Obtaining Access to Qurantined E-mails

E-mails kept in the quarantine mailbox are not available to normal users and are preserved in a separate account that cannot be accessed from the accounts list.

To discover quarantined e-mails, log in to the domain as an Administrator or a Delegated Admin with quarantine access, then search for the phrase virus in the search box. As a consequence, an account with the name virus-quarantine.@example.com will be created, where is a randomly generated string. Select View mail from the context menu by right-clicking on it. This will access the account’s inbox, where you may check your e-mails.

Protecting LDAP

Carbonio’s LDAP passwords employ the SHA-512 algorithm by default. While this algorithm is safe and has no known flaws, some institutions may require a more secure method.

Carbonio now supports LDAP password storing using the Argon2 algorithm as of version 23.4.0.

SHA-512 remains the default algorithm for Carbonio installations, however the new algorithm may be enabled via a two-step procedure.

However, before beginning the operation, it is recommended that an LDAP database dump be created using the instructions and commands described in Upgrade’s section Preliminary Tasks..

The initial part of the operation is up to the administrator, who must run the following script as the zextras user to activate the new Argon2 algorithm.

zextras$ /opt/zextras/libexec/scripts/migrate20230217-AddArgon2.pl

When the script is finished, Argon2 will be set as the default password for new passwords. Passwords for all new LDAP accounts will now be saved using Argon2. Existing passwords, on the other hand, will continue to utilise SHA-512.

The second stage is entirely up to the users: each user’s password will be saved in Argon2 only when they update it.


The Administrator can force a user to change password from the Carbonio Admin Panel by enabling option This user must change password, that appears in tab General when editing a user under Domains ‣ Accounts. See section Accounts for details.

Amavis Anti-Virus should be turned off.

There are times when an Administrator wants or has to disable Carbonio’s internal anti-virus engine, amavis, such as when utilising an external anti-virus engine or investigating an MTA issue in a test environment.

In such instances, the status of amavis can be manually deactivated via the CLI with the command

zextras$ carbonio prov mcf carbonioAmavisDisableVirusCheck TRUE

You may check the status of the variable and the service at any time.

zextras$ carbonio prov gcf carbonioAmavisDisableVirusCheck


If you never modified the value of the variable, this command may return no output, meaning that amavis is running.