Global Settings Misc2

  1. Home
  2. Knowledge Base
  3. Settings
  4. Global Settings Misc2

Table of Contents

g_apple_bug1 – Apple bug allow content-length headers

This setting has no further documentation currently available

Syntax: g_apple_bug1 bool

g_apple_bug2 – Apple bug2 don’t try and return bad if looping

This setting has no further documentation currently available

Syntax: g_apple_bug2 bool

g_archive_on_delete_off – Disables archive and instead deletes the files immediately

Purged monthly or by tellmail purge_deleted_users

Syntax: g_archive_on_delete_off bool

g_atrest_api – Enabe api for enabling atrest encryption – not needed

This setting has no further documentation currently available

Syntax: g_atrest_api bool

g_calendar_version – CalDAV / SabreDAV calendaring configuration version number

This setting has no further documentation currently available

Syntax: g_calendar_version int

g_pass_twofactor_life – Session life in minutes, dflt 4 hours

Allow users to enable two factor authentication.

Syntax: g_pass_twofactor_life int

g_pass_twofactor_merged – Require +code for imap/pop logins sometimes

Requires merged login.

Syntax: g_pass_twofactor_merged bool

g_disk_debug – Log slow disk access n

This setting has no further documentation currently available

Syntax: g_disk_debug bool

g_disk_warning – Give manager warning if disk % exceeded, default 95%

This setting has no further documentation currently available

Syntax: g_disk_warning string

g_dns_test_blank – Break dns lookups to test how it’s handled

This setting has no further documentation currently available

Syntax: g_dns_test_blank bool

g_fast_time_off – Disable faster time function

This setting has no further documentation currently available

Syntax: g_fast_time_off bool

g_authent_require – Days till we require user to change password

This is the one to use, only requires change in surgeweb, expire password

Syntax: g_authent_require int

g_auth_norelay_webok – Allow surgeweb sessions anyway.

This means relaying only occurs if g_relay_allow_ip matches

Syntax: g_auth_norelay_webok bool

g_bind_to – Bind outgoing SMTP if to address matches

This setting has no further documentation currently available

Syntax: g_bind_to string

g_bind_to_ip – The address to bind to

This setting has no further documentation currently available

Syntax: g_bind_to_ip string

g_bind_to_name – The name to use in the ehlo

This setting has no further documentation currently available

Syntax: g_bind_to_name string

g_blogs_https – Use https for blog urls

This setting has no further documentation currently available

Syntax: g_blogs_https bool

g_breakin_short – Match on 1.2.3.* for ip addresses, helps with google sending

When a hacker guesses a password on your system they will often send outgoing spam to your server from multiple ip addresses, Surgemail detects this and emails the administrator when it occurs, use g_breakin_white to enable specific users who need to do this (this is very unusual though)

Syntax: g_breakin_short bool

g_mirror_nsend – Sending threads to use, default 8

Sending threads for normal queue

Syntax: g_mirror_nsend int

g_mirror_debug3 – NEVER USE, MAKES MIRROR FAIL.

Helps when tracking down fault with nwauth or mirroring, never leave turned on as it can lead to mutex crashing

Syntax: g_mirror_debug3 bool

g_callhome_disable – Disable misc features that reference netwinsite

Useful if you are paranoid about information 🙂

Syntax: g_callhome_disable bool

g_deny_log – Log g_deny rejections to msg.log – can clutter log

This setting has no further documentation currently available

Syntax: g_deny_log bool

g_dkim_return – Sign if ‘return path’ matches g_dkim_only

Useful when you want to act as a signing gateway

Syntax: g_dkim_return bool

g_speech_cmd – Command to convert sound file to text (append .txt to filename)

This setting has no further documentation currently available

Syntax: g_speech_cmd string

g_speech_from – Only attempt conversion if from this email address

This setting has no further documentation currently available

Syntax: g_speech_from string

g_speech_size – Default 10mb, will not convert larger files

This setting has no further documentation currently available

Syntax: g_speech_size int

Example: 10mb

g_group_field – Group Field from authentication database

Based upon a match on an arbitrary field in the authentication database a user can be defined as being part of an access_group. All fields (field, value, group) are required. eg: To add the user to the access_group “paid_user” if the field “mystatus” has the value “fullaccess”:

g_group_field field=”mystatus” value=”fullaccess” group=”paid_user”

Syntax: g_group_field field=string value=string group=string

g_gzip_disable – Disable gzip web compression

This setting has no further documentation currently available

Syntax: g_gzip_disable bool

This setting has no further documentation currently available

Syntax: g_help_url string

g_imap_folder_create – Auto create default folders for Trash/Sent etc

Warning this may change the default folder currently used by creating one the user didn’t previously have

Syntax: g_imap_folder_create bool

g_imap_loop_report – Report imap loops of bad email clients

This only logs when a body or body part is read via imap

Syntax: g_imap_loop_report bool

g_imap_maxbusy – Limit for concurrent requests per user, user is throttled if exceeded

This setting has no further documentation currently available

Syntax: g_imap_maxbusy int

g_imap_max_limit – Limits messages being put in folders

This setting helps limit impact when a user has a large folder, it will fail to load a folder larger than this and report errors in the log, it does not prevent the folder from having messages added to it, and it does not inform the user that the problem has occurred, this setting is primarily to limit impact of a crazy user :-), see also G_MAILDIR_MAX

Syntax: g_imap_max_limit int

g_imap_allow_trailing – Allow leading/trailing spaces on folder names on linux, not a good idea

This setting has no further documentation currently available

Syntax: g_imap_allow_trailing bool

g_imap_log_user – Log imap info to imap.log in users mdir folder

This setting has no further documentation currently available

Syntax: g_imap_log_user bool

g_recycling_imap – Make visible to IMAP users, default is now ONLY surgeweb users

This setting has no further documentation currently available

Syntax: g_recycling_imap bool

g_ssl_lets_slave – Run letsencrypt on SLAVE too

Also exclude url_host on the mirroring exclude settings

Syntax: g_ssl_lets_slave bool

g_ssl_guess_domain – Guess domain using SSL hostname to allow login without @domain.name

The certifictes must be coppied from the ssl to the lets folder manually!

Syntax: g_ssl_guess_domain bool

g_log_tcp_read,g_log_tcp_write – Log actual data for a specific IP

These settings let you ‘trace’ the data going ‘to’ and or ‘from’ a specific IP address (or list, or wild card) Lets say you have a client on a specific address that has a problem where the fault could be server/client or network related. To track it down add this to surgemail.ini

g_log_tcp_read "2.3.4.5"
g_log_tcp_write "2.3.4.5"

Then try whatever is ‘failing’ and examine ‘mail.log’ to see what was read/written to that client.

Syntax: g_log_tcp_read string

g_lookup_names – Lookup names for connecting IP addresses

This is one of those things that you very likely do not want to turn on. It makes the mail server lookup the IP name of any connecting user, however lookups can take 30-90 seconds so it can negatively impact apparent performance. Most of the access rules in the server can accept IP names if this setting is enabled, e.g. instead of specifying local users are 153.2.3.* you can say ‘*.netwinsite.com” 

Syntax: g_lookup_names bool

If lookup cannot get a name, reject user (not generally recommended) 

Syntax: g_lookup_reject_fails bool

g_lowdisk_warning – Disk space level below which to warn the manager

SurgeMail checks available disk space on startup and every half hour whilst running on all the mail, temp and home directories. If any is found to be low an email is sent to the system manager.  The recommended level is at least 100MB (default is 10MB).

Syntax: g_lowdisk_warning string

g_msg_log_pop – Log all pop reads in msg*.rec

Log from header field

Syntax: g_msg_log_pop bool

g_rules_msgtime – Use msg time rather than file time for expire rules

This setting has no further documentation currently available

Syntax: g_rules_msgtime bool

g_old_imap_nossl – Disable auto ssl mode

This is just the way it used to do it, I can’t see any good reason for it, but I’m leaving this setting incase there is a reason 🙂

Syntax: g_old_imap_nossl bool

g_responder_friends – Only respond if from known friends

This can further reduce spam back scatter issues

Syntax: g_responder_friends bool

g_quota_default – Default quota

This setting has no further documentation currently available

Syntax: g_quota_default string

g_ssl_require_smtp – If IP matches then require SSL for incoming SMTP message

This setting has no further documentation currently available

Syntax: g_ssl_require_smtp string

g_ssl_disable_renegotiation – Disable SSL renegotiation.

GEnerally this shouldn’t be used unless you have to keep some paranoid security scan happy

Syntax: g_ssl_disable_renegotiation bool

g_tarpit_hacker – Slow DOS attacks in some situations

This setting has no further documentation currently available

Syntax: g_tarpit_hacker bool

g_thread_reuse_real2 – Thread reuse

If enabled the server will reuse existing threads instead of creating and destroying threads for each incoming/outgoing message. This has no affect on performance but does avoid a bug in some UNIX threading libraries which leak handles and cause problems if threads are not reused. Generally best disabled except on early Linux systems. 

Syntax: g_thread_reuse2 bool

g_user_virus_scan – Allow users to enable / disable virus scanner for themselves

This setting adds a tickbox to the Spam page in user self administration that allows the user to enable and disable the virus scanner for them selves.

Syntax: g_user_virus_scan bool

g_user_friends_domain_log_disable – Disable domain level friend.log file

By default a friend.log file is written to each domain mailbox_path. This file is a collection of all users friends.log entries that rotates when it reaches 2mb in size.

Syntax: g_user_friends_domain_log_disable bool

g_user_friends_log_disable – Disable user level friend.log file

By default a friend.log file and 1 rotation is written for each user. Each log should only be approx 10k in size.

Syntax: g_user_friends_log_disable bool

g_user_utoken_days – Length of time a user self management login token is valid

Length of time a user self management login token is valid for. Length of time a user self management cookie is valid for. After this time period the login token will stop allowing the user access and they will need to login again.

Syntax: g_user_utoken_days int

g_user_utoken_expire – Length of time a user self management login token is valid for

This setting has no further documentation currently available

Syntax: g_user_utoken_expire int

g_user_mail_view – Whether an admin/manager can view/display users inbox mail

This setting enables the ‘view’ links on the users mailbox page. These links will show the content of the users email. They also log the access to the users log file, identifying the IP from which the admin viewed the message.

Syntax: g_user_mail_view bool

g_user_hide_security – Hide user level security.log access

This setting has no further documentation currently available

Syntax: g_user_hide_security bool

g_user_report – Daily,Weekly,Monthly, emailed to managers of each domain

This setting has no further documentation currently available

Syntax: g_user_report string

g_user_utoken_idle – Length of time a user self management login token may remain idle for

This setting has no further documentation currently available

Syntax: g_user_utoken_idle int

g_user_pipe – Local delivery filter pipe

Pipe run on file just before delivery to user, $USER$ available on command line. This allows the message to be modified (also see g_filter_pipe).

Syntax: g_user_pipe string

g_user_mfilter – Local delivery Mfilter rules

Mfilter rules to run late in the delivery process after the email messages have become “user specirfic”, In particular this allows filtering based on the output of g_user_pipe.

Syntax: g_user_mfilter string

g_user_receive_rule – Define valid source addresses for users in a group

This setting has no further documentation currently available

Syntax: g_user_receive_rule group=string from=string

g_user_sms_quota – SMS quota

Number of SMS messages accounts can send.

Syntax: g_user_sms_quota group=string initial=int period=string

g_user_status_send – Number of days after which to send user status messages (0 = never)

When the user enables friends then this setting will send them a regular report on what is pending and what filter rules have done. User Spam report.

Syntax: g_user_status_send int

g_user_status_from – Send status with return address of the user

Adding a return address can assist with delivery in some situations

Syntax: g_user_status_from bool

g_user_status_fromhdr – Send status with return address of this

Adding a return address can assist with delivery in some situations

Syntax: g_user_status_fromhdr string

g_user_send_rule – Define valid recipient addresses for users in a group (requires SMTP AUTH)

This rule allows you to define which domains users in the specified group can send email to.

g_user_send_rule group=”wildcard” to=”number”

If ‘group’ is set to ‘*’ then it applies to users who are not in a group (see g_access_group), and/or whose group does not match another g_user_send_rule setting. The ‘to’ field contains a wildcard list of allowed email addresses.

Syntax: g_user_send_max group=string max=int

g_user_send_rule – Define valid recipient addresses for users in a group (requires SMTP AUTH)

Restricts to whom a user can send email, useful for students who may only be permitted to send to their own domain

Syntax: g_user_send_rule group=string to=string

g_user_send_warning – Warn manager if any user sends more than this many messages per day, e.g. 5000

This setting is useful to detect a spammer sending out bulk email from your system, this setting only applies to authenticated users, so someone who has figured out the password of one of your users (or a virus on their computer) or a registered user of some sort. If g_user_send_ip is defined then warnings will also be sent if an ip address exceeds this limit.

Syntax: g_user_send_warning int

g_user_send_ip – Block any ip that sends more than this many emails per day

This does not apply to g_user_send_white addresses. This will also enable counting of sends for users using g_relay_window. Whitelist ip addresses with g_user_send_white setting. This limit is ‘per day’

Syntax: g_user_send_ip int

g_user_send_white – No limit for these ip addresses/users

This is a white list for the ip and user send limits.

Syntax: g_user_send_white string

g_user_send_all – Apply all g_user_send_rules that match

This setting has no further documentation currently available

Syntax: g_user_send_all bool

g_user_list_quota – Number of mailing lists users can create

g_user_list_quota group=”” quota=”100″

This setting configures the number of mailing lists a user can create on this server. The group field is optional, specifying none effects all users globally, otherwise it matches this against the users access group. See also user_list_quota which can set quota per domain. Also the list_quota authent field can set quota per user.

Syntax: g_user_list_quota group=string quota=int

g_verify_smtp2 – Verify we can talk back to the SMTP port on incoming ip address

This setting has no further documentation currently available

Syntax: g_verify_smtp2 bool

g_virus_avast – Set Avast update time

This is a string based setting that allows you to specify when Avast updates are attempted.

eg: to update at 12 midnight, 6am,12noon and 6 pm.

g_virus_avast_hour “0,6,12,18”

Syntax: g_virus_avast_hour int

g_web_api_ip – Allow access to web based API for msg access

This setting has no further documentation currently available

Syntax: g_web_api_ip string

g_autologin_newlogic – Streamlined logic for surgeweb to user.cgi autologin handover

Improved logic for user.cgi autologin url generation. Notably affects proxy mode, frontend-backend configurations, and whether ssl is used.

Syntax: g_autologin_newlogic bool

g_surgeweb_backend_web – Backend machine to connect to

This specifies the internet resolvable hostnaem or url for all user.cgi access connected to a backend server eg. myserver.com or https://myserver.com:7443

Syntax: g_surgeweb_backend_web string

g_surgeplus_port, g_surgeplus_secure_port – SurgePlus port and SurgePlus secure port.

SurgePlus uses the POP protocol to communicate with SurgeMail. However, some virus scanners running on the clients machine prevent the SurgePlus client from using POP commands that the virus scanner does not know about. In order to avoid this problem, SurgePlus uses port 7110 by default instead of port 110. However, clients not using a virus scanner (or clients using some virus scanners we have made SurgePlus work with – e.g. Norton) can safely use port 110 if they would otherwise be prevented from connecting to SurgeMail by a firewall. The SurgePlus client will quietly switch to using port 110 if it is not able to connect to the server using port 7110.

Syntax: g_surgeplus_secure_port int

Was this article helpful?

Related Articles