Hexamail Server Configuration Reference [IMAP Server]
[IMAP Server]
This config section holds settings for the IMAP Server module. This module listens for incoming connections and allows mail to be sent to your company.
The following settings can be used in this section:
Enable
You can turn on/off the entire IMAP Server module using this switch
bool
On/Off, True/False, Yes/No, 1/0
On
Enable=On
Host
the explicit network address or hostname of the network card you wish the server to bind to. Typically you will want to leave this blank to ensure binding to the default network device. Setting this to 127.0.0.1 can render it impossible to connect to the application
text
Host=127.0.0.1
Port
the port you wish the server to bind to. If you are using Hexamail as the gateway for your company email, you will typically want to leave this on the default setting of 25
number
143
Port=143
PortEnable
You can optionally enable this protocol
bool
On/Off, True/False, Yes/No, 1/0
true
PortEnable=true
SSLPort
You can allow IMAP access over SSL on a separate port. 993 is the default standard for SSL enabled IMAP and will work with most email clients.
number
110 - 32000
993
SSLPort=993
SSLHost
You can allow IMAP access over SSL on a separate NIC/binding
text
SSLHost=192.168.2.23
SSLPortEnable
You can optionally enable this protocol over a secure channel using SSL. If you do not specify a certificate name using the SSLCertificate configuration parameter in the config file (.cfg) one will be created automatically for you. However, as this is an auto-created certificate it will not be signed by a certification authority and may cause warnings in the clients used to connect to this server. If the users of the clients accept the warnings, then SSL can be used immediately. If you do not wish users to see these warnings you need to obtain and install a valid, signed, SSL certificate for your server from a provider such as Thawte, or Verisign. You must then specify the certificate name in the SSLCertificate parameter of the configuration file.
bool
On/Off, True/False, Yes/No, 1/0
false
SSLPortEnable=false
SSLCertificate
WIN32: Choose a valid suitable certificate from those listed. If none are shown, then there are no suitable certificates installed on the server machine. You can install a certificate using IIS and then use that certificate from Hexamail. Certificates must be suitable for server authentication and secure channel encryption.
LINUX (OpenSSL): Specify the name/full path of a PEM certificate file valid for SSL server usage.
select
SSLPrivateKey
OpenSSL (LINUX) ONLY: You can optionally provide a separate private key PEM file. This must match the public key used of the certificate PEM file.
text
AuthMethods
This restricts the AUTH mechanisms that are allowed for clients. It requires a service restart to change the available mechanisms.
Note DIGESTMD5 is now obsoleted by RFC5802 - Salted Challenge Response Authentication Mechanism (SCRAM) with reasons mentioned in RFC6331
bool
On/Off, True/False, Yes/No, 1/0
PLAIN,LOGIN,NTLM,CRAMMD5
AuthMethods=PLAIN+NTLM
AuthHost
The hostname used for Authentication, e.g. mycomputer
text
<hostname>
AuthHost=<hostname>
AuthDomain
The domain used for Authentication, e.g. domain.com
text
<domain>
AuthDomain=<domain>
AuthFQDN
The FQDN used for Authentication, e.g. mail.domain.com
text
<FQDN>
AuthFQDN=<FQDN>
DisallowedIPList
This is the list of disallowed IP addresses that will not be allowed to connect to your IMAP Server. You can use wildcards and ranges (e.g. 192.168.0.0/16, 192.*.*.*, 192.10-50.*.*) or leave blank for no restrictions. By setting this connections from any IP that matches an entry in this list are prevented.
Note that if an IP matches an entry in the allowed IP address it is allowed regardless of matching a disallowed IP
text
DisallowedIPList=62.235.23.32
MaxConnections
You can allow a large number of simultaneous connections to provide for large amounts of email users. Set this high if you have lots of users all wishing to connect simultaneously.
number
16 - 4096
256
MaxConnections=32
MaxConnectCache
The total amount of RAM to use for caching during communications. A larger value will consume more of the machine's RAM but result in faster communications.
number
2 - 64 MBytes
12 MBytes
MaxConnectCache=16
AutoLogoutTime
IMAP clients typically keep open a permanent connection to the server.
Therefore if you have a large number of users who all use IMAP you may want to decrease this timeout to ensure you do not exceed the maximum number of connections simply because a lot of user's email clients are open, but inactive.
60 minutes
AutoLogoutTime=30
IdleTimeout
IMAP clients typically keep open a permanent connection to the server.
Therefore if you have a large number of users who all use IMAP you may want to decrease this timeout
to ensure you do not exceed the maximum number of connections simply because a lot of user's email clients are open, but inactive.
240 minutes
IdleTimeout=30
TemporaryFolder
The IMAP server makes temporary files. It stores them in this directory
text
temp/imap
TemporaryFolder=temp/imap
MaxRecvBandwidth
You can throttle the maximum bandwidth allowed for sending email clients to use when communicating with it. Typically you do not need to change this setting.
number
1 - 1000000 kbps
1000000 kbps
MaxRecvBandwidth=64
MaxSendBandwidth
You can throttle the maximum bandwidth allowed for sending responses to email clients. Typically you do not need to change this setting.
number
1 - 1000000 kbps
1000000 kbps
MaxSendBandwidth=64
DiagnosticLog
You can log the entire IMAP conversations to a log file for diagnostics/testing/issue resolution. The IMAP conversation is written to a log file in the logs directory called logs/imap_username.log. NOTE: IMAP diagnostic logging will affect performance.