g_apple_bug1 - Apple bug allow content-length headers
This setting has no further documentation currently available
Syntax: g_apple_bug1 bool
g_apple_bug2 - Apple bug2 don't try and return bad if looping
This setting has no further documentation currently available
Syntax: g_apple_bug2 bool
g_archive_on_delete_off - Disables archive and instead deletes the files immediately
Purged monthly or by tellmail purge_deleted_users
Syntax: g_archive_on_delete_off bool
g_atrest_api - Enabe api for enabling atrest encryption - not needed
This setting has no further documentation currently available
Syntax: g_atrest_api bool
g_calendar_version - CalDAV / SabreDAV calendaring configuration version number
This setting has no further documentation currently available
Syntax: g_calendar_version int
g_pass_twofactor_life - Session life in minutes, dflt 4 hours
Allow users to enable two factor authentication.
Syntax: g_pass_twofactor_life int
g_pass_twofactor_merged - Require +code for imap/pop logins sometimes
Requires merged login.
Syntax: g_pass_twofactor_merged bool
g_disk_debug - Log slow disk access n
This setting has no further documentation currently available
Syntax: g_disk_debug bool
g_disk_warning - Give manager warning if disk % exceeded, default 95%
This setting has no further documentation currently available
Syntax: g_disk_warning string
g_dns_test_blank - Break dns lookups to test how it's handled
This setting has no further documentation currently available
Syntax: g_dns_test_blank bool
g_fast_time_off - Disable faster time function
This setting has no further documentation currently available
Syntax: g_fast_time_off bool
g_authent_require - Days till we require user to change password
This is the one to use, only requires change in surgeweb, expire password
Syntax: g_authent_require int
g_auth_norelay_webok - Allow surgeweb sessions anyway.
This means relaying only occurs if g_relay_allow_ip matches
Syntax: g_auth_norelay_webok bool
g_bind_to - Bind outgoing SMTP if to address matches
This setting has no further documentation currently available
Syntax: g_bind_to string
g_bind_to_ip - The address to bind to
This setting has no further documentation currently available
Syntax: g_bind_to_ip string
g_bind_to_name - The name to use in the ehlo
This setting has no further documentation currently available
Syntax: g_bind_to_name string
g_blogs_https - Use https for blog urls
This setting has no further documentation currently available
Syntax: g_blogs_https bool
g_breakin_short - Match on 1.2.3.* for ip addresses, helps with google sending
This setting makes the address counting based on subnet x.x.x.* which prevents false positives caused by google.
Syntax: g_breakin_short bool
g_mirror_nsend - Sending threads to use, default 8
Sending threads for normal queue
Syntax: g_mirror_nsend int
g_mirror_debug3 - NEVER USE, MAKES MIRROR FAIL.
Helps when tracking down fault with nwauth or mirroring, never leave turned on as it can lead to mutex crashing
Syntax: g_mirror_debug3 bool
g_callhome_disable - Disable misc features that reference netwinsite
Useful if you are paranoid about information 🙂
Syntax: g_callhome_disable bool
g_deny_log - Log g_deny rejections to msg.log - can clutter log
This setting has no further documentation currently available
Syntax: g_deny_log bool
g_dkim_return - Sign if 'return path' matches g_dkim_only
Useful when you want to act as a signing gateway
Syntax: g_dkim_return bool
g_speech_cmd - Command to convert sound file to text (append .txt to filename)
This setting has no further documentation currently available
Syntax: g_speech_cmd string
g_speech_from - Only attempt conversion if from this email address
This setting has no further documentation currently available
Syntax: g_speech_from string
g_speech_size - Default 10mb, will not convert larger files
This setting has no further documentation currently available
Syntax: g_speech_size int
Example: 10mb
g_group_field - Group Field from authentication database
Based upon a match on an arbitrary field in the authentication database a user can be defined as being part of an access_group. All fields (field, value, group) are required. eg: To add the user to the access_group "paid_user" if the field "mystatus" has the value "fullaccess":
g_group_field field="mystatus" value="fullaccess" group="paid_user"
Syntax: g_group_field field=string value=string group=string
g_gzip_disable - Disable gzip web compression
This setting has no further documentation currently available
Syntax: g_gzip_disable bool
g_help_url - Link to another website for help instead of surgemail.com
This setting has no further documentation currently available
Syntax: g_help_url string
g_imap_folder_create - Auto create default folders for Trash/Sent etc
Warning this may change the default folder currently used by creating one the user didn't previously have
Syntax: g_imap_folder_create bool
g_imap_loop_report - Report imap loops of bad email clients
This only logs when a body or body part is read via imap
Syntax: g_imap_loop_report bool
g_imap_maxbusy - Limit for concurrent requests per user, user is throttled if exceeded
This setting has no further documentation currently available
Syntax: g_imap_maxbusy int
g_imap_max_limit - Limits messages being put in folders
This setting helps limit impact when a user has a large folder, it will fail to load a folder larger than this and report errors in the log, it does not prevent the folder from having messages added to it, and it does not inform the user that the problem has occurred, this setting is primarily to limit impact of a crazy user :-), see also G_MAILDIR_MAX
Syntax: g_imap_max_limit int
g_imap_allow_trailing - Allow leading/trailing spaces on folder names on linux, not a good idea
This setting has no further documentation currently available
Syntax: g_imap_allow_trailing bool
g_imap_log_user - Log imap info to imap.log in users mdir folder
This setting has no further documentation currently available
Syntax: g_imap_log_user bool
g_recycling_imap - Make visible to IMAP users, default is now ONLY surgeweb users
This setting has no further documentation currently available
Syntax: g_recycling_imap bool
g_ssl_lets_slave - Run letsencrypt on SLAVE too
Also exclude url_host on the mirroring exclude settings
Syntax: g_ssl_lets_slave bool
g_ssl_guess_domain - Guess domain using SSL hostname to allow login without @domain.name
The certifictes must be coppied from the ssl to the lets folder manually!
Syntax: g_ssl_guess_domain bool
g_log_tcp_read,g_log_tcp_write - Log actual data for a specific IP
These settings let you 'trace' the data going 'to' and or 'from' a specific IP address (or list, or wild card) Lets say you have a client on a specific address that has a problem where the fault could be server/client or network related. To track it down add this to surgemail.ini
g_log_tcp_read "2.3.4.5"
g_log_tcp_write "2.3.4.5"
Then try whatever is 'failing' and examine 'mail.log' to see what was read/written to that client.
Syntax: g_log_tcp_read string
g_lookup_names - Lookup names for connecting IP addresses
This is one of those things that you very likely do not want to turn on. It makes the mail server lookup the IP name of any connecting user, however lookups can take 30-90 seconds so it can negatively impact apparent performance. Most of the access rules in the server can accept IP names if this setting is enabled, e.g. instead of specifying local users are 153.2.3.* you can say '*.netwinsite.com"
Syntax: g_lookup_names bool
g_lookup_reject_fails - If lookup cannot get a name, reject user (not generally recommended)
If lookup cannot get a name, reject user (not generally recommended)
Syntax: g_lookup_reject_fails bool
g_lowdisk_warning - Disk space level below which to warn the manager
SurgeMail checks available disk space on startup and every half hour whilst running on all the mail, temp and home directories. If any is found to be low an email is sent to the system manager. The recommended level is at least 100MB (default is 10MB).
Syntax: g_lowdisk_warning string
g_msg_log_pop - Log all pop reads in msg*.rec
Log from header field
Syntax: g_msg_log_pop bool
g_rules_msgtime - Use msg time rather than file time for expire rules
This setting has no further documentation currently available
Syntax: g_rules_msgtime bool
g_old_imap_nossl - Disable auto ssl mode
This is just the way it used to do it, I can't see any good reason for it, but I'm leaving this setting incase there is a reason 🙂
Syntax: g_old_imap_nossl bool
g_responder_friends - Only respond if from known friends
This can further reduce spam back scatter issues
Syntax: g_responder_friends bool
g_quota_default - Default quota
This setting has no further documentation currently available
Syntax: g_quota_default string
g_ssl_require_smtp - If IP matches then require SSL for incoming SMTP message
This setting has no further documentation currently available
Syntax: g_ssl_require_smtp string
g_ssl_disable_renegotiation - Disable SSL renegotiation.
GEnerally this shouldn't be used unless you have to keep some paranoid security scan happy
Syntax: g_ssl_disable_renegotiation bool
g_tarpit_hacker - Slow DOS attacks in some situations
This setting has no further documentation currently available
Syntax: g_tarpit_hacker bool
g_thread_reuse_real2 - Thread reuse
If enabled the server will reuse existing threads instead of creating and destroying threads for each incoming/outgoing message. This has no affect on performance but does avoid a bug in some UNIX threading libraries which leak handles and cause problems if threads are not reused. Generally best disabled except on early Linux systems.
Syntax: g_thread_reuse2 bool
g_user_virus_scan - Allow users to enable / disable virus scanner for themselves
This setting adds a tickbox to the Spam page in user self administration that allows the user to enable and disable the virus scanner for them selves.
Syntax: g_user_virus_scan bool
g_user_friends_domain_log_disable - Disable domain level friend.log file
By default a friend.log file is written to each domain mailbox_path. This file is a collection of all users friends.log entries that rotates when it reaches 2mb in size.
Syntax: g_user_friends_domain_log_disable bool
g_user_friends_log_disable - Disable user level friend.log file
By default a friend.log file and 1 rotation is written for each user. Each log should only be approx 10k in size.
Syntax: g_user_friends_log_disable bool
g_user_utoken_days - Length of time a user self management login token is valid
Length of time a user self management login token is valid for. Length of time a user self management cookie is valid for. After this time period the login token will stop allowing the user access and they will need to login again.
Syntax: g_user_utoken_days int
g_user_utoken_expire - Length of time a user self management login token is valid for
This setting has no further documentation currently available
Syntax: g_user_utoken_expire int
g_user_mail_view - Whether an admin/manager can view/display users inbox mail
This setting enables the 'view' links on the users mailbox page. These links will show the content of the users email. They also log the access to the users log file, identifying the IP from which the admin viewed the message.
Syntax: g_user_mail_view bool
g_user_hide_security - Hide user level security.log access
This setting has no further documentation currently available
Syntax: g_user_hide_security bool
g_user_report - Daily,Weekly,Monthly, emailed to managers of each domain
This setting has no further documentation currently available
Syntax: g_user_report string
g_user_utoken_idle - Length of time a user self management login token may remain idle for
This setting has no further documentation currently available
Syntax: g_user_utoken_idle int
g_user_pipe - Local delivery filter pipe
Pipe run on file just before delivery to user, $USER$ available on command line. This allows the message to be modified (also see g_filter_pipe).
Syntax: g_user_pipe string
g_user_mfilter - Local delivery Mfilter rules
Mfilter rules to run late in the delivery process after the email messages have become "user specirfic", In particular this allows filtering based on the output of g_user_pipe.
Syntax: g_user_mfilter string
g_user_receive_rule - Define valid source addresses for users in a group
This setting has no further documentation currently available
Syntax: g_user_receive_rule group=string from=string
g_user_sms_quota - SMS quota
Number of SMS messages accounts can send.
Syntax: g_user_sms_quota group=string initial=int period=string
g_user_status_send - Number of days after which to send user status messages (0 = never)
When the user enables friends then this setting will send them a regular report on what is pending and what filter rules have done. User Spam report.
Syntax: g_user_status_send int
g_user_status_from - Send status with return address of the user
Adding a return address can assist with delivery in some situations
Syntax: g_user_status_from bool
g_user_status_fromhdr - Send status with return address of this
Adding a return address can assist with delivery in some situations
Syntax: g_user_status_fromhdr string
g_user_send_rule - Define valid recipient addresses for users in a group (requires SMTP AUTH)
This rule allows you to define which domains users in the specified group can send email to.
g_user_send_rule group="wildcard" to="number"
If 'group' is set to '*' then it applies to users who are not in a group (see g_access_group), and/or whose group does not match another g_user_send_rule setting. The 'to' field contains a wildcard list of allowed email addresses.
Syntax: g_user_send_max group=string max=int
g_user_send_rule - Define valid recipient addresses for users in a group (requires SMTP AUTH)
Restricts to whom a user can send email, useful for students who may only be permitted to send to their own domain
Syntax: g_user_send_rule group=string to=string
g_user_send_warning - Warn manager if any user sends more than this many messages per day, e.g. 5000
This setting is useful to detect a spammer sending out bulk email from your system, this setting only applies to authenticated users, so someone who has figured out the password of one of your users (or a virus on their computer) or a registered user of some sort. If g_user_send_ip is defined then warnings will also be sent if an ip address exceeds this limit.
Syntax: g_user_send_warning int
g_user_send_ip - Block any ip that sends more than this many emails per day
This does not apply to g_user_send_white addresses. This will also enable counting of sends for users using g_relay_window. Whitelist ip addresses with g_user_send_white setting. This limit is 'per day'
Syntax: g_user_send_ip int
g_user_send_white - No limit for these ip addresses/users
This is a white list for the ip and user send limits.
Syntax: g_user_send_white string
g_user_send_all - Apply all g_user_send_rules that match
This setting has no further documentation currently available
Syntax: g_user_send_all bool
g_user_list_quota - Number of mailing lists users can create
g_user_list_quota group="" quota="100"
This setting configures the number of mailing lists a user can create on this server. The group field is optional, specifying none effects all users globally, otherwise it matches this against the users access group. See also user_list_quota which can set quota per domain. Also the list_quota authent field can set quota per user.
Syntax: g_user_list_quota group=string quota=int
g_verify_smtp2 - Verify we can talk back to the SMTP port on incoming ip address
This setting has no further documentation currently available
Syntax: g_verify_smtp2 bool
g_virus_avast - Set Avast update time
This is a string based setting that allows you to specify when Avast updates are attempted.
eg: to update at 12 midnight, 6am,12noon and 6 pm.
g_virus_avast_hour "0,6,12,18"
Syntax: g_virus_avast_hour int
g_web_api_ip - Allow access to web based API for msg access
This setting has no further documentation currently available
Syntax: g_web_api_ip string
g_autologin_newlogic - Streamlined logic for surgeweb to user.cgi autologin handover
Improved logic for user.cgi autologin url generation. Notably affects proxy mode, frontend-backend configurations, and whether ssl is used.
Syntax: g_autologin_newlogic bool
g_surgeweb_backend_web - Backend machine to connect to
This specifies the internet resolvable hostnaem or url for all user.cgi access connected to a backend server eg. myserver.com or https://myserver.com:7443
Syntax: g_surgeweb_backend_web string
g_surgeplus_port, g_surgeplus_secure_port - SurgePlus port and SurgePlus secure port.
SurgePlus uses the POP protocol to communicate with SurgeMail. However, some virus scanners running on the clients machine prevent the SurgePlus client from using POP commands that the virus scanner does not know about. In order to avoid this problem, SurgePlus uses port 7110 by default instead of port 110. However, clients not using a virus scanner (or clients using some virus scanners we have made SurgePlus work with - e.g. Norton) can safely use port 110 if they would otherwise be prevented from connecting to SurgeMail by a firewall. The SurgePlus client will quietly switch to using port 110 if it is not able to connect to the server using port 7110.
Syntax: g_surgeplus_secure_port int