This config section holds settings for the Secure Messaging. This module allows users to read their email using a web browser.
The following settings can be used in this section:
Enable
You can turn on/off the Secure Messaging module using this switch
bool
On/Off, True/False, Yes/No, 1/0
On
Enable=On
ABShowUsers
Use this option to enable/disable showing of all users of the mailserver in every webmessage user's address book as readonly entries.
on
ABShowUsers=on
ABShowGroups
Use this option to enable/disable showing of all groups in every webmessage user's address book as readonly entries. You must have the group distributer module for this feature to be available.
on
ABShowGroups=on
UsersKeys
Unique public-private key pairs are used to encrypt the mailboxes of each user.
This results in email being strongly encrypted on your server. Once the user has chosen a password, there is no way to decrypt their mailboxes nor readvise or reset their passwords to gain access. You must delete the account and re-add it to re-enable access should a user forget a password.
on
UsersKeys=on
GlobalEncryptPass
If you are using global encryption this is the password used to encrypt and decrypt mailbox encryption keys
UsersAutoCreate
use this option to automatically create secure messaging users when an email is sent to any address matching your recipient expressions.
If you do not set this you will need to create or import all secure messaging users for secure messages to be sent to the users.
on
UsersAutoCreate=on
AutoLoginLinks
With this option set the links sent to notify recipients of new secure messages will automatically log them in to the secure messaging area.
If you uncheck this setting they will be automatically logged in the first time, and must set a password. After that they will have to remember and use the same password to login and retrieve their email.
If you are using per-user encryption keys then there is no way to reset a forgotten password and you will need to delete the account and all messages should a recipient forget their password.
on
AutoLoginLinks=on
RulexEnable
Enable this rule
bool
On/Off, True/False, Yes/No, 1/0
on
Rule%dEnable=on
RulexName
the name by which you wish to call this rule
number
RulexSubjectMatches
email with subjects that match any of these wildcard/phrase/substring will be secured. Leave blank to match for all emails (equivalent to *)
text
RulexContentMatches
The text and html content parts of the email are scanned for the content match expressions. The expressions are substrings and can include the wildcards * ('one or more of any character') and ? ('any single character')
text
RulexStartTime
only email sent between the start and end times will be secured
text
Rule%dStartTime=9:00
RulexEndTime
only email sent between the start and end times will be secured
text
Rule%dEndTime=17:00
RulexStartDate
only email sent between the start and end dates will be secured
text
Rule%dStartDate=12 July 2003
RulexEndDate
only email sent between the start and end dates will be secured
text
Rule%dEndDate=27 July 2003
RulexMinSize
only email sent between the min and max sizes will be secured
text
0 kbytes
Rule%dMinSize=0
RulexMaxSize
only email sent between the min and max sizes will be secured
text
0 kbytes
Rule%dMaxSize=0
RulexDateSource
You can use either the date as it appears in the email MIME headers (the Sent date) or the time and date that the email arrived at Hexamail Guard.
text
Headers
Rule%dDateSource=Arrival
RulexDays
only email sent on a day that match the selected days will be secured
email from any of these addresses will be secured. Leave blank to match for all emails (equivalent to *)
text
Rule%dFromMatches=forbidden@example.com
RulexRecipientMatches
email from any of these addresses will be secured. Leave blank to match for all emails (equivalent to *)
text
Rule%dRecipientMatches=forbidden@example.com
RulexIPMatches
email from any of these IP addresses will be secured. Leave blank to match for all email (equivalent to *)
text
Rule%dIPMatches=165.34.*.*
RulexAttachMatches
email with these attachment types will be secured. Use * to mean any attachment, leave blank not match on attachments, or specify attachment types like *.pdf
Use this option to configure a custom original message banner for use when a user replies to an email in the webmessage interface.
---- Original Message ----
OrigMessage=---- Original Message ----
AutoRefresh
Off
AutoRefresh=Off
AutoRefreshInterval
Automatically refresh list pages after the specified number of seconds
number
2 - 9000 seconds
60 seconds
AutoRefreshInterval=60
CompactUsers
User compaction automatically clears up any free space during quiet periods
bool
On/Off, True/False, Yes/No, 1/0
On
CompactUsers=On
CacheSize
User store cache size in MBytes
int
200 mbytes
CacheSize=200
ADCache
Cache ADSI password check results to prevent login issues on ADSI connectivity failures
bool
On/Off, True/False, Yes/No, 1/0
true
ADCache=false
RoutesInExpireDays
This setting controls when to expire inbound route information from the database
int
30 Days
RoutesInExpireDays=90
RoutesOutExpireDays
This setting controls when to expire outbound route information from the database. Use 0 to never expire outbound routes.
int
300 Days
RoutesOutExpireDays=90
Routes
This allows collection of email route information for all email. This will increase the RAM and disk usage and will be a little slower.
on
Routes=on
StatsRoute
This allows collection of time-based statistics for every email route detected. This will increase the RAM and disk usage of the statistics collected and will be a little slower.
For each route stats are collected for the quarterly, weekly and daily count, size, attachment count and attachment sizes. This can be up to 0.5GB for 200,000 routes.
off
StatsRoute=off
StatsAttach
This allows collection of attachment count and size statistics. This involves processing the MIME of every email so can be a little slower.
off
StatsAttach=off
ImportDomain
text
ImportMachine
If Active Directory is on the same machine as Hexamail try localhost as the hostname. If this does not work try a blank hostname.
If Active Directory is on another machine please specify the fully qualified network name of the machine.
Be sure to APPLY your settings to allow users to login using their Active Directory passwords once imported.
text
localhost
ImportMachine=Exchangeserver1
ImportPort
By default the port is 0 as this specifies default port to the ADSI COM objects.
Specify 389 to explicitly include the port in ADSI LDAP requests when this is necessary to resolve MS communications issues.
number
0
ImportPort=389
ImportBind
By default active directory connections bind to the RootDSE. You may want to change this to the default naming context in some circumstances with dsitrbuted or multiple active directory servers
text
RootDSE
ImportBind=RootDSE
ImportPartition
By default active directory connections use the domain partition. You may want to change this to a different parition in some circumstances with dsitrbuted or multiple active directory servers
Use this setting to enable automatic scheduled synchronization of the users from a CSV file.
bool
On/Off, True/False, Yes/No, 1/0
off
ImportCSVSchedule=off
ImportCSVScheduleMinutes
You can specify how often to attempt to import the csv file. If the file is not present the import will be retried after 1 minute. If the file is still being written when the import is attempted,
the import will be retried once the file has stopped changing size.
number
1 - 360 minutes
60 minutes
ImportCSVScheduleMinutes=60
ImportCSVSchedulePath
In order to schedule import from a CSV file you must specify the SERVER path to the file. The file must be accessible to the server software, and the path specified should be an absolute path to the csv file.
text
ImportADIRSchedule
Use this setting to enable automatic scheduled synchronization of the users from the configured active directory server.
bool
On/Off, True/False, Yes/No, 1/0
off
ImportADIRSchedule=off
ImportADIRScheduleMinutes
number
1 - 360 minutes
60 minutes
ImportADIRScheduleMinutes=60
ImportLDAPSchedule
Use this setting to enable automatic scheduled synchronization of the users from the configured LDAP server.
bool
On/Off, True/False, Yes/No, 1/0
off
ImportLDAPSchedule=off
ImportLDAPScheduleMinutes
number
1 - 360 minutes
60 minutes
ImportLDAPScheduleMinutes=60
ImportFieldMap
You can configure Hexamail Guard to remap imported fields to user fields.
This can be used for example to set the external POP/IMAP account download settings,
or change the contact settings from their default mappings.
In Exchange it is possible to add 15 custom attributes
to an active directory mailbox, and these should be referred
to using extensionAttribute1, extensionAttribute2 ... extensionattribute15
In Hexamail the following fields are used by the system and can be mapped to if required.
phone - Phone number for user
office - Office address
mobile - Mobile/Cellular number
title - Job Title
dept - Department
company - Company Name
other - Other field
sigcustom - Enable custom signature (on/off)
sigcustomtext - Custom sugnature text
sigcustomhtml - Custom sugnature html
p3denableui - Enable external account collection web interface (on/off)
p3denable - Enable external account collection (on/off)
p3dexpiretime - Expire email in external account (days)
p3dname - External account login username
p3dpassword - External account login password
p3dserver - External account server hostname or IP
p3dssl - External account ssl (on/off)
p3dport - External account port number
p3dprot - External account protocol (POP3/IMAP)
p3daction - External account action (Keep,Expire,Delete)
p3dschedule - External account schedule (minutes)
p3dfolders - External account IMAP folders to download
fwd - HEXAMAIL SERVER ONLY Enable forwarding for mailboxes (on/off)
fwddeliver - HEXAMAIL SERVER ONLY Also deliver forwarded mail to mailbox (on/off)
fwdaddr - HEXAMAIL SERVER ONLY SMTP email Address to forward to
mboxquota - HEXAMAIL SERVER ONLY Mailbox quota in megabytes
Other custom fields can be added just by mapping to a new unreserved name.