - only usable in an UPDATE operation SET [services (list of services)] - sets the services enabled for this list SET [passwd <string>] - sets the list's mailbox access password SET [subscribeRcpt <rcpt>] - sets the RCPT used for subscription SET [unsubscribeRcpt <rcpt>] - sets the RCPT used for unsubscription SET [requestRcpt <rcpt>] - sets the RCPT used for making a request SET [enabledRcpts (choice set)] - sets the RCPTs enabled for this list SET [description <description>] - sets the description of the list SET [adminConfirm <yes|no>] - sets the adminConfirm parameter SET [senderAllow <choice>] - sets the senderAllow parameter SET [moderate <choice>] - sets the moderate parameter SET [ctypeAllow <choice>] - sets the ctypeAllow parameter SET [adminEmail <email>] - sets the email for the admin The following parameters' value describe text that will be inserted in the mail ESET addHeader - sets the the headers that will be added to the mail - enters text context ESET bodyBegin - sets the text that will be inserted before the body - enters text context ESET bodyEnd - sets the text that will be added to the body to the mail - enters text context The following parameters' value describe text that will be included in the NDR ESET unknownCommand - sets the description of the error in case of a unknown command - enters text context ESET invalidUserName - sets the description of the error in case of an invalid user name - enters text context ESET notAUser - sets the description of the error in case the user does not belong to the list - enters text context ESET badConfirmation - sets the description of the error in case of a bad confirmation - enters text context ESET userAlreadySubscribed - sets the description of the error in case the user already exists – enters text context

AXIGEN User Manual



421

ESET invalidFormat - sets the descrition of the error in case of an invalid format - enters text context The following parameters' value should be a RFC2822 compliant mail ESET requestNeedsConfirmation - sets the template that will ask the user for a confirmation - enters text context ESET requestNeedsAdminConfirmation - sets the template that will tell the user to wait for admin's confirmation - enters text context ESET autoRejectResponse - sets the template that will tell the user that his mail is rejected ESET welcome - sets the template that will tell the user that he has been created - enters text context ESET goodbye - sets the template that will tell the user that he has been deleted - enters text context ESET subscribeDenied - sets the template that will tell the user that he has not been created - enters text context CONFIG WEBMAILDATA - enters the webmaildata context CONFIG FILTERS - enters the filters context ADD User email <email> name <name> - adds an user to the list (changes context) UPDATE User email <email> - updates an user from the list (changes context) REMOVE User email <email> - removes an user from the list SHOW User email <email> [ATTR <param>] - shows an user from the list ADD RemoveHeader <name> - adds a header to the list of headers to be removed REMOVE RemoveHeader <name> - removes a header from the list of headers to be removed WebmailData Context <domain-list-webmaildata#> The commands available for the WebmailData context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [skin <skin>] - sets the skin for webmail SET [pageSize <pageSize>] - sets page size SET [saveToSent <yes|no>] - sets keep a mail copy in "Sent" folder SET [deleteToTrash <yes|no>] - sets delete mail to trash SET [confirmMailDelete <yes|no>] - sets confirmation of mail delete SET [confirmFolderEmpty <yes|no>] - sets confirmation of empty folder SET [htmlFilterLevel <no.>] - sets the security level for a html mail body SET [signature <signature>] - sets the account's signature User Context<domain-list-user#> The commands available for the User context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [email <email>] - sets the user's email - only usable in an UPDATE operation SET [name <name>] - sets the user's name

AXIGEN User Manual



422

WebmailData Context <domain-webmaildata#> The commands available for the WebmailData context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [skin <skin>] - sets the skin for webmail SET [pageSize <pageSize>] - sets page size SET [saveToSent <yes|no>] - sets keep a mail copy in "Sent" folder SET [deleteToTrash <yes|no>] - sets delete mail to trash SET [confirmMailDelete <yes|no>] - sets confirmation of mail delete SET [confirmFolderEmpty <yes|no>] - sets confirmation of empty folder SET [htmlFilterLevel <no.>] - sets the security level for a html mail body MigrationData Context <domain-migrationdata#> The commands available for the MigrationData context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [enable <yes|no>] - enables migration of accounts from this domain SET [remoteImapHost <host>] - sets the name of remote IMAP machine from which the domain's accounts are migrated SET [remoteImapPort <port>] - sets the IMAP server's port on the remote machine SET [remoteSmtpHost <host>] - sets the name of remote SMTP machine from which the domain's accounts are migrated SET [remoteSmtpPort <port>] - sets the SMTP server's port on the remote machine PublicFolder Context <domain-publicFolder#> The commands available for the Public Folder context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context COMMIT - commits the changes made in this context SHOW [ATTR <param>] - shows information about this context LIST MBoxes - list the available mboxes SET [name <name>] - sets the name of the public folder CONFIG QUOTAS - enters the quotas context ADD Mbox <name> - adds a mbox the Public Folder REMOVE Mbox <name> - removes a mbox from the Public Folder

AXIGEN User Manual



423

Quotas Context <domain-publicFolder-quotas#> The commands available for the Quotas context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [mboxCount <count>] - sets the maximum number of folders SET [totalMessageCount <count>] - sets maximum number of messages in all folders SET [totalMessageSize <size>] - sets maximum size in KB of all messages in all folders SET [messageCount <count>] - sets default maximum number of messages in a folder SET [messageSize <size>] - sets default maximum size in KB of messages in a folder LIST Mboxes - list the available mboxes for this account SET MboxQuota mboxName <name> messageCount <count> messageSize <size> - sets quotas for a given mbox SHOW MboxQuota mboxName <name> - shows quotas for a given mbox Quotas Context<domain-quotas#> The commands available for the Quotas context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - cancels any changes made and switches back to the previous context DONE - saves the changes and switches back to previous context SHOW [ATTR <param>] - shows information about this context SET [mboxCount <count>] - sets the maximum number of folders SET [totalMessageCount <count>] - sets maximum number of messages in all folders SET [totalMessageSize <size>] - sets maximum size in KB of all messages in all folders SET [messageCount <count>] - sets default maximum number of messages in a folder SET [messageSize <size>] - sets default maximum size in KB of messages in a folder LIST Mboxes - list the available mboxes for this account SET MboxQuota mboxName <name> messageCount <count> messageSize <size> - sets quotas for a given mbox SHOW MboxQuota mboxName <name> - shows quotas for a given mbox Reporting Context <reporting#> The commands available for the Reporting context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - switches back to the previous context VIEW QUEUE - displays queue information

AXIGEN User Manual



424

Migration Context <migration#> The commands available for the Migration context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - switches back to the previous context MIGRATE - migrate command which has the following parameters: domain <domainName> - the domain name for migration account <accountName> - the account name for migration remoteHost <host> - the host of the migration server remotePort <port> - the port of the migration server remoteUser <imap-user> - the imap username of the migration server remotePass <imap-pass> - the imap password of the migration server [overrideQuota <yes|no>] - specifies if the mailbox quota should be overriden (default: no) [deleteOriginal <yes|no>] - enables/desables deletion of all migrated messages on the remote server [structureOnly <yes|no>] - enables migration of only the directory structure [verbose <yes|no>] - specifies if the command should be verbose (default: no)

WARNING! The migrate command, when the parameter overrideQuota is set to its "no" default, will migrate mails until the mailbox Quota is reached. If overrideQuota is set to yes, all the mails will be migrated but the mailbox Quota could be exceded, in which case, the user will no longer receive any more mails Commands Context <commands#> The commands available for the Commands context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - switches back to the previous context ENTER SERVER - enters the Server context SET passwd <password> - sets the admin password for CLI/Webadmin (max. 32 chars) Server context <commands-server#> The commands available for the Server context are: EXIT/QUIT - exits CLI and closes connection to AXIGEN HELP - prints this help message BACK - switches back to the previous context SHOW Config - shows the entire server's running configuration SAVE CONFIG [<path>] - saves the server's running configuration (a suffix will be added) STOP service <name> - stops a certain service START service <name> - starts a certain service FORCE QUEUE - tries to force all mails in queue to be processed/sent

AXIGEN User Manual



425

10. Configuring AXIGEN using the Configuration File The configuration process for AXIGEN Mail Server can also be executed by manually editing the AXIGEN Mail Server configuration file (axigen.cfg). This file contains the general server configuration settings. The general server configuration file currently used by AXIGEN Mail Server is located by default in /var/opt/axigen/run/axigen.cfg. Besides the axigen.cfg file, there are currently another 3 (three) configuration files, available only in binary (not-editable) format:

• account.cfg: file containing the configuration for an individual user account. Data is written to this file when a new user is created or an existing user is modified. More information on configuring accounts using WebAdmin in the Accounts Tab section;

• domain.cfg: file containing the configuration for a domain. Data is written to this file when a domain is added or modified. More information on configuring accounts using WebAdmin in the Domains Tab section

• maillist.cfg: file containing the configuration for a mail list. Data is written to this file when a mail list is added or modified. More information on configuring lists using WebAdmin in the Lists tab section.

Samples of AXIGEN Mail Server configuration files can be found in /opt/axigen/share/examples directory.

AXIGEN User Manual



426

10.1. Working with axigen.cfg

The general server configuration file currently used by AXIGEN Mail Server is located by default in /var/opt/axigen/run/axigen.cfg. A sample configuration file can also be found in the /opt/axigen/share/examples directory. The axigen.cfg file includes the complete specifications for AXIGEN configuration. Besides containing configuration data specific for AXIGEN modules, axigen.cfg is also used for specifying the primary domain for AXIGEN server (primaryDomain). Using axigen.cfg, you have access to all AXIGEN Mail Server configuration parameters. Using a text editor, you can manually edit the parameter values and modify the server configuration. The configuration file also contains information on default and possible values and a short explanation for each parameter: The same options are available when using WebAdmin, except that changes to the configuration are made through the Web GUI. Detailed information on how to configure each parameter and information on its functions are given in the Configuring AXIGEN using WebAdmin subsections.

Restrictions

When working with axigen.cfg file, you need to follow the restrictions listed below: • maximum attribute name length: 64 • maximum attribute value length: 128 (expressed as string in configuration file). Each STRING

value is limited to this length, 255 •

Note: Each time you modify the main configuration file, a reload signal must be sent to AXIGEN, in order to load the new configuration settings.

Definitions

When working with axigen.cfg file, the following terms should be used with the meanings specified below:

• UINT: an unsigned integer. • STRING: a case insensitive string, possibly quoted using double quotes. • CS_STRING: a case sensitive string, possibly quoted using double quotes. • IP: an IPv4 address in decimal numbers-and-dots format, i.e.: 127.0.0.1 • IP_SET: a set for IPv4 addresses specified in one of the following modes:

1. IP interval 10.0.0.1-10.0.0.20 2. IP address/IP mask 10.0.0.1/255.0.0.0 3. IP address/IP mask size 10.0.0.1/8

• IP_PORT: an IPv4 address in decimal numbers-and-dots format followed by a ":" char and a decimal port number, i.e.: 127.0.0.1:25

• CHOICE: a single STRING from a specified set of STRINGs, i.e.: "yes" from ("yes" "no") set • CHOICE-SET: a subset of STRINGs from the specified set of STRINGs; the subset must be

specified between round parentheses ()

AXIGEN User Manual



427

Structure of the axigen.cfg file

In axigen.cfg, all objects and attributes are commented using a hash character (#) Also, any block inside /* ... */ is treated as comment. Default values, restrictions and examples for each attribute as provided as comments. The file is structured based on main configuration objects (server, main services). The attributes corresponding to one object are enclosed in curly brackets {}. The values of an attribute are enclosed in parentheses (). When several objects are grouped in a object set, they are also enclosed in parentheses (). Levels of subordination are indicated by indentation (upper levels will be left-aligned). For instance, this is how the beginning of the section for the SMTP-In service looks in the text file. All you have to do is manually edit the values of the parameters, as instructed in the # lines. # SMTP service # TYPE: SMTP-OUTGOING-SERVICE OBJECT smtpOutgoing = { # maximum number of threads handling remote SMTP delivery # TYPE: UINT # MIN-MAX: 1-128 # DEFAULT: 20 maxConnThreads = 20 # minimum number of threads handling remote SMTP delivery # TYPE: UINT # MIN-MAX: 1-128 # DEFAULT: 2 minConnThreads = 2 # service's logging level # TYPE: UINT # MIN-MAX: 0-31 # DEFAULT: 15 logLevel = 15 # service's logging type # TYPE: CHOICE internal | system | remote # DEFAULT: internal logType = internal # service's remote logging host (used only if logType=remote) # TYPE: IP_PORT # VALIDITY: only host IP addresses # DEFAULT: 127.0.0.1:2000 logHost = 127.0.0.1:2000 # list of rules to be applied by the relay module when connecting to a relay server # There is always defined a 'catch all' client rule with the following attributes: # priority = 1001 # patternIn = "*" # patternOut = "*" # authUser = "" # authPass = "" # maxConnections = 5 # smtpPort = 25 # smtpIp = 0.0.0.0 (use client MX) # requestAuth = no # allowStartTLS = yes # secureConnAuthTypes = ( all ) # plainConnAuthTypes = ( all )

AXIGEN User Manual



428

clients = ( { # priority for this rule, 1 is highest # TYPE: REQUIRED UINT # MIN-MAX: 1-1000 (1001 is reserved for catch all clients) # DEFAULT: N/A priority = 500

AXIGEN User Manual



429

10.2. Contents of the account.cfg File

The account.cfg file contains the configuration for an individual user account. This file is in binary format, not editable. Data is written to this file is used when a new user is created or an existing user is modified. A sample configuration file can be found in the /opt/axigen/share/examples directory. Read more information about the settings available for domains and accounts in WebAdmin in the Domains Tab and Accounts Tab sections. In this file you can view general information about user (name, alias, password, personal data), WebMail and IMAP-specific data. The data can be viewed for this account in the account.cfg file:

• account name (set using the name parameter) • account alias names (set using the aliases parameter) • services enabled for this account (set using the services parameter ) • account access password (set using the passwd parameter) • account message box quota (set using the mboxQuota parameter) • maximum number of e-mails the user can send in one hour from this specific account (set

using the sendLimit parameter) • account personal data (set using the firstName, lastName parameters) • account WebMail attributes (set using the skin, pageSize parameters).

Example of a possible account configuration account { name = userName aliases = () services = (smtp pop3 imap webmail) passwd = "password" mboxQuota = 0 sendLimit = 0 personalData = { firstName = Foo lastName = BAR webmailData = { skin = default pageSize = 20 } }

AXIGEN User Manual



430

10.3. Contents of the domain.cfg file

The domain.cfg file contains the configuration for a domain. It is used when a domain is added or modified. This file is in binary format and cannot be directly (manually) edited. In order to change it, you can use another configuration method available in AXIGEN Mail Server, for instance WebAdmin. The parameters available in the domain.cfg file and their possible/default values are presented in this section for information purposes only. This file contains general information about domain (name, alias, assigned IP address, AXIGEN services and Sieve scripts enabled for this domain), WebMail-specific data, topology and storage specific information. After being created, a domain.cfg file must be loaded in AXIGEN server as detailed in the Domains tab section)

• The domain name (using the name parameter) • The domain aliases on the AXIGEN server (using the aliases parameter) • The IP address assigned to this specific domain (using the assignedIP parameter) • The AXIGEN services enabled for this specific domain (using the services parameter) • The filters to be used before delivering e-mails to this specific domain • The domain maximum number of simultaneous opened storage files (using the maxOpenFiles

parameter) • The account's message box quota (using the mboxQuota parameter) • The maximum number of e-mails that can be sent within one hour from an account from this

specific domain (using the sendLimit parameter) • The domain's specific attributes for WebMail (using the skin, pageSize, confirmMailDelete,

confirmFolderEmpty, saveToSent, deleteToTrash parameters) • The topology of message storages for this specific domain (using the

messageStorageTopology, path, ID, maxDirs, maxFiles, maxFileSize parameters) • The topology of account storages for this specific domain (using the accountStorageTopology,

path, ID, maxMboxes parameters)

AXIGEN User Manual



431

Example of a Possible Domain Configuration

Below you can find a possible display of the domain.cfg file:

domain { name = localdomain aliases = () assignedIP = 0.0.0.0 services = (smtp pop3 imap webmail) #filters = (mysieve axi-spam) maxOpenFiles = 16 mboxQuota = 102400 sendLimit = 0 webmailData = { skin = default pageSize = 20 confirmMailDelete = yes confirmFolderEmpty = yes saveToSent = yes deleteToTrash = yes messageStorageTopology = 240 accountStorageTopology = 240 /* messageStorages = ( { path = /var/opt/axigen/domains/localdomain/storage id = 0 maxDirs = 16 maxFiles = 16 maxFileSize = 28672 /* accountStorages = ( { path = /var/opt/axigen/domains/localdomain/accounts id = 0 maxMboxes = 16384 } ) */ }

AXIGEN User Manual



432

11. Command Line Parameters for AXIGEN The following command line parameters are available in the current version of AXIGEN. These parameters are common to all platforms.

Display version Use the -v, --version command to print the version currently installed and exit. Run in foreground Use the --foreground command to run the program in foreground. Crash control Use the --drop-core command to specify the full path (maximum length is 256 characters) to an existing directory where to drop the core (section in memory containing relevant information about resident processes). Useful in case of errors causing the program to exit. No default value is set, meaning the core is not saved by default. Process ID Use the -P, --pidfile command to specify the full path to pid file. The default value is /var/opt/axigen/run/axigen.pid. Path to configuration file Use the -C, --configfile command to specify the path where the server configuration file resides. Default value is: /etc/opt/axigen/axigen.cfg Using mqview tool to view status for messages in the queue The AXIGEN queue contains for each message stored in the queue, besides the message itself, a file with a status report for the message. You can view the status report for the files currently in the AXIGEN queue using the mqview tool: /var/opt/axigen/queue/0F/S12BE Solution 1: cd /var/opt/axigen/queue/0F /opt/axigen/bin/mqview @ S12BE Solution 2: /opt/axigen/bin/mqview /var/opt/axigen/queue 0F12BE Each of these commands displays an output similar to the one below: johnd /var/opt/axigen/queue/00 # mqview @ S5F4E Mail Queue view of file : ../00/S5F4E ID : 005F4E State : RECEIVED Flags : 00 Last Data Version : 00 Number of RCPTs : 1 Next Send Schedule : As Soon As Possible Retry Count : 0 Reverse Path : root@localdomain Authenticated Path : root@localdomain RCPT information for: johnd@localdomain State : RECEIVED Data Version : 00 Filter Info : Destination mbox: INBOX Failure Info : Local Delivery :

AXIGEN User Manual



433

POP3 Authentication

The next examples illustrate the usage of POP3 authentication system. Example 1: The primary domain is 'primary.com', user 'john' has the mail address '[email protected]'. In order to authenticate itself, the POP3 client may use the following commands: USER john USER [email protected] USER <[email protected]> APOP john md5digest APOP <john> md5digest APOP [email protected] md5digest For secondary domains and their aliases, the POP3 clients must use the entire mail address. Example 2: One of the secondary domains is 'secondary.com', user 'john1' has the mail address '[email protected]'. In this case the authentication commands can be: USER [email protected] APOP [email protected] md5digest

AXIGEN User Manual



434

12. RFCs Currently Implemented by AXIGEN

POP3 RFC 1939 - Post Office Protocol (version 3) RFC 2449 - POP3 Extension Mechanism RFC 1734 - POP3 AUTHentication command POP3 and IMAP Specifications RFC 2195 - IMAP/POP AUTHorize Extension for Simple Challenge/Response RFC 2595 - Using TLS with IMAP, POP3 and ACAP SMTP specifications RFC 2821 - Simple Mail Transfer Protocol RFC 821 - Simple Mail Transfer Protocol (obsolete) RFC 822 - Format of ARPA Internet text messages RFC 974 - Mail routing and the domain system RFC 1891 - SMTP Service Extension for Delivery Status Notifications RFC 3501 - Internet message access protocol (version 4rev1) SMTP service extensions RFC 2821 - Simple Mail Transfer Protocol RFC 1869 - SMTP Service Extensions RFC 2554 - SMTP Service Extension for Authentication RFC 1830 - SMTP Service Extensions for Transmission of Large and Binary MIME Messages RFC 2920 - SMTP Service Extension for Command Pipelining RFC 1652 - SMTP Service Extension for 8bit-MIME transport RFC 1870 - SMTP Service Extension for Message Size Declaration IMAP specifications RFC 3501 - NTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1 RFC 2342 - IMAP4 Namespace RFC 2180 - IMAP4 Multi-Accessed Mailbox Practice RFC 2683 - IMAP4 Implementation Recommendations RFC 2087 - IMAP4 QUOTA extension Implementation Recommendations RFC 2359 - IMAP4 UIDPLUS extension RFC 2088 - IMAP4 non-synchronizing literals RFC 2177 - IMAP4 IDLE command RFC 3502 - Internet Message Access Protocol (IMAP) - MULTIAPPEND Extension RFC 3348 - The Internet Message Action Protocol (IMAP4) Child Mailbox Extension HTTP specifications: RFC 2616 - Hypertext Transfer Protocol -- HTTP/1.1 RFC 2965 - HTTP State Management Mechanism RFC 2396 - Uniform Resource Identifiers (URI): Generic Syntax DNS specifications RFC 1034 - Domain names, Concepts and Facilities RFC 1035 - Domain names, Implementation and Specification

AXIGEN User Manual



435

Sieve extensions implemented in AXIGEN RFC 3028 - Sieve: A Mail Filtering Language (Extensions defined in the base RFC: fileinto, reject, envelope) RFC 3894 - Sieve Extension: Copying without Side Effects RFC 3431 - Sieve Extension: Relational Tests; Comparator extension: i;numeric-comparator RFC 3598 - Sieve Email Filtering -- Subaddress Extension Generic RFCs RFC 2822 - Internet message format RFC 2045 - MIME Part One: Format of Internet Message Bodies RFC 2046 - MIME Part Two: Media Types RFC 2047 - MIME Part Three: Message Header Extensions for Non-ASCII Text

AXIGEN User Manual 4.0

Documents

Transcript of AXIGEN User Manual 4.0