1. Home
  2. Knowledge Base
  3. Settings
  4. Global settings g_encrypt

Global settings g_encrypt

Table of Contents

g_encrypt_config – Encrypt some config settings (passwords)

This can be used if naked passwords in the config are a problem. This setting currently applies to g_gateway, and may apply to others in future. You must manually copy the file config.key from master to slave.

Syntax: g_encrypt_config bool

g_encrypt_disable – Disable encryption

Disable encryption mechanism

Syntax: g_encrypt_disable bool

g_encrypt_expire – Days to keep encrypted messages, default 60

When a message is sent via encryption it is deleted after this many days

Syntax: g_encrypt_expire int

g_encrypt_inline – Use INLINE method by default

Sets the default encryption method when a rule does not apply

Syntax: g_encrypt_inline bool

g_encrypt_limit – Max encrypted msgs per user per hour

Per user limit

Syntax: g_encrypt_limit int

g_encrypt_max – Max encrypted per day server wide

Server wide limit to prevent abuse (or accidental over use)

Syntax: g_encrypt_max int

g_encrypt_nodomain – Allow encryption for users without local domains

This lets you create accounts for domains that don’t exist, these users can then send encrypted messages.

Syntax: g_encrypt_nodomain bool

g_encrypt_nofwd – Don’t encrypt forwarded

Known fault, this affects all recipeients, not generally good to use

Syntax: g_encrypt_nofwd bool

g_encrypt_noip – Don’t encrypt if from this ip range

Only significant if the setting to lock all messages is enabled.

Syntax: g_encrypt_noip string

g_encrypt_nolate – Disable encryption on late forwarding

If default encrpting is enabled then you might need this setting to stop it for late forwarding.

Syntax: g_encrypt_nolate bool

g_encrypt_none – Don’t encrypt if subject starts with this

Only significant if the setting to lock all messages is enabled.

Syntax: g_encrypt_none string

g_encrypt_nowater – Show this if no water mark defined yet

e.g. No watermark defined, please complete this form

Syntax: g_encrypt_nowater string

g_encrypt_path – Path to encrypted files, this is not supported when mirroring!


Syntax: g_encrypt_path string

g_encrypt_prefix – Prefix for encrypted messages must match encrypt rule so replies are encrypted

This setting has no further documentation currently available

Syntax: g_encrypt_prefix string

g_encrypt_pw_host – Central host for encryption password storage


Syntax: g_encrypt_pw_host string

g_encrypt_pw_key – Central host password key


Syntax: g_encrypt_pw_key string

Not for general use, keywords (expire password reminder)

Syntax: g_encrypt_reminders int

g_encrypt_reply_plain – Send plain message for local replies

By default a reply to a local user is also encrypted this makes it not encrypt the reply as user should be reading the message via SSL so the data is secure anyway.

Syntax: g_encrypt_reply_plain bool

g_encrypt_reset_msg – Msg Body sent when password has been reset

Message body sent to end user when password is reset

Syntax: g_encrypt_reset_msg string

g_encrypt_reset_safe – When users password is reset, delete all messages to them

This setting increases security and should be used if your server allows public account registrations.

Syntax: g_encrypt_reset_safe bool

g_encrypt_reset_sender – Msg Body sent to sender when password reset requested

Message body sent to sender password reset is requested

Syntax: g_encrypt_reset_sender string

g_encrypt_reset_user – Msg to person when they click on reset password button

The sender has been emailed a link they can use to reset your password

Syntax: g_encrypt_reset_user string

g_encrypt_rule – Matches will be encrypted when sent

If this rule matches then the message will be encrypted before it is sent to the user. method=server or inline, we recommend ‘server’ mode as it’s much simpler.

Syntax: g_encrypt_rule header=string contains=string from=string to=string noconfirm=bool method=string

g_encrypt_smart – Smart Encrypt Private Feature (not available)

Encrypt all messages except g_encrypt_unlock and surgeweb defined addresses – this feature not generally available till 9/March/2013, encrypt_smart per domain must also be turned on.

Syntax: g_encrypt_smart bool

g_encrypt_ssl_force – Require ssl on incoming encrypted messages

When a message is going to be encrypted this setting ensures it is sent from the user to the server via SSL

Syntax: g_encrypt_ssl_force bool

g_encrypt_ssl_noforce – Exceptions, e.g. surgeweb or localhost

When a message is going to be encrypted this setting ensures it is sent from the user to the server via SSL

Syntax: g_encrypt_ssl_noforce string

g_encrypt_surgeweb_show – Show SurgeVault in SurgeWeb

Enables the display of surgevault encryption in the surgeweb interface (can be modified using encrypt_hide on surgeweb customisation page)

Syntax: g_encrypt_surgeweb_show bool

g_encrypt_unlock – Unlock for these destinations. e.g. user@domain

Not for general use

Syntax: g_encrypt_unlock string

g_encrypt_wall – Encrypt surgewall msgs

Normally surgewall skips encryption

Syntax: g_encrypt_wall bool

Was this article helpful?

Related Articles


Need Support?

Can't find the answer you're looking for?
Contact Support