Note: If a user is granted the Master access right, that user can access all other sections.
Note: These access rights can be granted to the Accounts (users) in the Main Domain only. Accounts in secondary Domains can be granted domain administration rights only.
When a Server is installed for the first time, it creates the postmaster Account in the Main Domain, assigns a random password to that Account, and grants the Master access right to the postmaster user.
All CommuniGate Pro Server files - accounts, domains, mailboxes, settings, queues, etc. are stored in one place - in the Server base directory.
When the Server starts, it creates the following objects inside its base directory:
For more information about the Account and Domain files and directories, see the Account Data section.
You can use symbolic links to move some of these directories to other locations (and other disks).
Note: unless you create additional Domains ONLY the messages directed to addresses in the Main Domain will be processed as local. If the Main Domain Name is entered as company.com, then messages to mail.company.com will not be processed as local, and if such a message is received, the server will try to deliver it to the mail.company.com system over the network. If the DNS record for the mail.company.com points to the same Server computer, the mail loop error will be detected, and the message will be rejected.
If your server should process mail for several domains, enter the additional domain names as Main Domain Aliases (if those domain names should be mapped to the Main Domain), or create additional Secondary Domains.
Kernel problems are very unlikely to happen. If you see any problem with the Server,
try to detect which component is causing it, and change the Log setting of that component
(Router, SMTP, POP, etc.) to get more information.
If you see "exception raised"
messages in your CommuniGate Pro Log and/or in the OS system.log or mail.log,
you may want to disable this option and force the Server to stop when an exception is raised again,
and to produce a core dump file.
Core dump files can be uploaded to the Stalker ftp site for examination.
Stalker Software recommends you to disable this option if you are running any beta-version of the CommuniGate Pro software.
Open the Account Defaults page in the Domains section of the WebAdmin Interface if you want to set the Server-wide default language. If you want to set a default language for a particular Domain, open the Domains page of the WebAdmin Interface, open the Accounts or Settings page for the selected Domain and open the Domain Account Defaults page from there. Click the WebUser Preferences link to open the Default WebUser Preferences page.
Select the default Language and select a matching Preferred Character set: ISO-2022-JP for Japanese, KOI8-R for Russian, etc. If most of your users use modern Web browsers with the proper UTF-8 support, set the Use UTF-8 option to Reading and Composing.
Set the display names for the INBOX mailbox and the virtual MAPI Outbox folder. These strings are used only with the CommuniGate Pro own client components - the WebUser Interface and MAPI, so you can enter any valid mailbox name here, in any language. You can also change these names at any time.
Set the names for special mailboxes - Sent, Drafts, Notes, Trash, Contacts, Calendar, and Tasks. Please note that these names will be used with the CommuniGate Pro own client components only - the WebUser Interface and MAPI. To make the user's IMAP clients use the same mailboxes for the same purposes, the same mailbox names should be specified in the IMAP client configurations. If you change these names later, the new mailboxes will be created when a client needs to access a special mailbox: the already existing special mailboxes will not be renamed.
Open the Account Defaults page in the Domains section of the WebAdmin Interface if you want to set the Server-wide default time zone. If you want to set a default time zone for a particular Domain, open the Domains page of the WebAdmin Interface, open the Accounts or Settings page for the selected Domain and open the Domain Account Defaults page from there. Click the WebUser Preferences link to open the Default WebUser Preferences page.
Select the default Time Zone from the list. If you select the "built-in" zone (***), the Server will use a fictitious zone that has the same time difference with GMT as the Server OS has at this time. This zone has no support for daylight saving time and it cannot be used for sending recurrent events outside your Server. Unless your Time Zone is not listed, avoid selecting the "built-in" zone.
On Unix and OpenVMS platforms you can use the startup script with the stop parameter, or you can get the Server process id from the ProcessID file in the base directory and use the kill command to stop the server. On OpenVMS platforms the KILL.EXE program can be found in the application directory.
On the Windows NT platform, you can use the Services control panel to stop and start the CommuniGate Pro server.
You can also use the shutdown CLI API command to stop the server.
When the Server receives a shutdown request, it closes all the connections, commits or rolls back mailbox modifications, and performs other shutdown tasks. Usually these tasks take 5-15 seconds, but sometimes (depending on the OS network subsystem) they can take more time. Always allow the Server to shut down completely, and do not interrupt the shutdown process.
The Server places records into the OS log:
The system Log is:
CommuniGate Pro can "drop" the root privilege. The privilege can be dropped in the "permanent" or "reversible" mode. When asked to drop the root (uid=0) privilege, the Server changes its UID:
When the root privilege is dropped, the following restrictions apply:
If the root privilege was dropped in the "reversible" mode, the root privilege can be restored. For example, if you need to open a listener on the port 576, but the Server root privilege has been dropped, you should restore the root privilege first, then open the listener port, and then you can drop the Root privilege again.
To drop the root privilege permanently, use a special Command Line Option.
To drop the root privilege in the "reversible" mode, click the "Drop Root" button on the General page. The button should change to the "Restore Root" button - you can use it to restore the Server root privilege. This option is not available on those platforms that cannot drop the root privilege correctly (Linux).
A Domain Administrator can control the Domain using the same WebAdmin port (see HTTP module description for the details), or using the Command Line Interface (API) commands. Domain Administrator access is limited to his Domain (and, optionally, to certain other domains), and to explicitly allowed Domain and Account settings and operatons.
When you grant the Domain Administrator access right to a user, you will see
a list of specific access rights - the internal names of Domain and Account Settings.
Each option controls the settings this Domain Administrator can modify, and the operations this Domain Administrator can perform.
Domain Administrator access rights can be granted to users by a Server Administrator with the All Domains and Account Settings access right.
A System Administrator with the All Domains and Account Settings access right can perform all operations potentially available to a Domain Administrator in any Domain.
Note: when a Domain Administrator connects to the Domain WebAdmin Interface, the browser displays the Login Dialog Box. If the Administrator Account is in a different Domain, the full account name (accountName@domainName) should be specified.
|AutoSignup||WebUser Interface: Auto-Signup Setting|
|TrailerText||WebUser Interface: Mail Trailer Text Setting|
|WebBanner||WebUser Interface: Web Banner Text Setting|
|WebSitePrefix||WebUser Interface: Personal Web Site Prefix Setting|
|Foldering||Large Domains: Foldering Method Setting|
|FolderIndex||Large Domains: Generate Index Setting|
|RenameInPlace||Large Domains: Rename in Place Setting|
|AllWithForwarders||Mail to All: Send to Forwarders Setting|
|MailToAllAction||Mail to All: Distributed for Setting|
|ExternalOnUnknown||Unknown Names: Consult External Authenticator Setting|
|MailToUnknown||Unknown Names: Mail to Unknown Names Setting|
|MailRerouteAddress||Unknown Names: Mail Rerouted to Setting|
|SignalToUnknown||Unknown Names: Signal to Unknown Names Setting|
|SignalRerouteAddress||Unknown Names: Signal Rerouted to Setting|
|CentralDirectory||Directory Integration Setting|
|CertificateType||Security: Domain PKI Settings|
|KerberosKeys||Security: Kerberos Keys|
|RelayAddress||SMTP Sending: Send via Setting|
|recipientStatus||SMTP Receiving: When Receiving Setting|
|CanCreateAccounts||Create, rename, and remove Accounts|
|CanCreateGroups||Create, rename, remove, and modify Groups|
|CanCreateLists||Create, rename, and remove Mailing Lists|
|CanAccessLists||Modify Mailing Lists|
|CanPostAlerts||Post Domain and Account Alerts|
|CanAdminSubDomains||Administer other Domains|
|CanModifySkins||Manage Domain Skins|
|CanModifyPBXApps||Manage Domain Real-Time Applications|
|CanAccessMailboxes||Unrestricted Access to all Account Mailboxes|
|CanAccessWebSites||Unrestricted Access to all Personal File Sites|
|CanCreateWebUserSessions||Manage WebUser sessions via CLI|
|CanImpersonate||Ability to Impersonate|
|BasicSettings||Basic Settings: Password, RealName, Custom and Public Info settings|
|WebUserSettings||WebUser Interface Settings|
|MaxAccountSize||Resource usage limits: Mail Storage|
|MaxMailboxes||Resource usage limits: Mailboxes|
|MaxWebSize||Resource usage limits: Web Storage|
|MaxWebFiles||Resource usage limits: Web Files|
|QuotaNotice||Mail Quota Processing: Send Notice|
|QuotaAlert||Mail Quota Processing: Send Alerts|
|QuotaSuspend||Mail Quota Processing: Delay New Mail|
|UseAppPassword||CommuniGate Password: Allow to Use|
|PWDAllowed||CommuniGate Password: Allow to Modify|
|PasswordEncryption||CommuniGate Password: Encryption|
|RequireAPOP||Authentication methods: Secure only|
|UseSysPassword||Authentication methods: Enable OS Password|
|OSUserName||Authentication methods: Server OS user name|
|UseExtPassword||Authentication methods: External Authentication|
|RulesAllowed||Automatic Processing: Rules|
|RPOPAllowed||Automatic Processing: RPOP Accounts|
|MailToAll||Miscellaneous options: Accept Mail to all|
|AddMailTrailer||Miscellaneous options: Add Mail Trailer|
|AddWebBanner||Miscellaneous options: Add Web Banner|
|DefaultMailboxType||Miscellaneous options: New Mailboxes|
|DefaultWebPage||Miscellaneous options: Default Web Page|
Each CommuniGate Pro WebAdmin realm has its own WebAdmin Preferences page. Click the icon on any of the WebAdmin pages to open the Preferences page.
The specified Preferences are stored as one of the Administrator Account Setting attributes, so different administrators can have different Preferences.
To modify the Domain WebAdmin Interface pages, connect to the server WebAdmin Interface as a Server Administrator, open the Domain Settings page and click the WebAdmin link. The list of WebAdmin files will appear. Click the Accounts link to open the subdirectory containing the files used to compose WebAdmin pages in the "Account" realm:
If the file exists in the Domain WebAdmin storage, its name is marked with a check box in the Marker field. You can select the check box and click the Delete Marked button to remove the custom file(s) and make the Server use the default WebAdmin files.
The Server Administrator can also upload custom files to the "default" WebAdmin storage. Those files will be used in all Domain WebAdmin Interfaces unless a Domain has the same file explicitly uploaded into its WebAdmin Interface storage.
To upload the "default" WebAdmin files, use the Server WebAdmin Interface as a Server Administrator, and open the WebAdmin link on the Domains page. If your server is a member of a Cluster, an additional panel appears. This panel allows you to upload files either as the default Domain WebAdmin files for all non-shared (this-server-only), or for all shared (cluster-wide) Domains.
If the file does not exist in the Domain WebAdmin storage, the default file (server-wide or cluster-wide, depending on the Domain type) is used. If this file does not exist, the file from the application directory WebAdmin subdirectory is used.
To modify some element of the WebAdmin Interface:
If the WebAdmin directory/subdirectory did not contain a custom copy of the uploaded file, you will see the default file marker changing to a checkbox. If a custom version of that file already existed in the WebAdmin directory/subdirectory, the old version is replaced with the uploaded one.
To remove a custom version of a WebAdmin Interface file, select the checkbox on the left of that file name and click the Delete Marked button. If the file with that name exists in the default WebAdmin subdirectory or in the application directory WebAdmin subdirectory, the file name does not disappear from the WebAdmin Interface Editor page, but the name gets the default marker indicating that the default (or "stock") version of the file will be used again.
Note:The Server WebAdmin interface always uses the files located in the WebAdmin subdirectory of the application directory. If you modify the WebAdmin interface for the main domain, the modified pages will be used when a Domain Administrator of the main domain uses the WebAdmin Interface. The Server Administrator will see the framed version of the WebAdmin Interface (with the Settings, Domains, Directory, and Monitors realms) and the "stock" WebAdmin files will be used to compose the Server WebAdmin Interface pages.
To modify the Server Strings, the administrator should follow the Strings link on the General Settings page. The Server Strings page appears (the actual page has much more strings):
To modify a Server String, enter the new text in the text field, and select the upper radio button. To change the string to its default value (displayed under the text field), simply select the lower radio button.
Click the Update button to update the Server Strings.
Server Administrators with the Can Modify Settings access right can modify the Resolver settings. Open the Obscure page in the Settings section of the Server WebAdmin Interface:
The Resolver records in the System Log are marked with the DNR tag.
If a response is not received, the Resolver resends the request, and waits twice the initial time period, if it times out again, it can resend the request again and it will wait three times longer than the initial time period.
If you have several Domain Name Servers specified, each time the Resolver needs to resend a request, it sends it to the next DNS server in the list.
Note: when a request is an RBL request, the Resolvers sends the same request not more than twice, and both times it uses the same (Initial) response time-out.
If the Custom option is selected, the CommuniGate Pro server will use the DNS servers addresses listed in the text field next to this pop-up menu.
If no DNS server address is specified, the CommuniGate Pro server uses the 127.0.0.1 address, trying to connect to a DNS server that can be running on the same computer as the CommuniGate Pro server.
When a domain name is resolved into IP addresses, the Resolver checks the first address. If this address is listed in the Dummy IP Addresses list, the Resolver returns the "unknown host/domain name" error code.
The Domain Name Resolver uses TCP connections if the server UDP response came back with the "Truncated" flag set. This feature allows the Resolver to retrieve very large records from DNS servers.
A Network Address List is specified as multi-line text data.
Each line should include either:
The first IP address can be preceded with the exclamation point ! sign. In this case the specified address or the address range is excluded from the list composed using the preceding lines.
A comment (separated with the semicolon (;) symbol) the can be placed at the end of a line. A line starting with a semicolon symbol is a comment line.
To specify the External Helper program path and other parameters, open the General page in the Settings realm of the WebAdmin Interface and click the Helpers link:
The checkbox next to the Helper name tells the Server to start the specified program as a separate OS process.