class
Define class of user for following commands to apply to
hidden
Syntax: class type=string from=string users=string groups=string name=string
comment
Management notes and comments about the domain
This is a dummy setting that lets you store information in the ini file that will survive setting changes from the web admin tool.
Syntax: comment date=string name=string comment=string
abook
Define surgeweb shared address books for this domain
The read/write fields should be a list of valid usergroups or * for all users
Syntax: abook name=string read=string write=string type=string
alias_file
Alias file
In addition each domain has it’s own ‘alias’ file (domain.name/alias.dat). You can create alias files using the same syntax as used in UNIX systems /etc/aliases. The format is:
username: destination bob: fred@domain.com joe: joesmith
This file only exists for backward compatibility.
Syntax: alias_file string
alias_max
Maximum number of aliases for this domain
Limits the ..total number of aliases allowed in this domain to the value specified.
Syntax: alias_max int
access_group_default
Default group to place users in
Specifies the default g_access_group to place users in this domain into.
Syntax: access_group_default string
admin_access_default
Default features granted to domain admins in this domain
This setting allows you to specify default access to certain SurgeMail features. It is specified in the same maner as the g_admin_access settings ‘access’ parameter. eg:
admin_access_default “all,!users,!reports”
Syntax: admin_access_default string
assume_created_epoch
If user has no ‘created’ field assume they were created an arbitrarily large time in the past
This setting effect the g_disable_smtp_after and g_delete_user_after settings which, by default, ignore users who have not logged in and have no created field.
Syntax: assume_created_epoch bool
blogs_max_per_user
Number of blogs each account can create
This setting has no further documentation currently available
Syntax: blogs_max_per_user int
Example: blogs_max_per_user 10
broad_sync
Broadsoft Sync Enable
Customer specific feature
Syntax: broad_sync bool
encrypt_rule
Default if no domain level rule
If this rule matches then the message will be encrypted before it is sent to the user. method=server or inline, we recommend ‘server’ mode as it’s much simpler.
Syntax: encrypt_rule header=string contains=string from=string to=string noconfirm=bool method=string
encrypt_subject
Subject when encrypted message sent – default is original subject
Not yet implemented
Syntax: encrypt_subject string
encrypt_limit
Max encrypted msgs per user per day
Per user limit per day, (used to be per hour)
Syntax: encrypt_limit int
encrypt_limitsz
Max size of encrypted msgs per user per day
Per user dayly limit, e.g. 10mb
Syntax: encrypt_limitsz int
encrypt_token
This setting is not used, instead use smart and ifnew settings
This feature is not controlled by this setting, it’s part of the smart features and controlled by the surgeweb options if enabled, instead set encrypt_ifnew and encrypt_smart
Syntax: encrypt_token bool
encrypt_smart
Encrypt smart features enabled for this domain
Not for general use
Syntax: encrypt_smart bool
encrypt_noconfirm
Disable confirmation for encrypted messages
Disables the automatic confirm reading message
Syntax: encrypt_noconfirm bool
encrypt_ifnew
Allow surgeweb ifnew options
Not for general use
Syntax: encrypt_ifnew bool
encrypt_surgeweb_hide
Hide lock icon on surgeweb
This setting has no further documentation currently available
Syntax: encrypt_surgeweb_hide bool
fallback
Fallback Email address or account
Specifies a default account to deliver Email to. This is sent to a non existent account. If not defined the Email will be bounced. Setting fallback to “/dev/null” will drop messages (both UNIX and Windows).
Syntax: fallback string
fallback_relay
Fallback host to relay non existent accounts to
Specifies a default host to send messages to that are not found in the local user database. This allows you to transition between two mail systems, as new accounts are created the emails will be delivered to SurgeMail, and ones that don’t exist will be sent on to the old system automatically. There are several options to make this work using servers that only accept mail if they can do a reverse lookup.
Syntax: fallback_relay string
fallback_mx
Use mx lookup to find ip address for fallback_relay setting
This setting has no further documentation currently available
Syntax: fallback_mx bool
fallback_users
Path to file listing all users to user fallback_relay for
Useful to remove load from backend server as it doesn’t have to be checked for non existent users, the file can contain user@domain or just usernames
Syntax: fallback_users string
fallback_check
Fallback check
Check if user exists on fallback relay host before accepting it.
Syntax: fallback_check bool
fallback_always
Also relay to old system even if user does exist – not recommended
This setting can be used when bringing up a new system if you want to be able to backout. It is not recommended
Syntax: fallback_always bool
fallback_force
Use fallback even if user does exist as migration not started yet
Use fallback address even if user does exist. Useful before migration occurs.
Syntax: fallback_force bool
fallback_domain
Fallback domain, rcpt is rewritten @ this domain name
Use fallback address even if user does exist. Useful before migration occurs.
Syntax: fallback_domain string
friends_at_rcpt
Whether to check users friends list at rcpt stage
This setting is automatically added/removed by the web admin when domain level friends defaults are configured. It allows us to check friends at rcpt stage without paying a disk access cost for non-friends users.
Syntax: friends_at_rcpt bool
friends_pending_name
The imap name of the friends_pending folder default is ‘Friends Pending’
This shouldn’t be changed unless this feature has not been used before as it will confuse your users as they will have the old imap folder too. Ensure you have enabled this feature with g_imap_friends setting
Syntax: friends_pending_name string
friends_url
Specify full url for friends release http://domain.name:port domain specific setting
Normally the default will work.
Syntax: friends_url string
status_url
Specify full url for status message e.g. http://domain.name:port domain specific setting
This setting has no further documentation currently available
Syntax: status_url string
from_exact
Check from matches authenticated user
Checks that the from header perfectly matches the authenticated user
Syntax: from_exact bool
centipaid
see
Specifies accounts that can charge for incoming email.
Syntax: centipaid match=string acct=string pass=string https=string lang=string amount=int enabled=bool friends=bool smite=int
create_block
Block new users from this IP
Stops users from specific IP addresses from registering in this domain (assuming that you have allowed users to register themselves). Use this to stop known spammers from re-registering on your system.
Syntax: create_block string
create_user
Method for adding new users
Can be one of:
| Value | Description |
| open | Anyone can create an account immediately providing name and password. Be sure to set create_max “3” to prevent spammers creating dozens of accounts. |
| Anyone can create an account providing existing email address. | |
| manager | Manager approves account, user provides existing email address. |
| manager_new | Manager activates account, user proves name and password. |
| disabled | Users cannot signup, accounts are created by the Web Admin. |
In ‘open’ mode users account are created instantly. In ’email’ mode they recieve an email and use a link to create their account. In ‘manager’ mode the manager recieves an email and via a link sends the user an email which they use to create their account. In ‘manager_new’ mode the account is created disable and the manager receives an email with a link to activate the account.
Syntax: create_user string
create_cleanup
Cleanup existing data before adding a user
This causes a delete to be actioned for a user before/as they are created. This ensures the new user does not end up with any files, on any mailing lists, with any aliases etc from a previous user of the same name/address. If you delete users from the authent database directly i.e. not using the surgemail web admin or calling ‘tellmail delete_user’ then this setting will cleanup the users files when their address is re-used.
Syntax: create_cleanup bool
create_max
Maximum signups from one IP in a day
This setting stops spammers registering hundreds of accounts on your system before sending out a lot of spam. A setting of 2-3 is probably a good idea.
Syntax: create_max int
create_subdomain
Allows users to create an account that belongs to it’s own unique domain.
If true this allows users to create accounts with a unique subdomain i.e. firstname@lastname.domain. SurgeMail uses the domuser system to handle sub-doamin users. Wildcard MX records are required to ensure delivery to subdomain users.
Syntax: create_subdomain bool
create_reqd
Required fields for new users
A comma separated list of field names. Allowable field names are the “field” value(s) of the g_authent_info setting.
For example, if your setting is:
name,phone
then when a new user is created they will be forced to fill in the name and phone fields in the registration form.
NOTE: A g_authent_info setting is required to make the field appear on the signup page, eg.
g_authent_info name=”Phone” field=”phone” access=”user” default=””
the above setting causes a field for phone to appear on the signup page and in the user details page.
Syntax: create_reqd string
create_tpl_dir
Relative path to user create pages
The relative path from the web directory to the user creation and user self management pages, these pages are typically called na_*.htm and stored in the /web directory. If you want a different look and feel for a domain simply set this and copy the pages to a directory in /web then modify them.
For example, if your setting is:
otherdomain/
Then you would:
cd /surgemail/web
mkdir otherdomain
copy na_*.htm otherdomain
CD otherdomain
notepad na_login.htm
Syntax: create_tpl_dir string
create_repass
User enters password twice on creation
If true this will show a “Password Again” input in addition to the “Password” input on the user signup page. The user is required to type the password in twice and the passwords are compared to ensure they are identical.
Syntax: create_repass bool
create_disable_days
Number of days new accounts remain active for
New accounts when created are set to expire after the specified number of days. When this occurs they can no longer login or recieve email.
Syntax: create_disable_days int
create_delete_days
Number of days a disabled new account remains before deletion
Accounts disabled with create_disable_days remain until the specified number of days at which point they are deleted.
Syntax: create_delete_days int
create_linkto
Link to redirect to after successful live account creation
This is the web url/link that the user creation process links to once it has created a new and active email account (active means it is ready for use, i.e. not disabled, verified my manager etc)
Syntax: create_linkto string
create_image
Use verification image on signups
This adds a verification image to the signup process. The user will be required to correctly enter the value shown in the image to signup
Syntax: create_image bool
dmail_deliver
Deliver messages into dmail drop directories (not supported)
This setting has no further documentation currently available
Syntax: dmail_deliver bool
dmail_drop_path
Path for drop files to automatically convert
Path for DMail / sendmail style drop files to automatically convert. This allows you to import delivered but unpopped mail from standard drop files. While this is set a check is done whether a drop file needs to be imported each time a user logs on. Any mail is converted on the fly and added to the users SurgeMail inbox.
Syntax: dmail_drop_path string
dmail_drop_prefix
Whether prefix is used on dmail drop files
Prefix on dmail drop files for dmail_drop_path conversion.
Syntax: dmail_drop_prefix bool
dmail_bin_path
Path for DMail bin files to automatically convert
Path for DMail style bin files to automatically convert. This allows you to import delivered but unpopped mail from DMail bin and mailbox files. While this is set a check is done whether this import needs to be done each time a user logs on. Any mail is converted on the fly and added to the users SurgeMail inbox.
Syntax: dmail_bin_path string
dmail_hash
Hashing scheme used by dmail_drop_path and dmail_bin_path
DMail style hashing scheme used by dmail_drop_path and dmail_bin_path.
Syntax: dmail_hash string
dmail_skip_imap
Skip conversion of old imap *.mbx folders
This setting is usually not needed
Syntax: dmail_skip_imap bool
disable_smtp_after
Number of days an account can remain unread before delivery is disabled
Specifies a number of days an account can remain ‘unread’ before it stops recieving new emails. This is intended to stop mail piling up for abandoned email accounts.
Syntax: disable_smtp_after int
delete_user_after
Number of days an account can remain unread before it is deleted
DO NOT USE THIS SETTING IN A MIRROR/CLUSTER SETUP
Number of days an account can remain unread before it is deleted. This setting cannot be used on an authent_domain FALSE domain unless it has a prefix setting.
Syntax: delete_user_after int
enotify_from
From address to use in email notification messages
Users can set an email address to send a notify to when they get an email. This setting sets the ‘from’ header for such messages.
Syntax: enotify_from string
expire_age
Expire undeleted mail older than specified age left in INBOX
Use this to trim messages that are left in the INBOX, this means messages that are unread and messages which are read but not moved to another folder. The deleted messages are replaced with a single message explaining which items have been deleted (with from, subject and date of each message deleted). You should define both age and size to enable expiration.
Currently expire ONLY affects ‘newmail’ ie: mail that is waiting to be read not mail stored in IMAP folders.
Syntax: expire_age int
expire_size
Expire undeleted mail larger than specified size (units=bytes)
Use this to trim messages that are not read by users. The deleted messages are replaced with a single message explaining which items have been deleted (with from, subject and date of each message deleted so that anything really important can be recovered). You should define both age and size to enable expiration.
Syntax: expire_size int
expire_rule
Expire rules for specific folders
These rules let you specify and expire rule for any folder. The folder match is not case sensitive
e.g. to delete all spam message over 30 days old and larger than 3k and to empty the trash can each day.
expire_rule folder=”Spam” age=”30″ size=”3k”
expire_rule folder=”Trash” age=”1″
You can use wild cards, e.g. Delete all messages over 90 days old larger than 10k unless in the new or archive* folders.
expire_rule folder=”*,!new,!archive*” age=”90″ size=”10k”
Syntax: expire_rule folder=string age=int size=int alert=bool
footer_file
Footer file for plain text messages
Footer file for all plain text messages ‘from’ this domain based on from address.
Syntax: footer_file string
footer_html
Text footer file
Footer file for all HTML messages ‘from’ this domain based on from address.
Syntax: footer_html string
forward_illegal
Prevents users setting forward rules to certain addresses
Syntax: g_forward_illegal to=”address” apply=”user type “
This setting allows you to specify some addresses as being illegal for certain users. This stops users setting up forwarding rules to these addresses. They can still send mail to these addresses manually with their email client. These rules _ONLY_ apply to non local domains.
Some examples:
If you want to stop your users setting up forward rules that redirect to aol.com.
g_forward_illegal to=”*@aol.com” apply=”user”
If you want to stop your users setting a forward to all domains except aol.com
g_forward_illegal to=”*,!*@aol.com” apply=”user”
Stop domain admins sending to aol.com
g_forward_illegal to=”*@aol.com” apply=”domadmin”
Stop admins sending to netwinsite.com
g_forward_illegal to=”*@netwinsite.com” apply=”admin”
Syntax: forward_illegal to=string apply=string
gateway_to
Send all email to another server
Useful when migrating if you want email to go to another server while users can still login and read existing email on this server, the messages will be sent even if the user does not exist locally
Syntax: gateway_to string
header_add
Add header to posts ‘from’ this domain
Adds headers, the headers are added based on the ‘from’ domain of the message.
Syntax: header_add string
host_alias
Alias name(s) for this virtual domain
When a user sends to ‘bob@xx.your.domain.name’ or ‘bob@yy.your.domain.name’ you need to have the alias host names ‘xx.your.domain.name’ etc, defined or the mail server will reject the message. Wild card’s can be used for this setting. Example: host_alias “*.your.domain.name” This can also be used to accept mail directly to the servers ip address eg ‘bob@123.4.5.’
Syntax: host_alias string
ssl_wildcard
Use if your ssl certificate accepts wildcards, e.g. *.my.domain
This setting has no further documentation currently available
Syntax: ssl_wildcard string
imap_public
Share IMAP folders between users
This setting allows folders to be shared between users. See g_imap_acl, Requires surgemail 3.9d or later!. e.g. imap_public name=”INBOX” alias=”lances_inbox” user=”lance” users=”*”
Syntax: imap_public name=string alias=string user=string subfolder=bool users=string group=string readonly=bool
Also the global setting g_imap_acl must be enabled “True”
imap_public_show
Auto subscribe public folders
This setting has no further documentation currently available
Syntax: imap_public_show bool
imap_max_sync
Limit remote imap sync to this many items (not recommended)
This setting has no further documentation currently available
Syntax: imap_max_sync int
inbox_archive
Archive old messages to Archives/yyyy/INBOX folder, age in days
This setting has no further documentation currently available
Syntax: inbox_archive int
sent_archive
Archive old messages to Archives/yyyy/Sent folder, age in days
This setting has no further documentation currently available
Syntax: sent_archive int
late_forward
Apply domain users forwarding rules after friends, spam, and filtering
By default users forwarding rules are applied before friends, spam and user filter rules. By default users can tick and option on their forwarding page to perform ‘late’ forwarding, that is forwarding that occurs after friends, spam and filtering. This option overrides the user option and causes domain users forwarding rules to be applied after friends, spam and filtering.
Syntax: late_forward bool
ldap_disable
Stops ldap logins by users of this domain
If ldap is enabled for this system, then this setting disables it for this specific domain
Syntax: ldap_disable bool
ldap_anydomain
Lets users search other than their own domain in ldap
If ldap is enabled for the system (g_ldap_port) then this lets users of this domain lookup users in any domain not just this domain.
Syntax: ldap_anydomain bool
loginfails
Disconnect after failed logins
Disconnect user after this many bad password guesses.
Syntax: loginfails int
lookup_relay_on_from
Lookup from addresses for relay allowed
Looks up local authenticated smtp from addresses to check for relay is allowed flag (relay=”true”).
Syntax: lookup_relay_on_from bool
list_max
Maximum number of mailing lists for this domain
Set this to the maximum number of mailing lists to allow for this domain.
Syntax: list_max int
list_disable
Disables creation of mailing lists
When set to “TRUE” this disables mailing list creation for this domain.
Syntax: list_disable bool
list_max_users
Maximum number of users allowed in all lists in this domain
This is a quota of users/members for all lists in this domain. The maximum number of members in each list in this domain must total to less or equal to this setting.
eg:
list_max_users “100”
list_max “2”
In this scenario, 100 users could be used in 2 lists. So one list might have 80 users the other 20, but the combined total must be less than or equal to 100 users.
Syntax: list_max_users int
language_default
Default language for user web interface
If the user has not yet selected a language then this language is used as a default. If the language specified here does not exist in the language files, or nothing is specified here then English is used as the default language.
Syntax: language_default string
manager_email
Managers Email
This is the manager’s Email address for this domain. When users register themselves, if you have set create_user to the ‘manager’ method, an Email will be sent to this Email address to await confirmation of the user creation.
Syntax: manager_email string
manager_username
Domain managers username (for web based domain administration)
Specifies the local users which have manager rights for this domain. These users can login to the user self management interface and will recieve special domain manager options. If you specify an account without the @domain part i.e. ‘admin’ it assumes admin@.
Syntax: manager_username string
manager_anyuser
Allow first domain admin to login to any users account
This setting has no further documentation currently available
Syntax: manager_anyuser bool
mailbox_path
Path to mailbox maildir (inbox) files
Specifies the root directory for users in this domain for their incoming mail messages and mail folders (for IMAP), maildir structure is used and hashing will also be applied so if you specify d:\spool, then ‘bob’s Email will appear in d:\spool\xx\yy\bob\mdir… where ‘xx’ and ‘yy’ are hashing numbers for that user. (Hashing is required to keep directory performance at a high level when you have millions of users).
Syntax: mailbox_path string
legal_archive_disable
Disable legal archive for this domain (experimental)
This setting has no further documentation currently available
Syntax: legal_archive_disable bool
legal_archive_hide
Hide legal archive for this domain (experimental)
This setting has no further documentation currently available
Syntax: legal_archive_hide bool
legal_archive_keep
Days to keep legal archive, units=days unless you specify years or months
default is g_legal_archive_keep
Syntax: legal_archive_keep int
legal_archive_admin
Enable archive searching for domain admins
This setting has no further documentation currently available
Syntax: legal_archive_admin bool
old_pophost
Old pop host for pop intercept mode based migration
Specifies an old POP host that can be used when migrating users from an old mailserver to a new mailserver. This will create a local accounts with a identical username/passwords and retrieve all mail from the old server for the old account when the user logs into SurgeMail for the first time and they are not yet in the SurgeMail user database. Mail on the old server is deleted.
The use of old_pophost adds an additional check (based on partial rcpt delivery – see g_badfrom_check) to user account self creation to prevent user creating accounts that clash with existing accounts that have not been popped on SurgeMail. This means that the old server should only accept delivery to actual accounts or all user account self creation will be disabled.
Syntax: old_pophost string
old_pophost_always
Always attempt to suck mail on each login
Suck mail from old_pophost on each login (account information is not set at each login). This allows the user to be using the new mail server and still retrieve mail from the old server if mail is delivered there. This is useful in two cases:
1) if the user is already using SurgeMail but some mail is still delivered to the old server due to delays in MX record propagation.
2) To allow incremental migration. Some users can be using the SurgeMail and some users can be using the old server. Users still on the old server sending mail to users on SurgeMail would deliver to the old server. When a user on SurgeMail logs into SurgeMail any such mail is retrieved from the old server.
Note: This will obviously stop retrieving mail if the user changes their password in SurgeMail but not on the old server.
Syntax: old_pophost_always bool
old_pophost_createuser_disable
Disable user creation in database on login
If you have already got your user in your authentication database and do not wish to setup this setting can be used to prevent user creation upon first login to SurgeMail using POP.
Syntax: old_pophost_createuser_disable bool
old_pophost_nodomain
Strip domain when logging in to old_pophost
This can be used if you are migrating from a server that uses username only (without domain) logins.
Syntax: old_pophost_nodomain bool
old_pophost_nodelete
Leave mail on the old server
This setting will leave mail on the old server just in case there are problems with the migration. Note: the use of this setting will disable the use of old_pophost_always.
Syntax: old_pophost_nodelete bool
old_pophost_sep
Login separator
Seperater, default is ‘@’. e.g. some systems use %
Note: The old_pophost_iffirst and old_pophost_makeuser have now been replaced by the more consistent old_pophost_createuser_disable setting.
Syntax: old_pophost_sep string
old_pophost_bind
Bind outgoing connection during pop migration
This binds to the specified local port during a migration
Syntax: old_pophost_bind string
old_pophost_inbox
Use pop to migrate the inbox and maintain uidls
This skips the imap migration of the inbox, IF the user logs in via POP, and instead uses pop to migrate the inbox. This means it can maintain the uidl’s correctly
Syntax: old_pophost_inbox bool
old_pophost_nofetch
Disable fetching messages from pop host
Useful if you want to migrate the account user/password, but not the messages
Syntax: old_pophost_nofetch bool
old_inbox_both
Use pop & imap to migrate the inbox
This may create duplicates, you should only use it when the old server keeps the imap and pop inboxes as sepereate entities.
Syntax: old_inbox_both bool
old_imaphost
Intercept mode migration for IMAP folders servers
The old_pophost settings will create a local account and download many mail in your inbox. However in the event that your old server also was an IMAP server you will be able to migrate your stored message folders using the old_imaphost setting. This download is only ever attempted once and does so asynchronously. A 300MB mailbox with 15000 messages will would be expected to take around 20 minutes. While IMAP folders are bing downloaded the mailbox can already be used. Note: the mail on the old server gets deleted.
Upon IMAP login an old_pophost check is also performed if defined. This is specifically so that WebMail accessing SurgeMail using IMAP (recommended configuration) will allow the retrieval of mail from old POP servers.
Syntax: old_imaphost string
old_imaphost_always
Always attempt to suck mail on each IMAP login (slow)
This setting will force the download of mail and folders from the old server upon each IMAP login. Note: that this should only be used if specifically required as this will happen for example each time that a WebMail change made.
Note: This will obviously stop retrieving mail if the user changes their password in SurgeMail but not on the old server.
Syntax: old_imaphost_always bool
old_imaphost_createuser_disable
Disable user creation in database on login
If you have already got your users in your authentication database and do not wish to add new users logging in using intercept mode this setting can be used to prevent user creation upon first login to SurgeMail using POP.
Syntax: old_imaphost_createuser_disable bool
old_imaphost_nodomain
Strip domain when logging in to old_imaphost
This can be used if you are migrating from a server that uses username only (without domain) logins.
Syntax: old_imaphost_nodomain bool
old_imaphost_nodelete
Leave mail on the old server
This setting will leave mail on the old server just in case there are problems with the migration. Note: the use of this setting will disable the use of old_imaphost_always.
Syntax: old_imaphost_nodelete bool
old_imaphost_prefix
Mail prefix for old imap server when using old_imaphost
IMAP prefix for old imap server. eg. mail/.
Syntax: old_imaphost_prefix string
old_imaphost_file
Migration based on file
Specialist setting for one specific system, not for general use.
Syntax: old_imaphost_file string
old_imaphost_user
Migration based on file – user field
Specialist setting for one specific system, not for general use.
Syntax: old_imaphost_user string
old_imaphost_lowercase
Lowercase all migrated folders
Lowercase all migrated folders.
Syntax: old_imaphost_lowercase bool
old_imaphost_skip
Skip folders
Comma seperate wild card list of migrate folders to skip past.
Syntax: old_imaphost_skip string
old_imaphost_dom
Migration – Alternative domain on old server for login, also set fallback_domain.
This setting has no further documentation currently available
Syntax: old_imaphost_dom string
old_smtphost
Old smtp host
SMTP host to check for existing users (when creating new accounts).
Syntax: old_smtphost string
old_smtphost_skip
Skip old_smtphost checks for administrators
Who to skip old_smtphost checks for. Valid values are “admin” and “domadmin”.
Syntax: old_smtphost_skip string
old_xfile
Migration – Copy xfile data across
Only valid if the old server is also running surgemail. And requires old_pophost settings to work
Syntax: old_xfile bool
pop_welcome
Welcome message for POP/IMAP
This is the string displayed to the user when they connect to this domain before they login. The same string is also used in IMAP response. See also smtp_welcome.
Syntax: pop_welcome string
pop_min_time
Min seconds between pop logins (see warning)
This setting confuses some clients, and results in the user having to login again. The error is not always shown to the end user by some dumb email clients
Syntax: pop_min_time int
prefix
Prefix for usernames in database
This prefix is used in the user database to distinguish these virtual domain users. This setting is for backward compatibility and not generally recommended. It is better to store user@domain.name in the userdatabase rather than just ‘username’.
Syntax: prefix string
proxy_pop_nodomain
Strip domain when talking to proxy POP host
This setting causes the domain name to be stripped from user login names when talking to the proxy POP host. This does not apply to surgewall, see surgewall_options for details
Syntax: proxy_pop_nodomain bool
quota_default
Default Email quota for users
This setting allows you to limit disk usage of each user a setting of 100mb to 1000mb is typical.
Syntax: quota_default string
quota_domain
Total quota for the domain, e.g. 300mb, 2gig
Limits the total usage (used quota) for the entire domain. Note that the command tellmail quota_rebuild_domain domain.name may be used to reset these figures.
Syntax: quota_domain string
rcpt_msg
Response given for invalid recipient errors, message is prefixed by email address.
This setting has no further documentation currently available
Syntax: rcpt_msg string
redirect
Redirect Email to another account
This redirects mail from one user to another. The destination can be a full Email address with another domain name.
Syntax: redirect was=string to=string
redirect_max
Limits the number of redirect rules
This setting applies a limit to the number of redirect rules which are allowed in this domain (only applies to domain admins)
Syntax: redirect_max int
redirect_cc
CC & Redirect Email to another account
This carbon copy redirects a message so the original user receives it as well as the new user you have specified. This is good for keeping a record of incoming emails for a particular account.
Syntax: redirect_cc was=string to=string
redirect_hash
Share incoming message evenly between several accounts
The sharing is done based on a hash of the ‘from’ address so that the same ‘from’ address will always go to the same recipient, if windows specified then it is random after that many seconds
Syntax: redirect_hash was=string to=string window=int sequential=bool
msg_max_out
Max size of outgoing messages for smtp authenticated users
Sets the size of messages for this domain, as the email client may have already seen the value of g_msg_max or msg_max_in it may not help setting this value ‘larger’ than those other values. We do not recommend using this setting, it is best to choose a g_msg_max value that all domains can live with.
Syntax: msg_max_out int
msg_max_in
Max size of incoming messages for this domain.
Sets the size of messages for this domain, note that this may affect the ehlo response but only for ‘address’ based virtual domains, so you must ensure your g_msg_max setting is sufficiently large. Also since this figure may be shown before the msg_max_out value is determined you must also make it larger than the msg_max_out value. We don’t recommend using this setting unless it is totally necessary. It is better to choose a g_msg_max setting that all domains can live with.
Syntax: msg_max_in int
security_suffix
Suffix for smtp/imap/pop login
This setting stops the username matching the email address by requiring a different suffix for logging in, so user@xyz.mail.server instead of user@mail.server. This is like an alias for the domain that only works for logging in.
Syntax: security_suffix string
sent_store
Store users message in named folder automatically, e.g. Sent
This setting has no further documentation currently available
Syntax: sent_store string
smtp_auth_off
Disable SMTP AUTH from unknown ip addresses
This prevents a hacker sending out spam by cracking a users account details, users must login from an address specified in g_smtp_auth_ip or g_relay_allow_ip
Syntax: smtp_auth_off bool
smtp_welcome
Welcome message for SMTP
This is the string displayed to the user when they connect to this domain, before they login. See also pop_welcome
Syntax: smtp_welcome string
smtp_welcome_name
SMTP welcome connection hostname
This setting has no further documentation currently available
Syntax: smtp_welcome_name string
smtp_from_ip
Require incoming email from matching ip
This is used to ensure all incoming email comes direct from a filter system and not from the internet, only authenticated email will bypass this (and g_spam_allow)
Syntax: smtp_from_ip string
spam_strip
Strip spam headers for this domain
Strip spamdetect headers for this domain.
Syntax: spam_strip bool
spam_block
Default for this domain to block spf etc failures
This setting sets the default behavior for this domain, if g_spam_block is not set, then this setting can turn on blocking as the default for this entire domain. Individual users can still set their own settings to block or not block for spf.
Syntax: spam_block bool
spam_noblock
Disable spf blocking for this domain
This is the opposite of spam_block, this can be used if g_spam_block is true and you wish to disable spf blocking for one domain.
Syntax: spam_noblock bool
ssl_pop_domain
Domain to use for ssl certificates for POP and IMAP
If you have multiple aliases for this domain then this setting lets you choose which one to use for the SSL certificate
Syntax: ssl_pop_domain string
ssl_allow
IP Wild card list to allow SSL encryption from
This setting remove the capability so clients won’t attempt ssl, it is only really functional for ip based virtual domains
Syntax: ssl_allow string
ssl_require_login
Require ssl for this domain
This setting has no further documentation currently available
Syntax: ssl_require_login string
ssl_require_web
Require https for most web features (excluding blogs file sharing and surgeplus)
This setting has no further documentation currently available
Syntax: ssl_require_web bool
ssl_hsts
Send HSTS header to prevent accidental http access for this domain, also rejects self signed certificates
This setting has no further documentation currently available
Syntax: ssl_hsts bool
surgewall
gewall-surgewall-mailproxy-feature-version-1-4a-or-greater-required" >
This allows SurgeMail to be placed as a “filter” in front of an existing mailserver to apply friends rules, spam filtering and/or virus scanning. All you need to do is set this to the existing server address. POP3 will be routed through to the existing server and users can login to the SurgeMail web interface to configure their friends, spam and virus options eg:
surgewall “1.2.3.4”
This setting should be an IP address not an IP and port. Use surgewall_options if you need to specify non-standard ports or a different IP for POP, SMTP and/or IMAP. You may specify a comma seperated list of IP addresses. SurgeWall will connect to each in turn until it gets a successful login. To modify this behaviour see the proxy_failover option of the surgewall_options setting.
See here for more details.
Syntax: surgewall string
surgewall_auth
SurgeWall SMTP authentication
Defines the username and password to use for SMTP authentication when sending to SurgeWall’ed server.
Syntax: surgewall_auth user=string pass=string
surgewall_local_too
For web domain admin try local database too
Allows local user accounts to be created for domain admin
Syntax: surgewall_local_too bool
surgewall_options
SurgeWall miscellaneous options (Version 1.4c or greater required)
This setting controls the SurgeWall miscellaneous configuration options it has several parameters:
| strip_domain | TRUE/FALSE strips the domain name from the username when sending to the original server. |
| proxy_failover | TRUE/FALSE failover mode for several addresses, only use next address if previous one fails to respond. |
| auth_local | TRUE/FALSE requires that users exist locally, no authentication is done via the original server. |
| pop | Comma seperated list of IP addresses and port of the original POP3 server. |
| imap | Comma seperated list of IP addresses and port of the original IMAP server. |
| smtp | Comma seperated list of IP addresses and port of the original SMTP server. |
| usercgi | pop/imap which protocol to use when authenticating logins to the web interface. |
The POP, SMTP and IMAP options allow you to configure SurgeWall to connect to different IPs and/or ports for each interface that it proxies. So for example you can run SurgeWall on the same machine as the old mail server provided the old mail server is configured to run on non-standard ports. eg:
surgewall_options strip_domain=”TRUE” pop=”127.0.0.1:111″ smtp=”127.0.0.1:26″ imap=”127.0.0.1:144″
or perhaps you have the pop, smtp and imap components of the server running on several machines, eg.
surgewall_options strip_domain=”TRUE” pop=”1.2.3.4:111″ smtp=”2.3.4.5:26″ imap=”3.4.5.6:144″
You may specify several different IPs in a comma seperated list in the POP, SMTP and IMAP options if you do this SurgeWall will connect to each in turn until it gets a successful login. The same is true for the SurgeWall setting.
To modify this behaviour you can set proxy_failover to TRUE this causes SurgeWall to only use the next address if it fails to connect to the preceeding address, meaning it will use each server specified only if the previous server is not responding.
Syntax: surgewall_options strip_domain=bool proxy_failover=bool auth_local=bool pop=string smtp=string imap=string usercgi=string
surgewall_capa_local
Just return local imap capa response rather than remote
Note that it can only guess the right imap host if you are using ip based virtual domains.
Syntax: surgewall_capa_local bool
surgewall_saveusers
Save users in the local database as they login
This can be used with auth_local=true option to create the local accounts…
Syntax: surgewall_saveusers bool
suspend
Disable logins for entire domain
Use this where a domain is not being paid for and you want to suspend all users in the domain. This prevents users checking mail NOT users sending mail or other domains sending to this domain
Syntax: suspend bool
suspend_incoming
Disable delivery and give 450 retry message
Useful to temporarily disable a domain while moving it
Syntax: suspend_incoming bool
user_alias
Number of aliases accounts can create
This setting specifies the maximum number of account aliases an account in this domain is allowed to create. The format of these aliases is specified in the file specified by the g_user_alias_file setting.
Default is disabled (0) which disables the alias creation interface in the user.cgi pages.
Syntax: user_alias int
user_auto_pass
Auto create users with this password on message delivery
Exceedingly dangerous setting only intended for closed systems not open to internet! Accounts are created on message delivery if they don’t exist with the specified password. Broadsoft Extentsion account autoprovisioning (Broadsoft feature)
Syntax: user_auto_pass string
user_auto
Auto create users when a login attempt occurs
Exceedingly dangerous setting only intended for closed systems not open to internet! Accounts are created when someone tries to login via imap/pop etc… If the account already exists it is not modified unless it is currently set with the password defined in user_auto_pass (broadsoft feature)
Syntax: user_auto bool
user_auto_always
Auto create users when a login attempt occurs and always accept any password
Exceedingly dangerous setting only intended for closed systems not open to internet! Account is created and then allowed to login with any password (used in closed broadsoft setup)
Syntax: user_auto_always bool
user_sms
Enable users to setup SMS notifications
This setting allows users to setup an SMS notification of email whose subject matches the user defined keyword.
Syntax: user_sms bool
user_sms_quota
Number of sms messages per account
This setting allows you to configure either a quota or a ‘number of credits’ system for SMS messages. This setting has 2 parameters ‘initial’ and ‘period’.
If you set ‘period’ to 0 then ‘initial’ is the number of credits a user will begin with they are decremented when they send an SMS and not increased unless you increase them manually.
If you set ‘period’ to any value other than 0, then ‘initial’ is the users quota, which is re-set after the time period specified by ‘period’. Valid ‘period’ values are a number of hours, or suffix the value with d, w or y to indicate a number of days, weeks or years respectively, eg: 5w equals 5 weeks.
Syntax: user_sms_quota initial=int period=string
user_centipaid
see
Specifies the various CentiPaid options a user is allowed to configure for themselves.
Syntax: user_centipaid string
user_max
Maximum user allowed in this domain
This setting specifies the maximum number of users in this domain. Domain admins and users are blocked from adding more users than specified in this setting. The admin can still add users.
Syntax: user_max int
user_status_send
How often to send user status messages (0 = never)
When the user enables friends then this setting will send them a regular report on what is pending and what filter rules have done. Files status_html.eml
Syntax: user_status_send int
user_send_max
ser@domain>
Reports the number of emails the user has sent in the last 24 hour period.
user_list_quota
Number of mailing lists users can create
This setting configures the number of mailing lists a user of this domain can create. See also g_user_list_quota which can set quota globally or by user group. Also the list_quota authent field can set quota per user.
Syntax: user_list_quota int
user_hide_security
Hide security logs from users
This setting has no further documentation currently available
Syntax: user_hide_security bool
user_report
Daily,Weekly,Monthly, emailed to manager
This setting has no further documentation currently available
Syntax: user_report string
url_host
Mail host A Record name (if different from MX Record name)
This name is used in URLs to this domain. It is important that the hostname specified here will resolve to this physical host running SurgeMail at all times.
It is used by WebMail in the email sent to user upon signup. The email sent to the manager when a user signs up and is the host passed to WebMail when auto-logging a user in. If your auto-logins are failing because of a “cannot connect error” then you may need to set this to the correct host.
Syntax: url_host string
ssl_alias
Alternate ssl host names, e.g. mail.xyz.com,pop.xyz.com,smtp.xyz.com
This setting has no further documentation currently available
Syntax: ssl_alias string
send_helo
Mail host A Record name used when sending helo to other servers – requires g_send_helo_from true
This is only used if g_send_helo_from is also true
Syntax: send_helo string
url_blogs
BLOGS host A Record name (if different from MX Record name – eg. blogs.mydomain.com)
This is used when generating the ‘view’ link, if you don’t specify a port (:nnn) then it will use the first webmail port by default, by default the url_host setting will be used, failing that the domain name is used
Syntax: url_blogs string
url_alias
Allows translation from one URL to another
Allows translation from one URL or beginning of a URL to another. eg:
url_alias from=”/cgi-bin/” to=”/scripts/”
will cause the URL http://localhost:7025/cgi-bin/fred.cgi to reference the same file as http://localhost:7025/scripts/fred.cgi would have, the fred.cgi in the SurgeMail ‘scripts’ directory. These settings are checked before the g_url_alias settings, the first matching rule is used, settings are checked in the order specified.
Syntax: url_alias from=string to=string ports=string
user_access_default
Default user features granted to users in this domain
This setting allows you to specify default access to certain SurgeMail features. It is specified in the same maner as the g_user_access settings ‘access’ parameter. eg:
user_access_default “all,!spam,!virus”
Syntax: user_access_default string
webmail_url
Url to the WebMail cgi
If WebMail is not in the default place and/or is not on the SurgeMail machine then this setting tells SurgeMail where it is so links to WebMail from SurgeMail function correctly.
Syntax: webmail_url string
webmail_urladd
Url data to append to WebMail auto-login link
This setting allows you to specify additional information and settings which are passed to WebMail when SurgeMail links to it. Example: Different colors to use for this domain.
Syntax: webmail_urladd string
webmail_workarea
Path to WebMail workarea
If WebMail is not installed in the default location on this SurgeMail machine this setting tells SurgeMail where to find it.
Syntax: webmail_workarea string
webmail_host
The IP address of the mail server
SurgeMail sets the imaphost/smtphost address in surgehost.ini for WebMail. First it checks for a virtual domain ip, then it checks for a specifically bound ip address in the imap/smtp port settings, if neither are specified it defaults to 127.0.0.1. The webmail_host will override this process and assign a value directly. You require this when using a Smart Router or Load Balancer, please read this.
Syntax: webmail_host string
web_path
Path to web admin pages
Path to web admin and user self management pages. This setting allows you to give each domain a different set of pages and thus a different look and feel. To enable this, copy the entire ‘web’ directory then set web_path to the path of the copied files. Lastly modify the copied files to have the new look and feel you desire.
Syntax: web_path string
web_url_path
Url to path translation with access specifier
This lets you set up aliases and translations of urls partly based on the access rights of the user.
Syntax: web_url_path url=string path=string access=string
web_access_ip
Restrict access to web ports based on ip
Specifies a list of ports and a wildcard list of valid ip addresses who can connect to those ports.
Syntax: web_access_ip ports=string ip=string
webdav_quota
Webdav quota per user in this domain, e.g. 100mb
Limits the webdav storage area for this user, default is the users email quota
Syntax: webdav_quota string
surgeweb_backend_server
Backend server to connect to
This specifies the backend machine where Surgeweb connects for email and to store user settings. Surgeweb will cache data here but store the master copy of anything on the backend machine.
Syntax: surgeweb_backend_server string
surgeweb_backend_smtp
Backend smtp access (if non default)
per default connects to 127.0.0.1:25
Syntax: surgeweb_backend_smtp string
surgeweb_backend_web
Backend web access – for usercgi /surgeplus (if non default)
If no backendserver specified is ‘/’, default with backend is ‘http://backend_server/’. For non default port / machine specify say: ‘server.name:7080’
Syntax: surgeweb_backend_web string
surgeweb_custom
Surgeweb customisation level
This setting has no further documentation currently available
Syntax: surgeweb_custom string
xfile_url
Url to xfile files (see surgeplus utility)
Use to override the url that users are told they can access their shared SurgePlus files at via a web browser. The default location is on the port specified by the webmail_port setting.
Syntax: xfile_url string
Example: https://your.domain.name:7443
disable_surgeplus
Disable SurgePlus Calendar and File Sharing client
Disable users from logging in using the SurgePlus Calendar and File Sharing client. See SurgePlus
Syntax: disable_surgeplus bool
surgeplus_pop_server_name
Default POP server for SurgePlus clients
New installs of the SurgePlus client will be automatically configured to use this specified POP server. If you don’t specify a value for this setting, then the POP server will default to what you have specified by the url_host setting, or the domain name if you don’t specify a url_host setting. You will need to do a ‘tellmail surgeplus rebuild’ command after changing this setting and if you are downloading the new build via your web browser be aware that web browsers sometimes cache the old download.
Syntax: surgeplus_pop_server_name string
Example: pop.your.domain.name
surgeplus_smtp_server_name
Default SMTP server for SurgePlus clients
New installs of the SurgePlus client will be automatically configured to use this specified SMTP server. If you don’t specify a value for this setting, then the POP server will default to what you have specified by the url_host setting, or the domain name if you don’t specify a url_host setting. You will need to do a ‘tellmail surgeplus rebuild’ command after changing this setting and if you are downloading the new build via your web browser be aware that web browsers sometimes cache the old download.
Syntax: surgeplus_smtp_server_name string
Example: pop.your.domain.name