Domains
You may manage individual accounts, user quota and authentication, mailing lists, and other associated settings on the Domain page.
Domain information and domain management sections are accessible on the website.
Make a New Domain
Fill out the form that appears after clicking the CREATE button to create a new domain.
acme.exampleTwo types of options are available during the creation of a new domain:
General information
The only mandatory data to supply it the domain name, which is its FQDN. All other data are optional and can be set at a later point.
Important options that can be configured during the domain creation are the total number of accounts that can be managed for the domain and the e-mail quota. Also a description can be added.
GAL settings
Except for the GAL mode, currently only Internal, it is possible to define the account used to synchronise GAL information, the mail server used, which must be on the same domain (or in a compatible one, i.e., in a valid alias URL, see section Virtual Hosts & Certificate below).
The image below shows how a sample domain is created.
The Domain Details section contains more setup options for the domain, such as how to configure authentication and accounts in the domain.
Domain Information
It is possible to fine-tune the domain’s setup under the many subsections found in Domain Details. If a provided domain does not specify a value for the majority of the parameters (such the Time Zone), those values are inherited from the primary domain supplied.
General Preferences
Most of them exist when the domain is created and have an impact on the fundamental setup of the domain. Additional choices include the ability to choose the time zone, whether to use the HTTP or HTTPS protocol (we always recommend using the latter), and the mail server that will be used to transmit spam.
Additionally, the domain may have a default COS and its status associated.
COS statuses
A COS can be defined for a whole domain or an account and determines its status, that is, its ability to log in to the domain and access the e-mail. If the domain COS and a user’s COS differ, the resulting status of the account is shown. Each COS can be defined with one of the following five values.
Active. The COS is enabled, therefore the domain and its accounts can be used for everyday operations.
Closed. The domain is shut down, no access is granted, and all incoming e-mails are rejected.
Hint
This status overrides the individual accounts COS status.
Locked. In this state, user access is not possible, unless individual accounts are marked as Active. Incoming e-mails are regularly delivered to the accounts.
Maintenance. Users can not log in, their incoming e-mails are not delivered but are kept in a queue by the MTA. If the account’s status is closed, it overrides the domain status setting, that is, the user’s incoming e-mails are rejected.
Suspended. A status similar to maintenance, with the difference that no accounts or distribution lists can be changed. If the account’s status is closed, it overrides the domain status setting, that is, the user’s incoming e-mails are rejected.
We add a property to the domain that was established in the preceding step.
Force clients to connect only using https.
It is the FQDN (mail.acme.example) used by clients to connect to the domain and must correspond to the DNS A record to be reachable publicly. If the A record is set to a private IP address, to reach the WebGUI you need some mechanism, like e.g., a VPN tunnel.
The timezone is set to Hawaii’s time.
The COS used by the domain, which is left to the default one.
The DELETE DOMAIN button at the bottom of the page enables domain deletion. A dialogue detailing all domain-defined elements (accounts, mailing lists, resources, etc.) that will be removed along with the domain will appear when the button is pressed. There are two options: remove the domain and all of its contents or close the domain, maintaining all objects but restricting access.
Warning
The removal of the domain is an operation that can not be undone: all the items are gone forever.
The Global Access List
When creating an email or adding attendees to an event in the Calendar, for example, a GAL is a special account called the “GALSync Account” that holds all of the email accounts set up on the server and allows for rapid searches of email addresses. A GAL may be external (when configured on the LDAP used by Carbonio CE) or internal (when setup on Carbonio CE), or it may be both. You may switch the GALSync account’s email address from external to internal, vice versa, or both in this page. Additionally, you may modify some of its settings and add it, if it isn’t already there.
The period chosen in the Settings section of the page determines how frequently the GALSync account is updated.
Certificates & Virtual Hosts
A different name assigned to a domain that may be used to access the same domain is called a virtual host. The name must be registered on the domain’s DNS with an A record in order to use the virtual host. Then, users don’t need to use the domain to check in; they may only use their usernames.
You may link an SSL certificate to each virtual host. With just a few simple steps, Carbonio CE allows you to upload numerous SSL domain certificates from the Carbonio Admin Panel and link them to other domains.
Note
The generation of server-side certificates directly on Carbonio CE and the management of wildcard certificate are tasks that can be carried out from the CLI only: check out section Deploy an SSL Certificate if you need to use either of them.
The virtual host must be chosen before clicking LOAD AND VERIFY CERTIFICATE. You can input the three files that make up the authorisation chain (the Domain Certificate, the Certificate CA Chain, and the Private Key) in the first field of the dialogue, or you can copy the contents of the files directly into the relevant areas. Verify the certificates by clicking VERIFY; if everything is accurate, notice will appear. It will show that the certificate is valid. The certificate must be uploaded and used by clicking the I WANT TO USE THIS CERTIFICATE button. The certificates have been stored, and another message will appear. To finish the process, you must restart the node on which the proxy is installed unless you are on a single-node;
By selecting the corresponding button above the certificates themselves, you may REMOVE or DOWNLOAD the certificates.
Mailbox Limit
With the help of these options, you may provide a maximum limit (in bytes, with 0 denoting no restriction) for the amount of space that each account and the domain as a whole may consume. Another option is to define a number that, when reached, will send an email warning to a specified address. The settings set here are inherited by all newly created accounts, however they may be changed on a per-user basis.
A list of accounts and their utilised quotas may be seen at the bottom of the page, making it easier to keep track of user usage.