Carbonio Email Service provider

Logo
Menu
Have a Question?

Each Node must meet the Hardware and Software Requirements listed below, whereas Firewall Ports must be opened only on the Node that hosts the appropriate service. Port 6071, for example, (safe access to the Admin Panel) must only be opened on the Node that has the Carbonio Admin Panel.

Hardware Prerequisites

These are the hardware requirements that must be met by each node. Because space needs for data vary greatly, the Disc Space given in the table only applies to the Operating System and not the data (e-mail quota and e-mail traffic, amount of documents kept, and so on).

Furthermore, you must consider the following:

The node that hosts Carbonio Storage and hence the emails need extra disc space.

To begin, the Carbonio Files service requires 4GB of RAM, thus ensure that the node hosting it has at least 6GB of RAM.

The Video Recording function necessitates more storage, which is difficult to predict. Indeed, it is dependent on a variety of elements, such as the number of participants and webcams active during the recording; the duration and size of the video; screen sharing of the recording, and so on. In general, a one-hour recording at 1280×720 at 25 frames per second would take up around 400MB of disc space in webm format.

As an example, if you set a 5GB limit to each of the 150 users, you must allocate 780GB of disc space to the node (30GB for the OS and 750 for user total quota).
 
Software Prerequisites
Carbonio is only available for 64-bit CPUs and may be installed on top of any vanilla installation of Ubuntu 20.04 LTS Server Edition or RHEL 8.
 
Before attempting to install Carbonio, the following prerequisites must be met.
 
Carbonio’s whole infrastructure must have at least one public IP address. The IP address must be connected with a domain name that corresponds to the A record in the DNS (for example, A mail.example.com).
To allow the mail server to receive mail, it will be necessary to set up an MX record, which must correspond to the A record (e.g. MX: example.com = mail.example.com ) If either of the A or MX records is not correctly configured, the installation will be temporarily suspended to allow the change of the hostname. See the dedicated box below for details and examples. For improved security of sending emails, you should also define TXT records for SPF, DKIM and DMARC Python 3, latest version available on the Operating System chosen Perl, latest version available on the Operating System chosen IPv6 must be disabled. Make also sure that the /etc/hosts does not contain any IPv6 entries.
 
Support for other distributions will be released as soon as it is available.
 
Specifications for RHEL 8
If you want to install Carbonio on RHEL 8, you must first complete the following activities.
Additional Conditions
  • It is required to be familiar with the use of CLI. All carbonio commands must be run as the zextras user (a zextras$ prompt will appear), whereas all other commands must be run as the root user, unless otherwise specified.
  • Give the nodes meaningful names. For instance, you may call them proxy.example.com, mta.example.com, and so on. Replace example.com with the name of your domain.
  • You will need to write down various configuration parameters and their values throughout the installation operation, as they will be required in the setup of the next nodes. These details are summarised at the end of each node’s installation: copy them to a secure location and keep them handy until the installation is complete. Examples of values are a node’s IP address (public or private) and a database user’s password.
  • Depending on the Roles placed on each Node, you must open the ports indicated in ref:fw-ports in your firewall for all of the services you will provide. If there are issues with internal network connection, consider disabling the firewall and retrying: if it works, it is likely that some firewall rule was inhibiting communication.
  • If none of the nodes are connected to the Internet, you must forward two ports from the public IP address: port 25/smtp to the Node with the MTA Role in order to receive mail, and port 443/https to the Node with the Proxy Role in order for users to access their webmail from a remote location.
  • If you intend to allow additional protocols (e.g., POP, IMAP), you must also forward these ports. A list of firewall ports may be found in the section Firewall Ports. If you don’t require these protocols, don’t open these ports!
  • Furthermore, for security concerns, port 6071, which is used to access the Carbonio Admin Panel, should never be exposed to the Internet and should only be accessible via a VPN tunnel or similar techniques.
  • The same is true for SSH access to Nodes: it should only be enabled from internal/management networks, and any remote access should be done over a VPN tunnel or analogous technique.
  • Each Node’s hostname must be a FQDN that may be resolved internally via DNS.
Carbonio requires SSL/TLS for communication, and in order to function correctly, network communication on particular ports must be allowed.
 
Internal Connections ports must be opened on all nodes, maybe in a dedicated network linking the Nodes, but External Connections ports should be opened only on the node where the matching Role is installed. For example, port 443 should only be opened on the node that hosts the Proxy Role.
 
Furthermore, ports in Internal and External connections are organised by the Role that requires them, therefore all ports indicated in a table must be opened only on the Node where the Role is installed.
External TCP Connections
To communicate with the Internet, these ports must be opened.
Internal TCP Connections
These ports must be opened in order for the Nodes to interact and utilise Carbonio’s internal services.