English
Русский
CGP - Provisions
1. Master vs Secondary Domains
The WebAdmin Interface pages are grouped into 5 Realms: Settings, Users, Monitors, Directory, Master.If an Account is granted the Master access right, the Account user can access all realms.The Server Administration access rights can be granted to the Main Domain Accounts only. Accounts in secondary Domains can be granted Domain Administration rights only.When a Server is installed for the first time, it creates the postmaster Account in the Main Domain, and it grants the Master access right to that Account.
ONLY the E-mail Messages and Signals directed to addresses in the Main Domain will be processed as local. If the Main Domain Name is entered as company.com, then Messages to mail.company.com or Signals to sip.company.com will not be processed as local, and if such a Message or Signal is received, the Server will try to deliver it to the mail.company.com or the sip.company.com system over the network.
PBX custom environment cannot be created for secondary (LDAP-based ?) domains
2. Mobile relaying
Support for mobile users can be disabled on per-account and per-domain basis by disabling the Mobile option in the Enabled Services section on the Account Settings and Domain Settings pages. If this service is disabled for an Account, the Account user will able to connect only from the internet addresses included into the Client IP Addresses list.
Mail relaying for mobile users can be disabled on per-account and per-domain basis by disabling the Relay option in the Enabled Services section on the Account Settings and Domain Settings pages. If an Account or a Domain has this service disabled, the IP address from which the user connects is not remembered as "a temporary client IP address", and the SMTP Authentication will not allow this user to relay messages via your SMTP module. This setup is useful when you give users Accounts on your Server, but you do not want them to be able to relay SMTP mail through your Server (they are forced to submit messages using the WebUser Interface or any other non-SMTP methods).
3. Spam Protection
If you do not want to accept mail from any address in the offenderdomain.com domain, put the following line into the Router settings:
offenderdomain.com = erroror <*@offenderdomain.com> = error.
If you do not want to accept mail from all addresses starting with "promo" in the offenderdomain.com domain, put the following line into the Router settings:
<promo*@offenderdomain.com> = error.
Other related options:
- Settings/General/Other
- Access to all@domain (if the administrator has enabled mail distribution to all Accounts in the Main Domain, a message can be sent to all Accounts in all Domains):
- Users/Domain Defaults/Mail to All is distributed for: = nobody
- Users/main domain/Mail to All is distributed for: = nobody (this effectively disabled sending a mail to all domains at once)
- Users/secondary domain/Mail to All is distributed for: = Authenticated users
- Send to Forwarders = No
4. Notable adjustments
4.1. Domain options
Free Auto-Signup = Disabled IP Address for SMTP Send = any [http://www.communigate.com/CommuniGatePro/SMTP.html#AUTH Force SMTP AUTH for] = non-clients
Free Auto-Signup = Disabled Consult External on Privision = No
Foldering Method = flat
Disabled Services = FTP, RADIUS, AirSync, PWD, ACAP
(XMPP = Jabber, MAPI = Outlook, PBX = Answering machine, AirSync = Nokia PDAs, Windows Mobile etc)
4.2. Mailing Lists
- Use Groups, not mailing lists;
- Create mailing listst under public user:
Subscribe = Locals Only Accept postings = from subscribers Verify owner = return path New subscribers = Unmoderated Hide 'From' addresses = NO
4.3. SMTP
Note: to allow Microsoft® Outlook Express 4.x users to submit messages using secure connections, you should configure the SMTP listener to accept connections on the TCP port 465, and enable the SSL/TLS option for that port.
Note: Netscape® Messenger and modern versions of Microsoft Outlook and Outlook Express products do not need any special port for secure communications, since these products use the STARTTLS command to initiate secure communications after establishing a regular, clear text SMTP connection to the standard port number 25.
Note:The CommuniGate Pro SMTP module never converts non-ASCII messages into the MIME form itself, and (according to RFC1652) it should not advertise the 8BITMIME capability. But the modern Internet is completely 8-bit transparent and clean, so it is safe to enable the Advertise 8BITMIME option, preventing other servers from doing unneeded 8bit-to-MIME message conversion.
Protect against brute-force password attacks.
4.4. Accounts
- All accounts are to be created in the directory-based secondary domain gclimate.com.
- Make uid the account name
- Make cn the account alias
Create a 'nnn (personal auto-generated employee number) number alias for voicemail...
Create a homecall-nnn (home telephone number) alias for home calls...
Add surname to sn' mapping to LDAP attribute mappings and surname to custom attributes.
Directory records are created for aliases of Directory-based Domain Accounts.Alias records have the same DNs as Accounts (uid=aliasname,domain DN).Alias records have the standard alias objectClass, and their aliasedObjectName attribute specifies the DN of the original account record.
If a CommuniGate Pro server has to open an Account in a Directory-based domain, and the account storageLocation attribute starts with the asterisk (*) symbol, the CommuniGate Pro Server creates the account file directory (for multi-mailbox accounts) and other required account files and file directories.
Settings in Users/Account Defaults:
- State = Saint Petersburg
- City = Saint Petersburg
- Unit = Staff
- CommuniGate Password = Disabled
- Password Modification = Prohibit
- Password Recovery = Disabled
- Alt RADIUS Password = none
- Alt SIP Password = none
- Kerberos = Disabled
- Certificate = Disabled
- OS Username = *
- OS Password = Enabled
- External Password = Disabled
- Secure Only = Yes
(Does this configuration allow for alias names for login ?)
- Mail Storage = 300M
- Mailboxes = 100
- Message Size = 30M
- New Mailbox Format = MailBox (Text)
- Allowed Mail Rules = Filters Only
- RPOP Modifications = Allow
- Accept Mail to All = Yes
- Add Mail Trailer = No
- File Storage = 3M
- Files = 30
- Add Banner to HTML = No
Account Type = Multi-Mailbox
Real Name = cn City = Saint Petersburg Organization = Global Climate Spb Communigate Password = void First Name = givenName Family Name = sn Department = Staff Telephone Numbers = telephoneNumber
Bookmark this post on:
- Visit Best webmail interface? - HowtoForge Forums = HowtoForge - Linux Howtos and Tutorials
- Visit demo@openwebmail.amcpl.net - 11/15/2007 12:01:58 pm +0800 - ru_RU.KOI8-R - OpenWebMail (z)
- Visit Dovecot, Postfix with PAM authentication
- Visit forum.opennet.ru - "Horde Groupware Webmail Edition под Windows"
- Visit forum.opennet.ru - "Выбор софта для организации почтового сервера"
- Visit forum.opennet.ru - "На чем можно поднять web почту?"
- Visit forum.opennet.ru - "Работа с корпоративной почтой через инет. Какие варианты?"
- Visit Horde Documentation
- Visit Horde Groupware Documentation
- Visit Horde Groupware Webmail Edition Documentation
- Visit Horde Wiki FAQ Config
- Visit workaround.org: ISP-style Email Server with Debian-Etch and Postfix 2.3 (howto)
- Visit Microsoft Exchange 2007 - (5) :: В помощь системному администратору :: Компьютерный форум Ru.Board
- Visit NOCC Webmail
- Visit Open-Xchange : Open-Xchange Hosting Edition
- Visit RoundCube.Ru Форум -> Запросы на дополнения
- Visit RoundCube Webmail Project
- Visit RoundCube Webmail — Официальная поддержка в России / О программе
- Visit SquirrelMail - Webmail for Nuts!
- Visit XP-Hosting.com - качественный хостинг на серверах в США, всего от $1.5 в месяц!
- Visit Zimbra Collaboration Suite Log In
- Visit Групповые данные outlook, вебпочта IceWarp-Россия
- Visit Многоцелевой почтовый сервер: Открытые системы
Comments
Post new comment