This page is out of date, please use our new website

SurgeMail Configuration Settings Overview

This page is an automatically generated top level overview of all the surgemail settings.

Domain Specific Settings

  1. abook - Define surgeweb shared address books for this domain
  2. access_group_default - Default group to place users in
  3. admin_access_default - Default admin features granted to domain admins in this domain
  4. alias_file - Alias translation file for this domain, unix format
  5. alias_max - Maximum number of aliases for this domain
  6. assume_created_epoch - If user has no 'created' field assume they were created an arbitrarily large time in the past
  7. att_in - Detach attachments for incoming messages
  8. att_in_keep - Days to keep incoming attachments
  9. att_send - Detach attachments when sending messages
  10. att_send_keep - Days to keep sent attachments
  11. blogs_max_per_user - Number of blogs each account can create
  12. broad_sync - Broadsoft Sync Enable
  13. centipaid - Enable CentiPaid feature for matching accounts
  14. class - Define class of user for following commands to apply to
  15. comment - Management notes and comments about the domain
  16. create_block - Block new users from this ip
  17. create_cleanup - Cleanup existing data before adding a user
  18. create_delete_days - Number of days a disabled new account remains before deletion
  19. create_disable_days - Number of days new accounts remain active for
  20. create_image - Use verification image on signups
  21. create_linkto - Link to redirect to after successful live account creation
  22. create_max - Maximum signups from ip in time period
  23. create_repass - Users must enter their password twice on creation
  24. create_reqd - Required fields for new users, e.g. (phone,age)
  25. create_subdomain - Allow users to have their own subdomain - NO LONGER SUPPORTED
  26. create_tpl_dir - Relative directory (from /web) where 'netauth' pages are stored
  27. create_user - Method for adding new users
  28. delete_user_after - Number of days an account can remain unread before it is deleted
  29. disable_smtp_after - Number of days an account can remain unread before delivery is disabled
  30. disable_surgeplus - Disable SurgePlus Calendar/File Sharing
  31. dmail_bin_path - Path for dmail bin files to automatically convert delivered mail
  32. dmail_deliver - Deliver messages into dmail drop directories (not supported)
  33. dmail_drop_path - Path for dmail / sendmail style drop files to automatically convert delivered mail
  34. dmail_drop_prefix - Whether prefix is used on drop file names
  35. dmail_hash - Hashing scheme used by dmail_drop_path and dmail_bin_path
  36. dmail_skip_imap - Skip conversion of old imap *.mbx folders
  37. encrypt_ifnew - Allow surgeweb ifnew options
  38. encrypt_limit - Max encrypted msgs per user per day
  39. encrypt_limitsz - Max size of encrypted msgs per user per day
  40. encrypt_noconfirm - Disable confirmation for encrypted messages
  41. encrypt_rule - Default if no domain level rule
  42. encrypt_smart - Encrypt smart features enabled for this domain
  43. encrypt_subject - Subject when encrypted message sent - default is original subject
  44. encrypt_surgeweb_hide - Hide lock icon on surgeweb
  45. encrypt_token - This setting is not used, instead use smart and ifnew settings
  46. enotify_from - From address to use in email notification messages
  47. expire_age - Expire inbox mail older than (days) CAUTION!
  48. expire_att_age - Remove attachments older than this
  49. expire_att_size - And larger than this
  50. expire_rule - Expire rules for specific folders, age is in days - Caution!
  51. expire_size - and larger than this
  52. fallback - Default address for this domain, NOT RECOMMENDED
  53. fallback_always - Also relay to old system even if user does exist - not recommended
  54. fallback_check - Check if user exists on fallback_relay host before accepting it
  55. fallback_domain - Fallback domain, rcpt is rewritten @ this domain name
  56. fallback_force - Use fallback even if user does exist as migration not started yet
  57. fallback_mx - Use mx lookup to find ip address for fallback_relay setting
  58. fallback_relay - Host to send messages to if user doesn't exist here
  59. fallback_users - Path to file listing all users to user fallback_relay for
  60. footer_file - Text footer file for this domain, FULL PATH required
  61. footer_html - HTML footer file for this domain, FULL PATH required
  62. forward_illegal - Ban forwards to these addresses
  63. friends_at_rcpt - Whether to check users friends list at rcpt stage
  64. friends_pending_name - The imap name of the friends_pending folder default is 'Friends Pending'
  65. friends_url - Specify full url for friends release domain specific setting
  66. from_exact - Check from matches authenticated user
  67. gateway_to - Send all email to another server
  68. header_add - Add header to posts 'from' this domain
  69. host_alias - Alternate name(s) for this domain
  70. imap_max_sync - Limit remote imap sync to this many items (not recommended)
  71. imap_public - Share IMAP folders between users
  72. imap_public_show - Auto subscribe public folders
  73. inbox_archive - Archive old messages to Archives/yyyy/INBOX folder, age in days
  74. language_default - Default language for user web interface
  75. late_forward - Apply domain users forwarding rules after friends, spam, and filtering
  76. ldap_anydomain - Lets users search other than their own domain in ldap
  77. ldap_disable - Stops ldap logins by users of this domain
  78. legal_archive_admin - Enable archive searching for domain admins
  79. legal_archive_disable - Disable legal archive for this domain
  80. legal_archive_hide - Hide legal archive for this domain
  81. legal_archive_keep - Days to keep legal archive, units=days unless you specify years or months
  82. list_disable - Disables creation of mailing lists.
  83. list_max - Maximum number of mailing lists for this domain.
  84. list_max_users - Maximum number of users allowed in all lists in this domain.
  85. loginfails - Disconnect user after this many password guesses
  86. lookup_relay_on_from - Looks up local from addresses to check for relay="true"
  87. mailbox_path - Path to mailbox (inbox) files
  88. manager_anyuser - Allow first domain admin to login to any users account
  89. manager_email - Domain managers email address (for email based account creation confirmation)
  90. manager_username - Domain managers username (for web based domain administration)
  91. msg_max_in - Max size for messages to users in this domain, largest applied if multiple recipients
  92. msg_max_out - Max size for messages sent by authenticated users of this domain
  93. old_imaphost - Old IMAP server:port - transition IMAP accounts and folders if user doesn't exist
  94. old_imaphost_always - Retrieve mail from old imap host on each login (slow - particularly for webmail)
  95. old_imaphost_createuser_disable - Disable old_imaphost user creation on first login
  96. old_imaphost_dom - Migration - Alternative domain on old server for login, also set fallback_domain.
  97. old_imaphost_file - Migration based on file
  98. old_imaphost_lowercase - Migration - All migrated folders are lowercase.
  99. old_imaphost_nodelete - Leave mail on the old server (disables old_imaphost_always)
  100. old_imaphost_nodomain - Strip domain from username when logging into old imap host
  101. old_imaphost_pass - Migration based on file - password field
  102. old_imaphost_prefix - Prefix for old imap server, e.g. mail//
  103. old_imaphost_skip - Migration - Comma seperate wild card list of migrate folders to skip past.
  104. old_imaphost_user - Migration based on file - user field
  105. old_inbox_both - Use pop & imap to migrate the inbox
  106. old_pophost - Old pop server:port - transition accounts and pending messages if user doesn't exist
  107. old_pophost_always - Retrieve mail from old pop host on each login
  108. old_pophost_bind - Bind outgoing connection during pop migration
  109. old_pophost_createuser_disable - Disable old_pophost user creation on first login
  110. old_pophost_inbox - Use pop to migrate the inbox and maintain uidls
  111. old_pophost_nodelete - Leave mail on the old server (disables old_pophost_always)
  112. old_pophost_nodomain - Strip domain from username when logging into old pop host
  113. old_pophost_nofetch - Disable fetching messages from pop host
  114. old_pophost_sep - Seperater, default is '@', e.g. some systems use %
  115. old_smtphost - SMTP host to check for existing users (when creating new accounts)
  116. old_smtphost_skip - Who to disable SMTP host checks for
  117. old_xfile - Migration - Copy xfile data across
  118. pop_min_time - Min seconds between pop logins (see warning)
  119. pop_welcome - POP connection message
  120. prefix - Database username prefix (deprecated, compatibility only)
  121. proxy_pop_nodomain - Strip domain when talking to proxy pop host
  122. quota_default - Default quota
  123. quota_domain - Total quota for the domain, e.g. 300mb, 2gig
  124. rcpt_msg - Response given for invalid recipient errors, message is prefixed by email address.
  125. recycling_imap - Make recycling visible to IMAP users
  126. redirect - Redirect messages from 'was' to the new 'to' address
  127. redirect_cc - Send carbon copy to another address
  128. redirect_hash - Share incoming message evenly between several accounts
  129. redirect_max - Limits the number of redirect rules
  130. security_suffix - Suffix for smtp/imap/pop login
  131. send_helo - Mail host A Record name used when sending helo to other servers - requires g_send_helo_from true
  132. sent_archive - Archive old messages to Archives/yyyy/Sent folder, age in days
  133. sent_store - Store users message in named folder automatically, e.g. Sent
  134. smtp_auth_off - Disable SMTP AUTH from unknown ip addresses
  135. smtp_from_ip - Require incoming email from matching ip
  136. smtp_welcome - SMTP connection message must start with hostname
  137. smtp_welcome_name - SMTP welcome connection hostname
  138. spam_block - Default for this domain to block spf etc failures
  139. spam_noblock - Disable spf blocking for this domain
  140. spam_strip - Strip spamdetect headers for this domain
  141. ssl_alias - Alternate ssl host names, e.g.,,
  142. ssl_allow - IP Wild card list to allow SSL encryption from
  143. ssl_hsts - Send HSTS header to prevent accidental http access. Dangerous security feature if HTTP is ever needed
  144. ssl_pop_domain - Domain to use for ssl certificates for POP and IMAP
  145. ssl_require_login - Require ssl for this domain
  146. ssl_require_web - Require https for most web features (excluding blogs file sharing and surgeplus)
  147. ssl_wildcard - Use if your ssl certificate accepts wildcards, e.g. *.my.domain
  148. status_url - Specify full url for status message e.g. domain specific setting
  149. surgeplus_pop_server_name - Default POP server for SurgePlus clients
  150. surgeplus_smtp_server_name - Default SMTP server for SurgePlus clients
  151. surgewall - Surgewall - Proxy this domain to specified mail server
  152. surgewall_auth - SurgeWall SMTP authentication
  153. surgewall_capa_local - Just return local imap capa response rather than remote
  154. surgewall_local_too - For web domain admin try local database too
  155. surgewall_options - Various SurgeWall options
  156. surgewall_saveusers - Save users in the local database as they login
  157. surgeweb_backend_server - Backend server to connect to
  158. surgeweb_backend_smtp - Backend smtp access (if non default)
  159. surgeweb_backend_web - Backend web access - for usercgi /surgeplus (if non default)
  160. surgeweb_custom - Surgeweb customisation level
  161. suspend - Disable logins for entire domain
  162. suspend_incoming - Disable delivery and give 450 retry message
  163. url_alias - Allows translation from one url to another
  164. url_blogs - BLOGS host A Record name (if different from MX Record name - eg.
  165. url_host - Mail host A Record name (if different from MX Record name - eg.
  166. user_access_default - Default user features granted to users in this domain
  167. user_alias - Number of aliases accounts can create
  168. user_auto - Auto create users when a login attempt occurs
  169. user_auto_always - Always create/reset password, other user* settings required.
  170. user_auto_pass - Auto create users with this password on message delivery
  171. user_centipaid - User Centipaid configuration options
  172. user_hide_security - Hide security logs from users
  173. user_list_quota - Number of mailing lists users can create
  174. user_max - Maximum number of users in this domain
  175. user_report - Daily,Weekly,Monthly, emailed to manager
  176. user_send_max - Maximum number of emails per day (requires SMTP AUTH)
  177. user_sms - Allow users to set up sms notifications
  178. user_sms_quota - Number of sms messages per account
  179. user_status_send - How often to send user status messages (0 = never)
  180. web_access_ip - Restrict access to web ports based on ip
  181. web_path - Path to web admin pages
  182. web_url_path - Url to path translation with access specifier
  183. webdav_quota - Webdav quota per user in this domain, e.g. 100mb
  184. webmail_host - The ip address or name of the machine to instruct webmail to connect to.
  185. webmail_url - Url to the WebMail cgi
  186. webmail_urladd - Url data to append to WebMail auto-login link
  187. webmail_workarea - Path to WebMail workarea
  188. xfile_url - Url to xfile files (see surgeplus utility)

Global settings

  1. g_about_disable - Disable about web page
  2. g_access_group - Grouped per user access limitations
  3. g_access_group_default - Default group to place users in
  4. g_access_surgeweb - Apply g_access_group rules to surgeweb sessions based on client's address
  5. g_access_webonly - Users in this group can only use web not imap or pop
  6. g_acctlog_aliases - Log redirection & aliases in account usage too
  7. g_acctlog_noauth - Log sending usage based on from which may be fake
  8. g_acctlog_sum_inactive - Summarise local accounts that have not logged in yet as
  9. g_admin_access - Domain admin features granted to access groups
  10. g_admin_access_default - Default admin features granted to domain admins
  11. g_admin_guesses - Max guesses per IP for web admin access, e.g. 15
  12. g_admin_ip - Mask of valid IP addresses for web admin users (default *)
  13. g_admin_localhost - Allow localhost web admin without user/pass
  14. g_admin_readonly - System admins with readonly access to the management interface
  15. g_admin_utoken_expire - Length of time a web admin session is valid for
  16. g_admin_utoken_idle - Length of time a web admin session may remain idle for
  17. g_alias_login_disable - Disable user login as alias
  18. g_allow_bodyless - If true bodyless mail messages will be accepted (usually spam)
  19. g_allow_passzip_from - A list of addresses to allow unmonitorable archive messages to be sent from
  20. g_allow_passzip_to - A list of addresses to allow unmonitorable archive messages to be sent to
  21. g_allow_user_authent_field_get - A space separated list of authent process fields that users are allowed to view for themself using the POP xauthent_field_get command
  22. g_allow_user_authent_field_set - A space separated list of authent process fields that users are allowed to set for themself using the POP xauthent_field_set command
  23. g_apple_bug1 - Apple bug allow content-length headers
  24. g_apple_bug2 - Apple bug2 don't try and return bad if looping
  25. g_archive - Archive messages that match these rules
  26. g_archive_bucketsize - Size for archive bucket files. Default is 1mb
  27. g_archive_early - If true apply archiving before filtering is applied (superceeded by early flag on g_archive)
  28. g_archive_files - Archive attachments to a directory
  29. g_archive_on_delete_dir - Directory to archive user files to on delete
  30. g_archive_on_delete_off - Disables archive and instead deletes the files immediately
  31. g_archive_tcpip - Rules for TCPIP archive process
  32. g_archive_tcpip_host - Host to send archive data too
  33. g_aspam_headers - Add aspam information messages to messages.
  34. g_aspam_need_ip - Require good matches to match external ip address
  35. g_assume_created_epoch - If user has no 'created' field assume they were created an arbitrarily large time in the past
  36. g_atrest_all - Auto encrypt all msgs when users next login
  37. g_atrest_api - Enabe api for enabling atrest encryption - not needed
  38. g_atrest_crazy - No recovery admin password needed
  39. g_atrest_enable - At rest encryption. Unwise usually!
  40. g_atrn_client - Define a rule for fetching email using ATRN protocol
  41. g_atrn_port - Port to listen for 'atrn' (On Demand Relay) requests
  42. g_atrn_server - On Demand Mail Relay settings to define user/pass for clients to fetch mail
  43. g_att_enable - Allow users to enable attachment storage option
  44. g_att_in - Enable for incoming (by default)
  45. g_att_in_keep - Days to keep incoming attachments (2000)
  46. g_att_info - One line text explaining about the attachments
  47. g_att_max - If total msg exceeds this reduce g_att_min/10
  48. g_att_min - Min size to store, dflt 200k
  49. g_att_path - Path to store attachments
  50. g_att_send - Enable when sending (by default)
  51. g_att_send_keep - Days to keep sent attachments (90)
  52. g_attach_convert - Process matching attachments with specified command. Passed two files names
  53. g_auth_hide - Disable SMTP Authentication for this IP List/Wild card address
  54. g_auth_norelay - Ignore SMTP auth for relaying purposes
  55. g_auth_norelay_webok - Allow surgeweb sessions anyway.
  56. g_auth_path - Path to nwauth files
  57. g_auth_skipgateway - Skip gateway rules if we get a proxy SMTP auth command
  58. g_auth_trust - Trust authenticated user header from these servers
  59. g_authent_addip - Send ip address as third parameter to authent module
  60. g_authent_allow_badascii - Allow ascii chars outside the range 32 < 127
  61. g_authent_always - Always lookup user, so virtual domains can exist just in authent module, looses existing users files
  62. g_authent_any - Restore buggy behaviour of looking up users in domains that don't exist
  63. g_authent_cachebad - Set the life in seconds that the cached failed lookups can be used, default 60 seconds
  64. g_authent_cachelife - Set the life in seconds that cached authent lookups can be used, default 1 hour
  65. g_authent_cachesize - Set the size of the authent cache, default is 500 entries
  66. g_authent_case_sensitive - Make passwords case sensitive
  67. g_authent_decrypt - Collect and store plain text passwords for migration in file pass.decrypted
  68. g_authent_domain - If true add to external user lookups, replaced with g_authent_nodomain setting
  69. g_authent_encrypt_key - Encryption key config settings
  70. g_authent_enforce - Days till we prevent user from logging in, NOT RECOMMENDED
  71. g_authent_fwdfile - Enables reading of old dmail .fwd files
  72. g_authent_info - User info names, fields and access rules
  73. g_authent_info_grp - Fields to show to users in this group
  74. g_authent_ip - Lookup ip numbers in authent database with @ip added, to find send_limit=n values, must define tarpit_max_remote and g_tarpit_drop
  75. g_authent_last_login - Store users last login time in the database
  76. g_authent_logall - Turns on logging of authent requests
  77. g_authent_lookup - Check if accounts exist using g_authent_pass too
  78. g_authent_nodomain - If true dont add to external user lookups (NOT RECOMMENDED)
  79. g_authent_number - Number of authent processes to run
  80. g_authent_pass - Authent process to check passwords with
  81. g_authent_path_broken - Allow authent module to return drop path, strongly discouraged, and BROKEN!!
  82. g_authent_prefix_sep - Prefix separator, defaults to an underscore, a single character
  83. g_authent_process - Authent process command line
  84. g_authent_reminders - Days till we remind user to change password
  85. g_authent_require - Days till we require user to change password
  86. g_authent_restart - Cycle auth modules every 1000 lookups
  87. g_authent_single - Allow local users with a single quote char in their name
  88. g_authent_spaces - Allow spaces in passwords DO NOT USE
  89. g_authent_strip_domain - Domain to strip when doing authent lookups
  90. g_authent_timeout - Timeout for authent response, default 60 seconds
  91. g_autologin_file - File to use to share auto login information on NFS based cluster
  92. g_autologin_imap_disable - Disable IMAP based autologins
  93. g_autologin_newlogic - Streamlined logic for surgeweb to user.cgi autologin handover
  94. g_autologin_pop - Performs auto-logins using pop3, used by webmail
  95. g_backtrace_disable - If true backtrace code is disabled on unix
  96. g_bad_login_allow - Number of consecutive bad logins for a user before blocking that user
  97. g_bad_login_dumb - Give login failures even if known address
  98. g_bad_login_ip_allow - Number of bad logins from an ip before blocking that ip
  99. g_bad_login_ip_ignore - IP address(es) to allow any number of bad logins from
  100. g_bad_login_lockout - Lockout addresses permenantly - use if DOS attack
  101. g_bad_login_mins - Minutes to block login for, if consecutive bad ones received
  102. g_badfrom_badmx - If mx host is one of these addresses then drop the message, it's definitely spam (e.g. 127.*)
  103. g_badfrom_check - Check env from by connecting to it, always tick 'stamp' rule too or messages will bounce! NOT RECOMMENDED. DISABLED NOW!
  104. g_badfrom_from - From to use when doing the check, not normally needed, if set must be set to valid account
  105. g_badfrom_noip - Check envelope from domain exists and is a valid ip number, if not reject message
  106. g_badfrom_noip_temp - Makes g_badfrom_noip return a temporary error instead of a 501 error
  107. g_badfrom_stamp - Instead of bouncing message, just stamp a header to show if from address is no good
  108. g_badfrom_whitelist - List of domains that we don't try badfrom checking on (see g_smite_skip)
  109. g_ban_blackhole - Leave connected but reject all recipients without looking them up
  110. g_ban_from - Disconnect if this wild card matches the from envelope
  111. g_ban_helo - Disconnect if user says 'helo xxx' (or wildcard)
  112. g_ban_rcpt - Disconnect any user delivering to this address/wildcard
  113. g_bank_debug - Log request to bank server
  114. g_bank_group - Create price groups with descriptions
  115. g_bank_log - Log lines matching this in response.
  116. g_bank_ok - Find this in response, if found then charge was successful
  117. g_bank_pass - Password for authenticated web request to banks system
  118. g_bank_reason - This line is returned to user if it is found
  119. g_bank_url - URL to charge a credit card (experimental)
  120. g_bank_user - Username for authenticated web request to banks system
  121. g_bind_authent_default - Bind to default if authenticated
  122. g_bind_byfromip - Bind outgoing SMTP connections to the specified IP based on the sender IP
  123. g_bind_from - Bind outgoing SMTP connections based on 'from' envelope
  124. g_bind_in_always - Bind on incoming in preference to g_bind_from
  125. g_bind_incoming - Bind outgoing SMTP connections based on incoming ip address
  126. g_bind_out - Bind outgoing SMTP connections to this IP
  127. g_bind_to - Bind outgoing SMTP if to address matches
  128. g_bind_to_ip - The address to bind to
  129. g_bind_to_name - The name to use in the ehlo
  130. g_black_above - Level for spam detection for blacklisting ip number e.g. 10
  131. g_black_count - Number of spam in a row before we blacklist ip for 30 minutes, e.g. 30
  132. g_black_isspam - Blacklist ip address for any spam training event
  133. g_black_nbad - Blacklist ip address if this many bad recipients in a row (e.g. 8)
  134. g_black_to - Blacklist ip address if they deliver to these user@domain addresses
  135. g_black_white - Whitelist to prevent blacklisting, e.g. 1.2.3.*,mail*
  136. g_block_files - Wild card list of files to bounce, e.g. *.exe,*.cmd
  137. g_block_longok - If true allow long file names (more than 180 char)
  138. g_block_skip - From or To address to bypass g_block_files
  139. g_block_wild - Block wild cards in usernames
  140. g_blogs_allow_links - Allow users to post comments that contain urls
  141. g_blogs_cleanup_links - Delete existing posts that contain urls
  142. g_blogs_comment_rev - Show blog comments newest first
  143. g_blogs_default_template - Default template set that is used by newly created blogs
  144. g_blogs_domonly - Only list blogs in a users domain
  145. g_blogs_enable - Surgemail blogs
  146. g_blogs_https - Use https for blog urls
  147. g_blogs_image_optional - Allow users to specify if image verification is required for comments
  148. g_blogs_max_per_user - Maximum number of blogs per user
  149. g_blogs_maximum_image_size - Default maximum image size
  150. g_blogs_maximum_image_width - Default maximum image width
  151. g_blogs_maximum_items_in_top_page - Maximum number of items on the top blog page
  152. g_blogs_no_suffix - Shortens URL, url_blogs must be defined for each domain
  153. g_blogs_not_global - Only allows access to a blog onthe domain it is defined on
  154. g_blogs_not_unique - Allow the same blog name in multiple domains
  155. g_blogs_ping - Sites to ping on each post
  156. g_blogs_sub_domain_prefix - Prefix to use instead of blogs. for blog subdomains. use ! to have no prefix.
  157. g_blogs_use_sub_domains - Make blogs accessible at http://blog_name.domain/
  158. g_body_filter - Enable user email body filtering
  159. g_bomb_max - Max msgs to a single email address/hour
  160. g_bomb_max_from - Max msgs from a single email address/hour
  161. g_bomb_white - don't apply bomb_max limit if to address matches
  162. g_bounce_bind - Use a specific ip address for outgoing bounces
  163. g_bounce_disable - Disable all bounces (NOT A GOOD IDEA)
  164. g_bounce_limit - Max size in bytes of message to send back as bounce, message is truncated if necessary
  165. g_bounce_nodrop - Enables locally generated bounces for non local users
  166. g_bounce_paranoid - Prevent external bounces going through surgemail
  167. g_bounce_redirect - Send all bounces to a local address
  168. g_bounce_reject - Reject bounces by ip address from known dumb mail servers
  169. g_bounce_safe - Only send bounces to local domains
  170. g_bounce_some_stop - Disables locally generated bounces for partial message failure - NEVER use this!
  171. g_bounce_suggest - Send bounces to postmaster if spf cannot be verified
  172. g_bounce_to - Domains to treat as local and send bounces to
  173. g_bounce_to_recipient - Bounce suregewall failure to the recipient
  174. g_breakin_enable - Stop multiple ip logins for one account in a few seconds
  175. g_breakin_n - Number of different ip's that trigger a lockout, default is 8
  176. g_breakin_short - Match on 1.2.3.* for ip addresses, helps with google sending
  177. g_breakin_white - Email addresses that can send concurrently from mulltiple ips (use * to allow everyone)
  178. g_breakin_window - Window in seconds, default is 300
  179. g_broad_noadd - Disable buttons on message
  180. g_broad_pass - BroadSoft pass
  181. g_broad_port - BroadSoft port
  182. g_broad_server - URL to BroadSoft server
  183. g_broad_url - URL to this server
  184. g_broad_user - BroadSoft user
  185. g_bull_rule - Post bulletins to this domain
  186. g_byname_old - Enable old slow domain lookup functions
  187. g_calendar_version - CalDAV / SabreDAV calendaring configuration version number
  188. g_callhome_disable - Disable misc features that reference netwinsite
  189. g_centipaid - CentiPaid address and port
  190. g_check_date - Reject messages if date is in the future
  191. g_cid_skip_to - Skip CID score, good for lawyers etc
  192. g_comment - Management notes and comments about the server
  193. g_con_gateway - Connection limit per ip also applies to gateways
  194. g_con_perip - Connection limit per ip - sum of SMTP/POP/IMAP (if over refuse connection)
  195. g_con_perip_except - Exception IP addresses to g_con_perip
  196. g_con_persubnet - Global concurrent connection limit per ip subnet x.x.x.*
  197. g_con_peruser - Connection limit per user for imap/pop. Set above 20
  198. g_con_peruser_except - Exception users to g_con_peruser, include domain name
  199. g_convert_percent - Convert % to @ sign in rcpt address
  200. g_cookie_secure - Set all cookies to secure mode on https connections
  201. g_country_allow - user@domain list to bypass country_login rule
  202. g_country_allowip - Ip addresses to bypass country_login rule
  203. g_country_ip - Tag messages with country of origin
  204. g_country_login - List of countries to allow logins from, 2 letter codes
  205. g_cpu_slow - Email warning if no cpu for this many seconds
  206. g_crash_nomini - Crash without minidump on windows
  207. g_crash_normal - Crash without catching signals 10,11 so good core dump on freebsd
  208. g_crash_simple - Crash simpler for solaris to avoid deadlock situation
  209. g_create_allow - List of characters allowed in usernames
  210. g_create_allow_pass - List of characters allowed in passwords, - is a range
  211. g_create_apply - List of user groups to apply create_* settings for.
  212. g_create_apply_admin - Apply allow* rules to the administrator
  213. g_create_badnames - List of illegal usernames
  214. g_create_cleanup - Cleanup existing data before adding a user
  215. g_create_dictionary - File containing dictionary words to compare passwords to
  216. g_create_pass_digit - Require one digit and letter in a password
  217. g_create_pass_length - Limit the length of user passwords
  218. g_create_pass_mixed - Require mixed case passwords
  219. g_create_pass_notuser - Ban password containing username
  220. g_create_pass_recheck - Recheck passwords during login and warn user if g_hack_touser is true
  221. g_create_pass_recheck_text - Added to end of recheck email to give users a url to a help page
  222. g_create_pass_slack - Slacken restrictions on trivial password creation
  223. g_create_pass_special - Require special character, e.g. !@#$%^&*(){}[];:?><.,
  224. g_create_record_ip - Causes surgemail to store ipnum in the authent database
  225. g_create_strict - Whether to apply strict rules to usernames/passwords
  226. g_create_strict_admin - Enforce strict rules for admins too, set g_create_strict AS WELL!!
  227. g_create_user_length - Limit the length of usernames
  228. g_date_add_utc - Add UTC if date header is missing it
  229. g_dbabble_links - Add web links to DBabble from other web interfaces (and vice versa)
  230. g_dbabble_smtp_port - DBabble SMTP port (do not manually change this setting - it should be set from the DBabble section of the web admin interface only)
  231. g_dbabble_smtp_prefix - DBabble SMTP prefix (do not manually change this setting - it should be set from the DBabble section of the web admin interface only)
  232. g_debug_block - For catching bugs in block file processsing
  233. g_debug_body - Save msg body during processing
  234. g_debug_check - Use more dmalloc debugging, some performance impact. Also set g_debug_free
  235. g_debug_crt - Some CRT debugging on windows, do not use
  236. g_debug_free - Check free memory isn't corrupted - slows performance slightly
  237. g_debug_freepc - 0-100 percent of malloc/free's to check later
  238. g_debug_image - Save image thumbnail files to find bug
  239. g_debug_imap - Log imap folder renames and deletes in kmsg.log
  240. g_debug_ini - Debugging, don't use this
  241. g_debug_ncpy - Debug ncpy function
  242. g_debug_padpc - 0-100 percent of malloc/free's to pad
  243. g_debug_timing - Record dfopen timing, tellmail dfopen_stats
  244. g_debug_vanished - Name of file to check for, if file vanishes, crash
  245. g_delete_exclude - Field and value that excludes an account from g_delete_user_after
  246. g_delete_user_after - Number of days an account can remain unread before it is deleted, NOT automatic! see docs!.
  247. g_delete_user_mode - Action when account is due to delete (write a command file etc...)
  248. g_delete_user_suspend - If suspending an unread account set this field/value.
  249. g_deliver_robot - Robot/Script to run at delivery time $FILE$ AND $TO$ parameters
  250. g_demo - Demo mode lock unsafe admin features
  251. g_demo_to - Demo mode valid external destinations
  252. g_deny - Block users from some ip addresses
  253. g_deny_country - Block email from some countries, use 2 digit code not the full name, see IpToCountry.csv, turn on g_country_ip!
  254. g_deny_log - Log g_deny rejections to msg.log - can clutter log
  255. g_deny_login - Block users from some ip ranges logging in
  256. g_deny_msg - Change the message for blocked ip addresses
  257. g_deny_smtp - Block users from some ip ranges connecting to SMTP only
  258. g_disable_exclude - Field and value that excludes an account from g_disable_smtp_after
  259. g_disable_qnum - Disable qnum msg header
  260. g_disable_skip - Ip address of senders to accept email from even if user account is disabled due to g_disable_smtp_after
  261. g_disable_smtp_after - Number of days an account can remain unread before delivery is disabled
  262. g_disable_surgeplus - Disable SurgePlus (SurgePlus is obsolete and not supported)
  263. g_disable_surgeplus_updates - Disable automated downloading of new versions of SurgePlus client from
  264. g_disk_debug - Log slow disk access n
  265. g_disk_warning - Give manager warning if disk % exceeded, default 95%
  266. g_diskio_abort - Shutdown if diskIO failure on queue files
  267. g_dkim_allow - From addresses to not enforce dkim for
  268. g_dkim_alt_domains - Use selector 'alt_name' for these domains
  269. g_dkim_alt_name - Name of selector to use
  270. g_dkim_check - DKIM Check incoming DKIM signatures
  271. g_dkim_exclude - DKIM Domains to not sign for outgoing email
  272. g_dkim_headers - DKIM List which headers to sign (blank=default, and is usually best)
  273. g_dkim_nogateway - Don't sign if gateway rule used
  274. g_dkim_only - DKIM Domains to sign for outgoing email (default is all)
  275. g_dkim_return - Sign if 'return path' matches g_dkim_only
  276. g_dkim_selector - DKIM Policy name for your server (used creating dns entry for dkim)
  277. g_dkim_sign - DKIM Sign outgoing messages
  278. g_dkim_skip - DKIM Destination Domains to not sign
  279. g_dlist_nolocal - Remove add local button from mailing lists
  280. g_dlist_nostart - If set then don't start dlist (dmail compatibility)
  281. g_dlist_one - Only allow one recipient if message is to a mailing list
  282. g_dlist_path - DList Path NOT SUPPORTED do not use! Also set in dlist.ini
  283. g_dmail_filter - DMail compatible filter.txt file
  284. g_dmarc_enforce - Enforce dmarc reject / quarrantine more strictly do not use
  285. g_dmarc_none_quarantine - Treat a 'none' policy as quarantine rule
  286. g_dmarc_use - Reject and quarrantine based on DMARC use this
  287. g_dmarc_whitelist - Use and share reputation data for dmarc whitelisting
  288. g_dns_blank_fail - NEVER USE! Bounce email if dns response blank rather than retry
  289. g_dns_cache_size - Set size of forward dns cache, default 7000
  290. g_dns_disk - Enables DNS disk cache
  291. g_dns_host - Host to send DNS lookups to
  292. g_dns_match_msg - Message for stamp or bounce if forward and reverse lookup don't match
  293. g_dns_nlookup - Concurrent DNS lookups to send to DNS server, default=20
  294. g_dns_nocache - Disables DNS cache for spf lookups (20 minute life)
  295. g_dns_noptr - Set to reject or retry, for ip addresses with no reverse dns entry (rdns)
  296. g_dns_noptr_msg - Message for stamp or bounce if DNS lookup fails on ip address
  297. g_dns_noptr_skip - Skip RDNS for these ip addresses
  298. g_dns_paranoid - Compare forward and reverse dns lookup and check they match (set to STAMP or REJECT) not recomended
  299. g_dns_require - Require MAIL FROM header matches senders ip reverse dns
  300. g_dns_system - Use system code to do reverse lookups
  301. g_dns_test_blank - Break dns lookups to test how it's handled
  302. g_dns_threaded - Enable threaded dns lookups
  303. g_dns_translate - If mx response is x.x.x.x translate to y.y.y.y:port
  304. g_dns_unthreaded - Disable threaded dns lookups
  305. g_domadmin_utoken_expire - Length of time a domain admin login token is valid for in seconds
  306. g_domadmin_utoken_idle - Length of time a domain admin login token may remain idle for
  307. g_domain_create_auto - Auto create domain if it doesn't exist when creating a user
  308. g_domain_create_route - Auto create route to mx mail server
  309. g_domain_default - Default domain if user does not enter a domain on pop/imap login
  310. g_domain_list_max - Maximum number of domains to list at once
  311. g_domain_separator - Separator character for virtual domains
  312. g_domain_templates - Check for domain specific templates
  313. g_domuser_file - Domain user file. Create thousands of virtual domains easily
  314. g_dotlock_minutes - Minutes to wait for NFS lock file, default 20 minutes
  315. g_dotstuff_fix - Debugging setting, do not change or bad things will happen
  316. g_doweb - Do web part only
  317. g_download - Fetch an http file and do an ini reload
  318. g_drop_use_len - Use the content-len header for drop file processing (Solaris)
  319. g_dsn_enable - Enable DSN (Delivery Status Notification) esmtp extension.
  320. g_dsn_loggedin - Enable DSN (Delivery Status Notification) for trusted senders.
  321. g_dsn_nofinal - Try not to show real final recepients but just original recipients
  322. g_ehlo_8bitmime - Enable 8bit mime in ehlo response (not recommended)
  323. g_ehlo_fault - Internal - for generating/testing faulty ehlo responses
  324. g_ehlo_log - Log ehlo/bind to msg*.rec logs
  325. g_ehlo_simple - Ip addresses to give simple ehlo respone to
  326. g_emailreg_enable - Enable whitelist register to use
  327. g_encrypt_config - Encrypt some config settings (passwords)
  328. g_encrypt_disable - Disable encryption
  329. g_encrypt_expire - Days to keep encrypted messages, default 60
  330. g_encrypt_inline - Use INLINE method by default
  331. g_encrypt_limit - Max encrypted msgs per user per hour
  332. g_encrypt_max - Max encrypted per day server wide
  333. g_encrypt_nodomain - Allow encryption for users without local domains
  334. g_encrypt_nofwd - Don't encrypt forwarded
  335. g_encrypt_noip - Don't encrypt if from this ip range
  336. g_encrypt_nolate - Disable encryption on late forwarding
  337. g_encrypt_none - Don't encrypt if subject starts with this
  338. g_encrypt_nowater - Show this if no water mark defined yet
  339. g_encrypt_path - Path to encrypted files, this is not supported when mirroring!
  340. g_encrypt_prefix - Prefix for encrypted messages must match encrypt rule so replies are encrypted
  341. g_encrypt_pw_host - Central host for encryption password storage
  342. g_encrypt_pw_key - Central host password key
  343. g_encrypt_reminders - Days before we send users a reminder to change passwords, not recommended
  344. g_encrypt_reply_plain - Send plain message for local replies
  345. g_encrypt_reset_easy - Send the reset request dirctly to the destination user - security risk!
  346. g_encrypt_reset_msg - Msg Body sent when password has been reset
  347. g_encrypt_reset_safe - When users password is reset, delete all messages to them
  348. g_encrypt_reset_sender - Msg Body sent to sender when password reset requested
  349. g_encrypt_reset_user - Msg to person when they click on reset password button
  350. g_encrypt_rule - Matches will be encrypted when sent
  351. g_encrypt_smart - Smart Encrypt Private Feature (not available)
  352. g_encrypt_ssl_force - Require ssl on incoming encrypted messages
  353. g_encrypt_ssl_noforce - Exceptions, e.g. surgeweb or localhost
  354. g_encrypt_surgeweb_show - Show SurgeVault in SurgeWeb
  355. g_encrypt_unlock - Unlock for these destinations. e.g. user@domain
  356. g_encrypt_wall - Encrypt surgewall msgs
  357. g_enotify_from - From address to use in email notification messages
  358. g_eof_fix_off - Turns off auto stripping of control+Z
  359. g_error_xlate - Change error messages
  360. g_event_list - Events wanted by url
  361. g_event_url - Send msg events to a url
  362. g_everyone - Create alias $
  363. g_expire_all_rules - Scan all users for rule files (not needed usually)
  364. g_expire_every - Only expire spool once every 'n' days
  365. g_expire_onlyunread - For the inbox only expire message if they are unread
  366. g_expire_silent - Don't send users emails telling them what was expired.
  367. g_expire_trash - Expire any messages found in trash folders after 7 days
  368. g_expire_warning - Give warning 'n' days before deleting each file
  369. g_external_all - Tag messages from friends too
  370. g_external_dlist - Tag messages arriving for mailing lists
  371. g_external_ip_disable - Do not add X-External-IP header
  372. g_external_msg - Msg to insert at the top of external mails
  373. g_external_only - Enable only these destionations
  374. g_external_spam - Tag messages in spam folder too
  375. g_external_style - css style for the warning
  376. g_external_warn - Tag external messages from non friends
  377. g_external_white - Disable for return path matches
  378. g_external_white_to - Disable for these recipients
  379. g_fallback - Default address for all local domains
  380. g_fallback_relay_if_exists - Use FALLBACK_RELAY if not logged in but user exists (OLD_POPHOST_CREATEUSER_DISABLE)
  381. g_fast_time_off - Disable faster time function
  382. g_feat_testing - Testing setting do not use
  383. g_filter_max - Max size for items to be sent to filter_pipe, or g_user_pipe, default no limit
  384. g_filter_n - Concurrent filters to run at one time, default is 20
  385. g_filter_pipe - Filter program that accepts msg on stdin and sends on stdout
  386. g_filter_pipe_headers - Re-read headers after pipe finishes
  387. g_filter_pipe_noauth - Skip for auth users
  388. g_filter_pipe_skip - Skip filter if ip matches this
  389. g_filter_timeout - Filter timeout in seconds, default is 360
  390. g_find_wrong - Find domain based on IP even if url suggests other vdomain
  391. g_fix_crcrlf - Fix email messages containing crcrlf for line termination
  392. g_fix_imap_lf - During IMAP import fix email messages containing lf
  393. g_footer_auth - Only add footer for authenticated local users
  394. g_footer_file - Footer file full path required
  395. g_footer_html - HTML Footer file, full path required
  396. g_footer_notfound - Only add footer if footer is not in message already
  397. g_footer_send - Footer file added to outgoing messages only (do not use with DKIM)
  398. g_footer_sendonly - If true only add footers when sending to non local users
  399. g_footer_skip - Skip footers for these users
  400. g_footer_skipfound - Only add footer if this text is not already in the message, requires g_footer_notfound
  401. g_footer_trusted - Only add footers if sender is trusted
  402. g_forward_attach - When late forwarding send as attachment to these domains
  403. g_forward_fixfrom - When late forwarding rewrite from/return path as local user
  404. g_forward_illegal - Ban forwards to these addresses
  405. g_forward_oops - Internal testing setting, not for general use sorry
  406. g_friends_add_trusted - Add to friends list when if sender is trusted
  407. g_friends_allow_spf - Allow all email through as if it was a friend during temporary allow
  408. g_friends_always - Always use friends list.
  409. g_friends_at_rcpt - Whether to check users friends list at rcpt stage
  410. g_friends_autodom - Auto whitelist friends based on domain/ip
  411. g_friends_bounce_friend - Allow exception rules to bounce a mesesage from a friend
  412. g_friends_bounce_rej - Reject blank return path as friends failures
  413. g_friends_bounce_second - Bounce the next time the user sends a message if waiting for confirm still
  414. g_friends_byemail - Use old email based friends rejections
  415. g_friends_check_spf - Disable friends bounces if SPF headers missing/failed to avoid backscatter.
  416. g_friends_cleanup - Cleanup/repair large friend.lst files
  417. g_friends_confirm_debug - Log sucessful friends confirmation responses
  418. g_friends_confirm_subject - String to use as the subject of a friends confirmation email
  419. g_friends_daemon_ok - Accept emails from any mailer deamon
  420. g_friends_debug1 - NEVER USE, only for NetWin testing
  421. g_friends_default_autoadd - Default auto addition when sending (recommended)
  422. g_friends_default_mode - Default friends mode, smite (recommended) silent, or list
  423. g_friends_global_add - Add to a global friends list if ip matches and sender doesn't match authenticated user
  424. g_friends_global_exclude - Addresses not to auto add, e.g. *
  425. g_friends_ignore - List of addresses considered friends for all users on the system
  426. g_friends_ignore_trusted - If from trusted ip still apply friends
  427. g_friends_lang_auto - Set users language settings automatically based on observed emails from friends
  428. g_friends_latest_headers - Causes friends to re-read message headers, allowing rules based on headers added during delivery
  429. g_friends_local_match - If from!=returnpath and one is local, then block friends match
  430. g_friends_long - In friends web release addresses use a longer url
  431. g_friends_msg - Message used for friends bounce.
  432. g_friends_msg_link - Message used for friends link bounce.
  433. g_friends_name - What to call the friends system on pages and in email
  434. g_friends_obey_spf - If SPF failed then no friends match allowed for local domains
  435. g_friends_old_status_email - Use older status email & processing
  436. g_friends_only - Enable friendonly features - must be enabled by users too
  437. g_friends_pending_keep - Number of days to store users pending messages, default 14
  438. g_friends_pending_max - Max items in pending before deleting them
  439. g_friends_pending_name - The imap name of the friends_pending (and spam store) quarantine folder - should match surgeweb imap_spam_folder - default is 'Friends Pending'
  440. g_friends_pending_vanish - Enable auto-vanish of pending messages on confirmation bounce
  441. g_friends_release_wash - Clean any subject marking (ie stars) when releasing/allowing
  442. g_friends_rotate - Rotate user level log file, default 30k
  443. g_friends_safer - Make friends always avoid back scatter.
  444. g_friends_silent - Disable friends responses to users
  445. g_friends_silent_level - If spam score above this then don't send friends message
  446. g_friends_skip_ip - List of ip addresses considered friends for all users on the system
  447. g_friends_spam_score - Default level to quaranteen message in spam folder (Recommended 8 or 10)
  448. g_friends_spf - Refine friends matching using spf/dmarc when possible
  449. g_friends_spf_fail_bounce - Bounce SPF failures, do not send friends confirmations (Not recommended)
  450. g_friends_status_sort - Sort friends status messages with low scores at the top
  451. g_friends_testurl - Test g_friends_url and status_url and url_host work externally
  452. g_friends_url - Specify default global url for friends release
  453. g_friends_use_https - Use https port for friends urls
  454. g_friends_warnonce - Give bounce on only the first message
  455. g_from_allow - Other email addresses we allow, e.g. *,*,
  456. g_from_allow_ip - IP addresses to bypass local from check
  457. g_from_allow_to - destination user to bypass local from check
  458. g_from_bl - Domain Based Blacklist Zones, lookups FROM domain in dns
  459. g_from_body_bounce - Reject if local from header address is probably faked
  460. g_from_bounce - Reject if local from envelope address is probably faked
  461. g_from_check - Check from domains match valid local domains if user is authenticated, or g_from_allow
  462. g_from_domain - Default domain for from envelope
  463. g_from_exact - Check from matches authenticated user
  464. g_from_force - From address for all sent messages
  465. g_from_header - From header used in delivery bounces
  466. g_from_list_too - Also enforce from rules from lists
  467. g_from_must_exist - Require local from addresses to exist or reject mail
  468. g_from_noforge - If envelope or from is local domain then the other must be too
  469. g_from_noforge_some - If from matches this then from/envelope must match
  470. g_from_noforgeme - If to==from then from and env from must match
  471. g_from_noforgename - If from contains two addresses the domains must match
  472. g_from_nofriend - If forge setting would bounce message then allow message but don't allow friend match
  473. g_from_ok - Whitelist for invalid from addresses we will permit
  474. g_from_relay - If not authenticated and g_relay_allow_ip matched then block if not local domain or whitelisted
  475. g_from_relay_white - White list of domains for g_from_relay setting
  476. g_from_rewrite - Rewrite from envelope for outgoing email, e.g. *@this.domain -> %1@another.domain
  477. g_from_rewrite_header - Rewrite the from header as well
  478. g_from_rewrite_sender - Rewrite the sender header as well
  479. g_from_stamp - Stamp if local from address is probably faked
  480. g_from_timeout - Timeout when checking bad from addresses, default 60 seconds
  481. g_from_valid - Require an @ and dotted domain in all return addresses
  482. g_gateway - Gateway messages for that domain to the specified address
  483. g_gateway_allow - Known hosts that act as incoming SMTP or surgewall servers for us
  484. g_gateway_always - Always send to gateway even if local domain exists
  485. g_gateway_auth - Send SMTP auth requests to another host
  486. g_gateway_data - Gateway at the data stage
  487. g_gateway_from - Pass 'from' header thru during gatewawy check
  488. g_gateway_helo - Header that must exist in incoming bounces (g_send_helo) or bounces are dropped
  489. g_gateway_ifnot - Send local deliveries to scanner (using gateway rule) before delivering locally, deliver locally if from ip matches
  490. g_gateway_ignorewild_ip - Ignore * gateway rules if from ip matches (allows outbound email scanning using gateway * to external scanner)
  491. g_gateway_mx - If specified IP address is found in mx record for destination then allow relay (not recommended)
  492. g_gateway_open - Allows an open relay setting in g_gateway
  493. g_gateway_orcpt - Writes an original receipt header when forwarding a message, this may disclose multiple recipients, cc/bcc etc use only for tracking faults
  494. g_gateway_shuffle - Round robbin shuffle of to ip addresses for gateway rules
  495. g_gift_disable - Disable check for imap gift hacker
  496. g_group_field - Auth field to add to group membership
  497. g_gzip_disable - Disable gzip web compression
  498. g_hack_detect_disable - Stop admin emails when users login with a weak password
  499. g_hack_msg - Message to send to users with a weak password
  500. g_hack_noemail - Disable weak password reports
  501. g_hack_report - Address to send weak password reports to
  502. g_hack_touser - Send warnings about hacking directly to users
  503. g_hack_url - Url for users to change password
  504. g_hacker_alert - Email manager if address is locked out
  505. g_hacker_days - Days to keep ipaddress locked out, default 7
  506. g_hacker_fwd - Email manager if user sets fowarding rule
  507. g_hacker_max - Login guesses for one ip address before we lockout the ip address
  508. g_hacker_more - Be more restrictive, don't allow /24 netblocks based on loginip
  509. g_hacker_password - If hacker attempts to login with account name as password, then blacklist ip
  510. g_hacker_passwords - Failed logins that use these passwords will lockout the ip address
  511. g_hacker_poison - Poison accounts. Instantly blacklist ip address e.g. root@*
  512. g_hacker_star - Lockout users who say * at us
  513. g_hacker_timeout - Lockout users who timeout smtp connections
  514. g_hacker_weak - If user tries weak password, lockout ip address
  515. g_hacker_whitelist - Ip addresses to avoid guessing issues
  516. g_header_out - Header to add to outgoing posts
  517. g_header_strip - Strip listed headers from incoming messages
  518. g_helo_optional - Helo is optional for SMTP protocol (not recommended)
  519. g_help_local - Make all help references to the local help files
  520. g_help_url - Link to another website for help instead of
  521. g_home - Home path of server configs log etc
  522. g_honeypot_key - Key for HTTP RBL service - not recommended
  523. g_honeypot_rbl - RBL name to lookup, typically
  524. g_host_alias_sni - Fix fault where host_alias matches domain rather than ssl name
  525. g_host_ip - This host public IP address
  526. g_host_redirect - Redirection based on host for surgeweb's https_required redirection
  527. g_http_11 - Use http 1.1 requests to netwinsite (do not use)
  528. g_http_add_header - Add generic headers to web responses
  529. g_http_proxy - Proxy web server for fetching files from if direct access fails
  530. g_imap_acl - Enable ACL (shared folders) in imap
  531. g_imap_allow_trailing - Allow leading/trailing spaces on folder names on linux, not a good idea
  532. g_imap_auto_create - Create folders matching this list in response to 'select' commands
  533. g_imap_auto_subscribe - Auto subscribe folders for users
  534. g_imap_blacklist - Test if imap users are in rbl's and email admin
  535. g_imap_capa - Where to get the CAPABILITY value from
  536. g_imap_capa_strip - Capability values to hide
  537. g_imap_cram_enable - Enable CRAM-MD5 authentication (requires nwauth 4.0h or greater)
  538. g_imap_debug - For NetWin use only
  539. g_imap_delay - Glob data into bigger packets, never use this
  540. g_imap_expunge_close - Expunge on every close, not recommended
  541. g_imap_folder - Type can be: Trash,Junk,Sent,Drafts,Archive
  542. g_imap_folder_create - Auto create default folders for Trash/Sent etc
  543. g_imap_friends - Make the friends_pending folder visible in imap
  544. g_imap_idle_free - Releases threads in 'idle' state
  545. g_imap_idle_nsf - The number of seconds before a complete directory rescan. To be used on NFS network drives
  546. g_imap_inactive_free - Releases threads not active
  547. g_imap_log - Enable imap.log logging
  548. g_imap_log_body - Log imap fetch body commands to msg*.rec log files
  549. g_imap_log_copy - Log imap copy commands to msg*.rec log files
  550. g_imap_log_flush - Flush imap log on every write (for debugging)
  551. g_imap_log_header - Log imap fetch header commands to msg*.rec log files (not usually needed)
  552. g_imap_log_main - Log imap to mail.log too (not recommended)
  553. g_imap_log_protocol - Log more of the protocol
  554. g_imap_log_size - Size of imap.log file
  555. g_imap_log_user - Log imap info to imap.log in users mdir folder
  556. g_imap_loop_report - Report imap loops of bad email clients
  557. g_imap_max_limit - Limits messages being put in folders
  558. g_imap_max_messages - The number of messages in a single imap folder, default 200000
  559. g_imap_maxbusy - Limit for concurrent requests per user, user is throttled if exceeded dflt 8
  560. g_imap_maxdup - Max duplicate imap fetch commands before we throttle connection, default 500
  561. g_imap_move - IMAP move extension
  562. g_imap_no_internal_date - Disables internal date which helps stupid outlook client show correct dates
  563. g_imap_old - Revert to old imap module
  564. g_imap_old_ip - Revert to old imap module for some ip's
  565. g_imap_pop_burst - Always burst using imap code
  566. g_imap_port - IMAP port to listen on, default is 143 (needs restart)
  567. g_imap_search_body - Build and use indexes for imap body searching
  568. g_imap_search_index - Build and use indexes for imap header searching
  569. g_imap_search_noattach - Skip non text attachments when searching
  570. g_imap_search_text - Use only body and header indexes, fast but won't get all matches
  571. g_imap_search_timeout - Limit on imap search, default is 180 seconds
  572. g_imap_secure_port - IMAP SSL secure port to listen on, default is 993
  573. g_imap_size_fetch - If true, will display message sizes on fetch command. (ie * 123 EXISTS)
  574. g_imap_spam_train - Train if moving message to 'spam' folder, or from 'spam' folder to inbox
  575. g_imap_status_cache - Cache imap status responses (Obsolete, use _stored setting)
  576. g_imap_status_stored - Keep imap folder counts stored on disk
  577. g_imap_sync_all - Apply imap_max_sync to all folders
  578. g_imap_sync_nomax - Exception to imap_max_sync setting
  579. g_imap_testing - Test imap module instead of normal one (not functional)
  580. g_imap_throttle - Limit for sustained imap commands per second before warning admin, default is 5
  581. g_imap_throttle_exclude - Users who are not limited
  582. g_imap_throttle_limit - Daily mb download limit before applying throttle speed, e.g. 500
  583. g_imap_throttle_speed - Limit to this speed in bytes per second when throttling, e.g. 50k
  584. g_imap_timeout - Time, in minutes for imap timeout, RFC required default is 30
  585. g_imap_timeout_login - Timeout prior to login in seconds
  586. g_imap_timezone - Timezone to display - for testing purposes only NOT USED
  587. g_imap_trash_nocopy - Prevent copying from Trash to Trash folder
  588. g_imap_uidl_nofix - If true, disable auto repair of identical uidl entries
  589. g_imap_unsub_auto - Unsubscribe if a folder doesn't exist
  590. g_imap_user_flags - This setting may confuse some email clients (mac) use with cautioun
  591. g_imap_user_moreflags - Allow unlimited flags
  592. g_imap_warn_big - Warn user if inbox or sent has more than this many messages
  593. g_inbox_archive - Archive old messages to Archives/yyyy/Inbox folder, age in days
  594. g_inbox_max - Max messages permitted in inbox e.g. 5000
  595. g_inbox_nolimit - Users with no limit on inbox
  596. g_include - Include another ini file global settings only
  597. g_iplimit - Untrusted local ip addresses e.g. web servers, special sending limits applied.
  598. g_iplimit_islocal - Add domains to list of domains considered local for limit counting
  599. g_iplimit_local - Max sends from untrusted ip to local domains per 30 minutes.
  600. g_iplimit_remote - Max sends from untrusted ip to remote domains per 30 minutes.
  601. g_iplimit_whitelist - List of 'from' addresses that should bypass limits
  602. g_ipv6_enable - Enable IPV6 networking only use if you have an IPV6 address for some reason
  603. g_ipv6_notrim - Prevent automatic conversion of ::ffff:x.x.x.x to x.x.x.x
  604. g_kann_test - Testing spam module do not use
  605. g_keepalive - Attempts to use keepalive for the web sessions (experimental & faulty currently)
  606. g_key_manual - Try and activate automatically when the key expires
  607. g_key_nowarning - Disable reminders to update your license
  608. g_known_skip - Disable the bypass of known ip addresses from spf failures
  609. g_language_default - Default language for user web interface
  610. g_last_login - If true create last_login file each time user logs in via imap/pop. Do not use on MIRROR systems
  611. g_last_login_days - If last login is more than this many days then reject email - do not use on mirrors
  612. g_late_forward - Apply all users forwarding rules after friends, spam, and filtering
  613. g_late_skiplocal - Skip late forwarding for local destinations
  614. g_ldap_forward - Remote ldap server to forward requests to (only for testing do not use)
  615. g_ldap_outlook_browse_max - Basic outlook ldap address browsing, max items (KEEP THIS SMALL eg <50): default=0 (disabled)
  616. g_ldap_port - LDAP port, set to 389 to enable simple address book lookups only. (NOT YET FULLY FUNCTIONAL)
  617. g_legal_archive_accesskey - Amazon s3 awsaccesskeyid
  618. g_legal_archive_add - Users must belong to this group to get their email archived
  619. g_legal_archive_bucket - bucket for for net service
  620. g_legal_archive_enable - Enable legal archive
  621. g_legal_archive_encrypt_key - Key for encrypting the data, you MUST never loose this
  622. g_legal_archive_hostid - Unique integer for this host 1-9 use if sharing mail spool
  623. g_legal_archive_keep - Days to keep legal archive, units=days unless you specify years or months, default 5 years
  624. g_legal_archive_local - Store files locally only
  625. g_legal_archive_mirror - Mirror the archive, also use tellmail resync_archive
  626. g_legal_archive_nofail - Don't bounce messages if archive fails
  627. g_legal_archive_only - Drop all messages after archiving them!
  628. g_legal_archive_path - Local path for archive indexes
  629. g_legal_archive_secretkey - Amazon s3 awssecretkey
  630. g_legal_archive_show - Users must belong to 'archive_show' group to see their own archive
  631. g_legal_archive_spam - Store files even if identified as spam (OBSOLETE)
  632. g_legal_archive_trim - Trim messages to max size e.g 20mb
  633. g_letsencrypt - Path to find letsencrypt certificates (obsolete)
  634. g_lf_fix_off - If input contains naked 'lf' characters then reject with error instead of stripping as usual
  635. g_local_skipgateway - If true skip gateway rule for local messages (bounces etc)
  636. g_log_bounce_disable - Stop bounce reject entries filling up log (typically from spam bounces)
  637. g_log_date - Log full date in log files
  638. g_log_date_msg - Log full date in msg log files (g_log_date required too)
  639. g_log_disable - Disable most logging - not recommended
  640. g_log_dns - Log dns responses in gory detail
  641. g_log_dropped_disable - Don't log if no 'data' command sent
  642. g_log_fakemid - Header to use instead of message-id in log files
  643. g_log_flush - Flush log file after every write
  644. g_log_fwd - This setting is obsolete and has no effect
  645. g_log_level - Level of logging, info, debug, error
  646. g_log_norcpt - Disable Log individual recipients in msg.rec files
  647. g_log_password - Log password failures to login_failed.log
  648. g_log_path - Directory for log files, defaults to G_HOME
  649. g_log_pid - Log PID in log lines
  650. g_log_quota - Log quota for specified user
  651. g_log_reject_disable - If true then rejects are not recorded in .rec files
  652. g_log_size - Size of each mail*.log file (e.g. 5mb)
  653. g_log_slow - Do slower logging system
  654. g_log_start_norotate - Don't rotate log on startup
  655. g_log_syslog - Send 'msg.rec' entries to syslog
  656. g_log_syslog_debug - Send 'mail.log' entries to syslog as 'mail.debug' data
  657. g_log_syslog_host - Specify host to send syslog entries to (windows only)
  658. g_log_syslog_only - Disable writing to msg.rec
  659. g_log_syslog_port - Default is 514 (windows only)
  660. g_log_tcp_read - Log actual tcp read data - for matching ip addresses - avoid
  661. g_log_tcp_write - Log actual tcp write data - for matching ip addresses - avoid
  662. g_log_thid - Log thread id in .rec files
  663. g_log_user - Log pop/imap/smtp protocol for specified user
  664. g_login_log_size - Size of login.log file
  665. g_lookup_names - Lookup ip names of connecting users (can be slow)
  666. g_lookup_reject_fails - If lookup cannot get a name, reject user (not generally recommended)
  667. g_lowdisk_warning - Disksize below which to send a warning to the system manager
  668. g_mailbox_inbox - Path for inboxes (experimental, do not use!)
  669. g_mailbox_path - Default directory to store mail
  670. g_maildir_imap_max - Use imap max setting, defaults to 100,000
  671. g_maildir_max - Max messages in a POP folder, do not adjust
  672. g_maildir_netwin - Use NETWIN proprietry storage format - Not Recommended
  673. g_maildir_report - Email manager on ndb errors
  674. g_maildir_standard - Use more standard maildir layout (NOT SUPPORTED)
  675. g_mailstatus_message - Error message to give when mailstatus is set to specified state
  676. g_manager - Email address of manager
  677. g_manager_port - HTTP Manager port to listen on, default is 7026
  678. g_manager_secure_port - HTTPS secure Manager port, default is https 7025
  679. g_manager_smtp - SMTP server for error reporting
  680. g_manager_username - Global domain managers username (for web based domain administration)
  681. g_max_bad_ip - Max bad recipients per ip address before blocking that ip
  682. g_max_bad_ip_skip - Skip g_max_bad_ip tests
  683. g_max_bad_ip_time - Seconds to block guessing hackers
  684. g_max_bad_nolookup - Max bad recipients in a row, if exceeded skip user lookup
  685. g_max_bad_to - Max bad recipients in a row
  686. g_mdir_hash - Hashing mode for surgemail (not supported, use at your own risk)
  687. g_mdir_prefix - Prefix for maildir folders DO NOT USE THIS SETTING, NOT SUPPORTED!!!
  688. g_mfilter_addonly - If true, then only allow 'adding' headers, not changing them
  689. g_mfilter_bounces - Run mfilter on bounce messages and responders etc
  690. g_mfilter_disable - Disable mfilter.rul completely
  691. g_mfilter_file - Mfilter rule file. For spam rule processing (mfilter.rul)
  692. g_mfilter_localonly - If true then only run mfilter on local deliveries
  693. g_mfilter_maxlen - Size to truncate messages to before processing with filter
  694. g_mfilter_noisey - Do log anything in mfilter
  695. g_mfilter_skip_from - From addresses (envelope) to skip mfilter processing for
  696. g_mfilter_skip_ip - IP address(es) to skip mfilter processing for
  697. g_mfilter_skip_to - To addresses to skip mfilter processing for
  698. g_mfilter_trace - Log trace lines in mfilter
  699. g_migrate_domain - The domain which g_migrate_password is for
  700. g_migrate_email - Send each user email on start/end of migration
  701. g_migrate_onsmtp - Migrate on smtp login events
  702. g_migrate_password - Allows login to all accounts create hash with tellmail master_password
  703. g_migrate_skip - Skip imap folders matching this, use for shared folders
  704. g_migrate_translatet - Translate folder names during migration
  705. g_mirror_config - Mirror surgemail.ini to/from mirror_host, must set on both systems!
  706. g_mirror_config_except - Settings to ignore when accepting the incoming config
  707. g_mirror_debug - Log more info to mirror log.
  708. g_mirror_debug3 - NEVER USE, MAKES MIRROR FAIL.
  709. g_mirror_email - Email manager list of fixes sent
  710. g_mirror_host - Mirror other host name
  711. g_mirror_lists_one - Mirror list changes only one way to slave
  712. g_mirror_live - Mirror: Send incoming messages immediately
  713. g_mirror_live_max - Limit size of mirror_live default 60k
  714. g_mirror_lock - Lock PRIMARY during secondary bursts
  715. g_mirror_max - Max items in one folder to mirror, default 160k currently
  716. g_mirror_mode - Mirrorring mode (one system must be PRIMARY and the other SECONDARY)
  717. g_mirror_nossl - Disable SSL for mirror protocol connection - recommended
  718. g_mirror_nsend - Sending threads to use, default 8
  719. g_mirror_nwauth - Mirror send nwauth database to other server, ONLY set on primary
  720. g_mirror_nwauth_always - Mirror nwauth database files
  721. g_mirror_others - BETA Other hosts, for 3,4 host mirrors,(DO NOT USE)
  722. g_mirror_prune_age - Mirror minimum age for items to be pruned during sync_prune, default 14 days
  723. g_mirror_repair - Run resync_prune once per month, only set on primary, TURN OFF DURING FAILURES
  724. g_mirror_resync_inbox - BETA Resync inbox for active users once a day
  725. g_mirror_secret - Mirror shared secret
  726. g_mirror_threads - Max threads we can use during resync_fast, default 6
  727. g_mirror_trash - Normally on a resync the trash folder is ignored.
  728. g_modern_admin - More modern admin ui layout
  729. g_modern_hicontrast - Easy to see color scheme, Control f5 to reload css after changing!
  730. g_modern_surgeweb - More modern layout for surgeweb
  731. g_modern_user - More modern layout for user self admin
  732. g_monitor_disable - Disable monitor process completely (requires restart)
  733. g_monitor_port - HTTP port for Surgemail Monitor to listen on, default is 7027
  734. g_msg_hops_max - Maximum received lines or message is bounced, default 30
  735. g_msg_log_body - Log body fetches too
  736. g_msg_log_dkim - Log DKIM in msg*.rec
  737. g_msg_log_extra - Extra user activity logging
  738. g_msg_log_from - Log From in msg*.rec
  739. g_msg_log_pop - Log all pop reads in msg*.rec
  740. g_msg_max - Max size of a single message (if over refuse with 552 error)
  741. g_msg_max_drop - Drop link if size exceeded (DO NOT USE)
  742. g_msg_max_send - Max size for authenticated local users
  743. g_msg_max_total - Max size of a message * recipients
  744. g_msg_nodup - Drop duplicate messages by msgid/user matching
  745. g_msg_track - Message tracking - for debugging
  746. g_mtasts - Enable MTA-STS ssl/tls rules
  747. g_mtasts_report - Alert manager on MTASTS failures
  748. g_mtasts_white - Domains to ignore MTA-STS rules
  749. g_mutex_fast - Use fast mutex handling DEBUGGING option only
  750. g_mutex_timeout - Default mutex timeout period in seconds default is 600
  751. g_mutex_timing - Name of mutex to collect extra timing information for
  752. g_mx_tryall - Try all mx hosts even if lower than own mx priority
  753. g_myrbl_disable - Disable internal rbl database
  754. g_myrbl_disable_rbl - Disable netwin rbl database
  755. g_myrbl_fake - Fake myrbl response for testing
  756. g_myrbl_share - Use and Share RBL reputation data with central NetWin server (Recommended)
  757. g_myrbl_store - Size of internal myrbl database
  758. g_myrbl_to - Debug setting for rbl sharing do not use
  759. g_myurl_disable - Disable internal url database
  760. g_naked_msg - Error message if body contains naked lf characters
  761. g_newui_advanced - Always run new admin ui in advanced mode
  762. g_newui_disable - Disable new admin ui (do not use)
  763. g_no_bull - Special accounts that should not get bulletins
  764. g_notag_notascii - Don't add x-notascii: charset to any non ascii message
  765. g_notag_url_forgery - Don't add x-UrlForgery when a ref urls seem to not match
  766. g_notlocal - Add ALERT to message subject if domain is local but origin is external NOT FUNCTIONAL!
  767. g_notlocal_message - ALERT text to add to suspect messages that appear to be from a local domain
  768. g_nwv_test - Test NetWin setting, best not played with)
  769. g_oauth_client_id - OAuth 2.0 client_id
  770. g_oauth_client_secret - OAuth 2.0 client_secret
  771. g_oauth_trim - OAuth 2.0 trim
  772. g_oauth_url - OAuth 2.0 server for password lookup, e.g.
  773. g_old_imap_headbody - Get head and body seperately
  774. g_old_imap_nossl - Disable auto ssl mode
  775. g_old_imap_skip - Skip these folders
  776. g_old_pophost_debug - Log extra info when doing old pophost logins
  777. g_old_user_check - Disable the account status enabled check on rcpt lines
  778. g_old_webmail_links - Show webmail links in user cgi instead of surgeweb
  779. g_orbs_cache_life - Time to keep RBL cached entries in seconds, default is 7200 seconds
  780. g_orbs_check_all - Keep doing lookups even if found in a RBL, this is slower of course!
  781. g_orbs_exception - Realtime Blackhole List, exception list of IP addresses
  782. g_orbs_fake - Ip address to pretend we find in rbl database for testing
  783. g_orbs_force - Force RBL check even if g_allow_ip matches this ip number
  784. g_orbs_late - Do late disconnect so user has time to send SMTP authentication (Also applies G_SPF_SKIP_TO)
  785. g_orbs_list - Realtime Blackhole Lists (RBL's), action=deny,accept,stamp
  786. g_orbs_nosubmit - Revert to old behaviour, orbs check before submit
  787. g_orbs_rec - Log to record file if RBL deny action occurs (can fill logs up)
  788. g_orbs_report - List of IP's to check in RBL(s)
  789. g_orbs_service - Service Name - Obsolete - use g_orbs_list to define services
  790. g_orbs_system - If true use system dns lookups instead of surgemails for orbs (not recommended)
  791. g_orbs_test2 - Test block all addresses
  792. g_orbs_testing - If true, RBL lookups are recorded but not blocked
  793. g_orbs_timeout - Seconds to wait for RBL lookups, default is 10 seconds
  794. g_outgoing_block - Block user if this many spam sent in one day
  795. g_outgoing_n - Send manager email if more than this many spam from one user per day
  796. g_outgoing_white - Whitelist for outgoing spam detector
  797. g_pass_force - Force user to reset password if admin changes it
  798. g_pass_twofactor - Enable two factor authentication
  799. g_pass_twofactor_bypass - Bypass twofactor for ip addresses
  800. g_pass_twofactor_life - Session life in minutes, dflt 4 hours
  801. g_pass_twofactor_merged - Require +code for imap/pop logins sometimes
  802. g_perflog_disable - Completely disable 'perflog' historical performance logging
  803. g_perflog_flush_interval - Interval in seconds to flush the performance log files to disk (default 1hr = 3600)
  804. g_perflog_logall - Log all trend graph counters including undisplayed graphs (recommended)
  805. g_perflog_lowres - Do low resolution perflog sampling (hiding hour scale)
  806. g_perflog_surgeonly - Only log surgemail counters
  807. g_phish_block - Replace most urls with a warning link to stop phishing
  808. g_phish_friends - Replace urls for msgs from friends too
  809. g_phish_key - Used in key generation, never change
  810. g_phish_local - Replace urls for locally sent msgs too
  811. g_phish_only - Email addresses to apply link rewrite, default is everyone
  812. g_pipelining - Show pipelining in ehlo response - not recommended - has no behavior affect
  813. g_policy_enable - Enable policy.dat rules, still testing
  814. g_pop_add_size - Improves pop performance on nfs slightly
  815. g_pop_blocksize - Size of packets to read pop messages (best left alone)
  816. g_pop_cram_enable - Enable cram-md5 support
  817. g_pop_delay - If true packets are sent in bunches, this slows down some mail clients
  818. g_pop_flush_lines - Flush to tcp every line of message sent (slow)
  819. g_pop_lock - Lock pop spool
  820. g_pop_max - Max threads for POP or IMAP connections
  821. g_pop_min_late - Give min time error on first command after login
  822. g_pop_min_msg - Additional warning to give user when they login too soon
  823. g_pop_min_skip - Skip ip addresses matching this list.
  824. g_pop_min_time - Min time in seconds between consecutive POP logins, NEVER USE
  825. g_pop_nolock - Allows concurrent pop logins, recommended
  826. g_pop_port - POP3 port to listen on, default is 110 (needs restart)
  827. g_pop_secure_port - POP3 SSL secure port to listen on, default is 995
  828. g_pop_warning - Send manager warning if this many sessions (pop or imap) reached (max 1 per hour)
  829. g_popfetch - Fetch incoming mail from another pop server
  830. g_popfetch_interval - Interval between popfetch attempts in seconds
  831. g_popfetch_kick - If true then popfetch will try and open the link for 10 seconds, then retry, this should bring up ISDN lines.
  832. g_popfetch_nodup - Drop duplicate messages
  833. g_ppd_port - PopPassD port for setting passwords, default is 106
  834. g_private - Enable a private customer specific feature
  835. g_proxy - Proxy mode, best avoided for most situations
  836. g_proxy_default - Proxy mode default forward to host
  837. g_proxy_to_gateways - Proxy pop/imap connections to matching gateway settings
  838. g_proxy_usercgi - Proxy user.cgi requests to tohost (web_ref_text.txt & g_web_ref_path_extension must match on all servers)
  839. g_proxy_webmail - Redirect webmail logins to external host name
  840. g_pstat_disable - Disable pstat per user accounting (for debugging)
  841. g_queue_all - Always queue local messages before delivery
  842. g_queue_limit - If on disk queue exceeds this block incoming mail
  843. g_queue_max - Size of internal que file cache, range 500-3000
  844. g_queue_spawn - Run command on queue files before delivery ONLY if g_queue_all is true, filename is passed as parameter
  845. g_queue_warning - If on disk queue exceeds this send manager a warning
  846. g_quota - Disk quota for users in specified g_access_group
  847. g_quota_550 - Give 550 quota response instead of 552
  848. g_quota_at - Default is 80%
  849. g_quota_before_forward - Do quota check before forwarding.
  850. g_quota_default - Default quota
  851. g_quota_disable - Disable quota system
  852. g_quota_friends - Count friends pending messages as part of quota
  853. g_quota_from - Return address for quota warning messages
  854. g_quota_noemail - Disables all quota messages to the user
  855. g_quota_notrash - Remove Trash folder from quota calculation
  856. g_quota_rcpt_disable - Disables quota check at rcpt stage
  857. g_quota_report - Send quota warnings to the manager
  858. g_quota_skip - Skip quota for matching ip addresses
  859. g_quota_try_later - Give 450 response if user is over quota so message will be resent
  860. g_quota_warning_disable - Disables the 80% quota warning message
  861. g_rcpt_bang - Allow bang character in addresses
  862. g_rcpt_colon - Allow colon character in addresses
  863. g_rcpt_max - Max recipients per message, default 1000, can only be lower than 3000.
  864. g_rcpt_max_in - Limit for recipients of untrusted channels, default g_rcpt_max
  865. g_rcpt_msg - Response given for invalid recipient errors, message is prefixed by email address.
  866. g_rcpt_nodup - Ignore duplicate recipients to the same user
  867. g_rcpt_ok - Whitelist for invalid rcpt addresses we will permit
  868. g_rcpt_quote - Allow quote character(s) in addresses
  869. g_rcpt_trace - Add X-Rcpt-Trace headers
  870. g_rdns_timeout - Timeout for reverse DNS lookups default is 30 seconds
  871. g_received_name - Name shown in received headers
  872. g_received_names - List of valid received names for incoming email
  873. g_received_skip - Skip local received header for trusted users (DO NOT USE)
  874. g_received_skip_all - Skip local received header (DO NOT USE)
  875. g_received_skip_spf - Skip spf received header (DO NOT USE)
  876. g_recent_bypass - Bypass recent failure checking
  877. g_record_days - Days to keep msg*.rec record of incoming messages, default 90
  878. g_record_hash - Hash storage of daily .rec files
  879. g_record_login - Log successful logins to msg*rec files
  880. g_record_path - Directory for daily .rec files defaults to G_HOME
  881. g_recover_noquestions - Remove question based password recovery system
  882. g_recover_reminder - Send users reminder email monthly until they set a recovery email address
  883. g_recycling - Keep deleted messages so users can undelete email
  884. g_recycling_del - Allow usergroup to delete messages from the recycle folder
  885. g_recycling_imap - Make visible to IMAP users, default is now ONLY surgeweb users
  886. g_recycling_life - Days to keep imap deleted messages, default 30
  887. g_recycling_pop - Do recycling for POP deletes too
  888. g_recycling_visible - Only allow members of this group to see recycling folder
  889. g_redirect - Redirect messages from 'was' to the new 'to' address
  890. g_redirect_cc - Send carbon copy to another address
  891. g_redirect_cc_attach - Redirect message as attachment if rule applies
  892. g_redirect_from - Redirect if from envelope matches
  893. g_redirect_from_cc - Send carbon copy if from envelope matches
  894. g_redirect_hide - Hide the redirection in the output
  895. g_redirect_iflocal - If local domain, then apply redirect
  896. g_redirect_ignore_errors - Accept email even if redirected addresses fail
  897. g_redirect_newmid - Generate new MID on redirection
  898. g_redirect_noautocreate_rules - Don't create redirection rules for domains automatically
  899. g_redirect_ses - If message is not local then apply redirect
  900. g_relay_allow_from - Allow relaying from users if the from envelope and from header match this NEVER USE, SPAMMERS ABUSE THIS
  901. g_relay_allow_ip - Allow relaying from users at this ip address
  902. g_relay_dom_and_ip - Allow relaying if from envelope and ip address both match
  903. g_relay_ifnot - Accept locally only if not from this ip
  904. g_relay_message - Message to give to users who try to relay through your system
  905. g_relay_nolocal - Do not automatically relay for
  906. g_relay_process - Relay process, e.g. testip.exe $WHOIP, return 1 to allow relaying, 0=deny
  907. g_relay_to - Relay to this domain from anyone
  908. g_relay_to_user - Relay to specific user from anyone
  909. g_relay_window - Minutes to allow relay after pop/imap login NOT RECOMMENDED
  910. g_relay_window_from - Requires pop authed user is in from header of sent message
  911. g_rename_content - Wild card list of mime types to rename, e.g. application*zip*
  912. g_rename_files - Wild card list of files to rename, e.g. *.exe,*.cmd (see help for defaults) g_virus_rename setting required
  913. g_report_host - Report facts to a central host
  914. g_report_notspam - Send not spam samples to automatically (unwise)
  915. g_report_spam - Send spam samples to when msg trained
  916. g_responder_delay - Delay between responses to the same address.
  917. g_responder_friends - Only respond if from known friends
  918. g_responder_from - Send 'from' destination user.
  919. g_responder_noreply - Send 'from' noreply@ destination domain, improves delivery
  920. g_responder_safer - Only respond if the sender can be verified in some way (spf/domainkeys)
  921. g_responder_score - Do not respond if spam score is above this
  922. g_responder_sender - Responder whitelist for email from address
  923. g_responder_skip - Skip responder if from matches
  924. g_responder_source - Responder whitelist for from ip name or number
  925. g_responder_to - Responder whitelist for destination user
  926. g_responder_utf8 - Send response in utf8 format
  927. g_restart - Restart server if it dies
  928. g_restart_kill - Allow swatch to kill surgemail if not responding - beta
  929. g_restart_malloc - Restart server if malloc exceeds this (in mb), e.g. 1000
  930. g_restart_vmsize - Restart server if vmsize exceeds this (in mb), e.g. 1000
  931. g_retry_bounces - Max hours to keep trying to deliver a bounce, default is 48hrs
  932. g_retry_dns - Hours to keep trying if dns response suggested invalid domain name, default 0
  933. g_retry_from - Time to keep messages from these domains
  934. g_retry_limit - Max hours to keep trying to deliver a message, default is 48hrs
  935. g_retry_minutes - Time between attempting resends, defaults to 60 minutes
  936. g_retry_rule - Time to keep messages to these domains
  937. g_retry_unwarn - Send user sent on confirmation if warning sent
  938. g_retry_warn - Send user a warning if first send fails
  939. g_retry_warn_n - Send user a warning if nth send fails
  940. g_route - Route messages matching from and to both must be specified, * can be used
  941. g_route_by_tohost - Route messages using server specified in 'tohost' in authent database
  942. g_route_except - IP exception to g_route / g_route_by_tohost
  943. g_route_local - Route messages for local domains if the rule applies
  944. g_route_local_ifexists - Route messages for local domains if the rule applies and the local user exists
  945. g_route_tous - Route messages back to our own ip
  946. g_rules_msgtime - Use msg time rather than file time for expire rules
  947. g_rules_old - Never use
  948. g_run_cmd - Run command on all messages use $FILE$ in cmd parameters
  949. g_sabre_version - SabreDAV version (DO NOT CHANGE, for debugging only)
  950. g_safe_alert - Email manager when user fails to login from new ip
  951. g_safe_country - White list use 2 char country code, e.g. US,NZ,AU a list is ok, use with g_safe_smtp
  952. g_safe_country_nowarning - Whitelist countries for just this setting
  953. g_safe_imap - Force users to prove they are real if logging in from pop/imap NEVER NEVER USE
  954. g_safe_message - First line of email sent to user when login blocked
  955. g_safe_smtp - Force users to prove they are real if logging in from unknown sources via smtp
  956. g_safe_smtp_email - Email manager as remote ip addresses are added
  957. g_safe_text - The first line of the warning email when a new login occurs
  958. g_safe_warning - Email user for logins from new ip addresses
  959. g_safe_white - White list for g_safe* settings
  960. g_sample_get - Sample account to check if deliveries work
  961. g_sample_show - Headers to show from sample messages
  962. g_scan_action - Converts return value from g_scan_cmd, action=drop,accept,bounce
  963. g_scan_cmd - Run command on message, and return integer, see g_scan_action
  964. g_scan_cmd_failok - Don't reject if script fails
  965. g_scan_cmd_skip - Skip for matching ip addresses
  966. g_scan_cmd_testing - Don't reject, (for testing)
  967. g_sched_utoken_timeout - Timeout for sched utokens in minutes
  968. g_send_backoff - Seconds to leave slow responding host alone (default 900)
  969. g_send_body_end_retry - Try again if connection fails after entire body sent
  970. g_send_body_noretry - If a send fails during the body send give up at once.
  971. g_send_body_once - Don't try 3 times if failure occurs sending body
  972. g_send_bug1 - Fail while sending messages
  973. g_send_conspeed - Outgoing connections per second per destination, default is 4
  974. g_send_delay - Wait this many seconds after sending each item.
  975. g_send_first_retry - Minutes for first retry, default is 16 minutes, do not adjust!
  976. g_send_helo - Fully qualified domain to use for all outgoing SMTP helo commands and MessageIDs
  977. g_send_helo_from - Use matching domain name if we have one if user is authenticated/trusted AVOID THIS!
  978. g_send_helo_in - Lookup dns name of incoming ip connection on local interface, UNSAFE
  979. g_send_lines - Send messages in single line packets, slow!
  980. g_send_lowpriority - Ip address of bulk sending servers
  981. g_send_max - How many concurrent sending sessions in total
  982. g_send_max_perchan - Msgs to send on one open channel
  983. g_send_max_perdom - How many concurrent sessions allowed to another domain, default is 3
  984. g_send_max_rcpt - How many rcpt's to send per message when sending
  985. g_send_no_domain - Message to show when domain points to us but can't find user or domain
  986. g_send_nolimit - Don't apply g_max_perdom limit when sending to this domain
  987. g_send_nopoll - Use sleep loop instead of poll (debugging only)
  988. g_send_nosize - Don't send size with from envelope
  989. g_send_noskipslow - Don't remember hosts that are slow to open and avoid them
  990. g_send_onpopfetch - Only send outgoing while doing a popfetch (For dialup use)
  991. g_send_open_timeout - Timeout, in seconds when opening a link
  992. g_send_retry_550 - Retry on 550 responses (general failure)
  993. g_send_retry_552 - Retry on 552 responses (typically quota exceeded)
  994. g_send_rewrite - Rewrite envelope recipient at send stage, does not change destination server
  995. g_send_speed - Bytes per second to limit each outgoing channel to, default no limit, eg 10k
  996. g_send_sslheader - Add x-encrypted header when sending via ssl
  997. g_send_store_disable - Disable sendstore smtp extenstion
  998. g_send_strip - Headers to strip when sending
  999. g_send_timeout - Timeout, in seconds when sending, default is 540 (9 minutes)
  1000. g_send_tolimit - Limit speed to send to one or more domains.
  1001. g_sent_archive - Archive old messages to Archives/yyyy/Sent folder, age in days
  1002. g_sent_nodup - Drop duplicates in Sent folder due to sent_store
  1003. g_sent_store - Store all sent messages in IMAP folder if smtp authenticated
  1004. g_server_name - SERVER_NAME to set for list of wildcard urls
  1005. g_server_stamp - Replaces SurgeMail and version string in received headers
  1006. g_setpassword_firstlogin - Accept any password on first POP login and set in database (EMERGENCY USE ONLY, requires nwauth -reasonfail parameter)
  1007. g_sf_binary - Use Binary Network
  1008. g_sf_disable - Smart Filter Disable
  1009. g_sf_generate - Build local smart filter
  1010. g_sf_ignore_users - Ignore user submissions just use automatic samples (obsolete)
  1011. g_sf_limit - Limit range of self training
  1012. g_sf_list - Use list mechanism for scoring
  1013. g_sf_nnet - Use Neural Network (Experimental, ONLY FOR TESTING)
  1014. g_sf_nosanity - Disables improved g_sf_binary with sanity checks
  1015. g_sf_obey_users - Obey user submissions about non spam, usually not a good idea
  1016. g_sf_rules - Use manual rules to improve scoring
  1017. g_sf_saneonly - Sane score only
  1018. g_sf_sanity2 - Enables improved sanity scoring
  1019. g_sf_sanity_test - Experimental setting never use
  1020. g_sf_test2 - Testing
  1021. g_share_home - Allow sharing of home directory
  1022. g_share_mail - Set true if mail area is shared (by nfs or other mechanism)
  1023. g_share_quota - Do quota on disk (e.g. when using nfs shared spool)
  1024. g_show_senders - Show top senders in domain admin pages
  1025. g_shutdown_ifmissing - Shutdown if specified file doesn't exist
  1026. g_shutdown_slow - Add 20 second delay to shutdown for debugging
  1027. g_skip_return - Skip return path
  1028. g_slow_welcome - Add 30 second delay to welcome message for debugging
  1029. g_smite_all - Add spamdetect and smitematch headers to all messages going past
  1030. g_smite_gateway - Add spamdetect and smitematch headers to gatewayed/redirected messages
  1031. g_smite_level - If smitematch score is above this drop message (just throw it away) e.g. 1
  1032. g_smite_skip - Whitelist/Skip spam scanner (and spf) if from matches this wild card (Whitelist)
  1033. g_smite_skip_auth - Skip spam scanner if user logged in
  1034. g_smite_skip_from - Skip spam scanner if from header/env matches this wild card
  1035. g_smite_skip_ip - Skip spam scanner if senders ip matches
  1036. g_smite_skip_only - Skip spam scanner if to matches this wild card and no other recipients that 'don't' match...
  1037. g_smite_skip_relay - Skip spam scanner if ip can relay
  1038. g_smite_skip_to - Skip spam scanner if to matches this wild card
  1039. g_smite_tag - Tag message with smitematch header if message is in spam database when read
  1040. g_sms_forward - Specifies IP's which are allowed to forward to SMS gateways
  1041. g_sms_gateway - Address and port of your sms gateway (use g_twilio instead)
  1042. g_sms_gateway_force - Force sms notifications to go to g_sms_gateway
  1043. g_sms_gateway_msgbytes - Maximum amount of message to send to g_sms_gatway (bytes)
  1044. g_sms_gateway_subjbytes - Maximum length of subject in sms message
  1045. g_sms_recover_text - Sent to users when SMS password recovery msg sent
  1046. g_smtp_allow_invalid - Allow messages with invalid headers
  1047. g_smtp_auth_debug - Auth Debug (do not use)
  1048. g_smtp_auth_ip - Ip Addresses to accept smtp authentication from
  1049. g_smtp_auth_off - Disable SMTP AUTH from unknown ip addresses (NOT RECOMMENDED)
  1050. g_smtp_big - Slow down incoming SMTP reads to get bigger packets (experimental)
  1051. g_smtp_bounce_nslow - Number of handles to use for doing slow rejections of smtp connections
  1052. g_smtp_chunking - Protocol Extension, never use
  1053. g_smtp_cmd_timeout - Seconds to wait after getting a message for next command (sendmail bug)
  1054. g_smtp_cram_enable - Enable CRAM-MD5 authentication (requires nwauth 4.0h or greater) - Not Recommended
  1055. g_smtp_data_bug - Fail on incoming emails for debugging
  1056. g_smtp_data_timeout - Seconds for timeout for data input, default 540 (9 minutes)
  1057. g_smtp_delay - Seconds to wait before responding to rcpts, 1-20, this reduces load on bulk senders
  1058. g_smtp_delay_stamp - Stamp header if sender sends data before seeing welcome response (usually spam)
  1059. g_smtp_etrn_auth - Only do etrn processing if user is authenticated
  1060. g_smtp_fast_bounce - Reject bad connections immediately
  1061. g_smtp_fix_nohead - Accept messages with no headers and try and cope
  1062. g_smtp_help_disable - Disable help in SMTP (minor security issue)
  1063. g_smtp_log_protocol - If true log SMTP protocol to log file
  1064. g_smtp_log_size - Size of smtp.log file
  1065. g_smtp_max - Max concurrent incoming SMTP connections
  1066. g_smtp_max_nolimit - Ip addresses that don't have max smtp limit applied
  1067. g_smtp_max_reason - Reason to give to user if g_smtp_max is exceeded
  1068. g_smtp_maxbad - Max bad command per session before dropping smtp link, default no limit
  1069. g_smtp_no_brackets - Allow from/rcpt without angle brackets
  1070. g_smtp_noauth - Limit SMTP to just these addresses (not generally useful) always include
  1071. g_smtp_noauth_msg - Message given when sender is told to use authentication because of g_smtp_noauth
  1072. g_smtp_noauthm - Limit SMTP to just these addresses (not generally useful)
  1073. g_smtp_noclear - Disable smtp buffer clear after starttls command
  1074. g_smtp_plain_hide - Hide 'plain' from the ehlo response
  1075. g_smtp_port - SMTP port to listen on, default is 25 (needs restart)
  1076. g_smtp_portauth - SMTP ports which require smtp authentication, typically 587,465
  1077. g_smtp_portforce - Block logins for ports not listed in g_smtp_portauth
  1078. g_smtp_secure_port - SMTP SSL secure port to listen on, default is 465
  1079. g_smtp_thread - Use seperate thread for incoming SMTP connections
  1080. g_smtp_vrfy_allow - Allow vrfy from these addresses, not recommended
  1081. g_smtp_vrfy_msg - Change Response to VRFY, e.g. 252 Not telling
  1082. g_smtp_warning - Send manager warning if this many sessions reached (max 1 per hour)
  1083. g_smtp_welcome_delay - Seconds to delay welcome message, drop if we get data before we send welcome, recommend 1-3 seconds
  1084. g_spam_alias_any - User aliase string e.g. "++" if defined then strip suffix from emails - not advised!
  1085. g_spam_allbad - Auto blacklist from/ip/to combinations
  1086. g_spam_allow - IP Wild card exceptions to spam limits
  1087. g_spam_allow_disable - Disable allow bounce messages
  1088. g_spam_allow_known - Unblock IP address if we have received messages from it for 3 days (so it's not a transient spammer)
  1089. g_spam_allow_msg - Template for unblock messages, use ||reason|| and ||allow|| and maybe a url
  1090. g_spam_allow_rbl - Give unblock message to RBL bounces too
  1091. g_spam_allow_rdns - Trust ip name for spam checking, not recommended
  1092. g_spam_allow_recent - Skip spam rules if recent pop ip number
  1093. g_spam_aspam - Scale for aspam, default is 1.0, Valid range is zero to two
  1094. g_spam_autotrain - Auto train spam filter good messages based on first 1000 outgoing emails
  1095. g_spam_black_auto - Auto blacklist for user when isspam pressed
  1096. g_spam_black_tospam - Put blacklist matches in spam folder
  1097. g_spam_block - Block spam (as decided by spf etc), if not set then user or domain can set
  1098. g_spam_block_gateway - Block spam gatewayed messages too
  1099. g_spam_block_msg - Template for spf blocked message if allow is disabled
  1100. g_spam_body - If spamdetect score is above this, add spamdetect header at top of message body NOT RECOMMENDED e.g. 7
  1101. g_spam_body_more - Add more info to spam body (ip address, ptr address, reply to and bounce address)
  1102. g_spam_body_url - Text part of info to add to body, usually a url to your site
  1103. g_spam_bounce - If spamdetect score (number of '*'s) is above this, bounce message. Never set below 14
  1104. g_spam_bounce_all - If spamdetect score is above this, bounce message, applies to all messages regardless of user settings. e.g. 7 NEVER USE THIS
  1105. g_spam_bounce_store - If true store rejected spam in Spam_Rejected folder
  1106. g_spam_bounce_text - Error to return to user when message is bounced due to g_spam_bounce setting
  1107. g_spam_bounce_trusted - If spamdetect score is above this, bounce message if trusted (spam_allow or authenticated)
  1108. g_spam_catcher - Addresses on web pages that shouldn't get any email (robot bait)
  1109. g_spam_char - Character to use instead of '*' for smitespam headers (best left alone if possible)
  1110. g_spam_check_auth - Don't skip spam rules for authenticated users
  1111. g_spam_cmd - Command line spam checker, use $FILE$ in cmd parameters
  1112. g_spam_cmd_if - If internal spam rating is below this number, then run external filter
  1113. g_spam_cmd_reject - If external filter returns number larger than this reject
  1114. g_spam_cmd_skip - If internal spam rating is below this number, then skip external filter
  1115. g_spam_content_disable - Disable aspam_content.txt rules
  1116. g_spam_flag - Add X-SPAM-FLAG: Yes header if smite score is above this level
  1117. g_spam_folders - Train on any message dropped into the relevant folders
  1118. g_spam_folders_show - List the special folders for all users
  1119. g_spam_from_blacklist - Fetch list of bad domains to reject email from - not recommended
  1120. g_spam_from_max - Max outgoing messages per ipaddress/return path pair, 30 minutes, e.g. 5000
  1121. g_spam_grey - OBSOLETE DO NOT USE, Enable old greylisting for spf mechanism
  1122. g_spam_grey_bounce - Bounce if message was allowed due to grey listing, and spam score is above this, default 8 (was 4)
  1123. g_spam_grey_classc - Apply grey listing to x.x.x.*
  1124. g_spam_grey_dflt - Enable greylisting for spf default accept events (not recommended)
  1125. g_spam_grey_dflt_bad - Enable greylisting instead of allow in some cases (recommended for block or strict)
  1126. g_spam_grey_nofive - Skip 5-6 minute black window for these domains
  1127. g_spam_grey_nohard - Avoid hard spf bounces always try and do a grey list instead
  1128. g_spam_grey_nseen - Number of messages from an unknown host, default is 6
  1129. g_spam_grey_size - Size of grey listing table, default is 3000
  1130. g_spam_grey_verify - Skip grey listing if host was not listening
  1131. g_spam_grey_window - Window to block bad messages, typically 60 seconds
  1132. g_spam_header_trust_ip - List of IP addresses from which to trust/accept existing X-SpamDetect headers in emails
  1133. g_spam_hold_hide - Hide spam hold settings for end users and other held2pend user.cgi tweaks
  1134. g_spam_hold_keep - Number of days to store users spam hold messages - OBSOLETE see G_FRIENDS_PENDING_KEEP
  1135. g_spam_info - Info line and url to explain aspam system
  1136. g_spam_info_hide - Removes the x-spamdetect-info header line
  1137. g_spam_internal - Enable new 'internal' spam processing
  1138. g_spam_isspam_ignore - Don't block messages from ip addresses recorded as a spam source
  1139. g_spam_isspam_kind - Allow isspam from recent pop, gateway to etc
  1140. g_spam_nobounce - Remove old user held/vanish but after 5.2 will allow bounce
  1141. g_spam_nolang - Don't add header with a guess at body language
  1142. g_spam_notrain - Disable isspam and notspam addresses for user training
  1143. g_spam_notspam - Address that non authenticated users can send non spam to.
  1144. g_spam_noupdate - Disable fetch of aspam filter rules etc from netwinsite
  1145. g_spam_phishing - Download list of known phishing addresses and block outgoing email to them
  1146. g_spam_phishing_ok - Allow to these addresses even if phishing database blocks them
  1147. g_spam_phrase - Enable auto spam phrase filter
  1148. g_spam_poly - Scale for poly word matching, default is 0.1, Valid range is zero to two, Use 1.0 to enable, EXPERIMENTAL
  1149. g_spam_poly_disable - Disable poly code.
  1150. g_spam_private - Enable users to define 'private' extensions user--STUFF@domain
  1151. g_spam_probe_enable - Probe suspect urls to find spammers - can cause RBL
  1152. g_spam_probe_friends - Probe even if email is from a friend
  1153. g_spam_probe_more - Probe even if email is from a known ip address
  1154. g_spam_probe_unknown - Probe any unknown url (dangerous)
  1155. g_spam_probe_whois - Do whois lookups on web pages found in probe
  1156. g_spam_share - Use and share some spam/aspam information with central server (netwin) experimental
  1157. g_spam_status_hour - Process all spam status messages at this time (disk io intensive)
  1158. g_spam_status_monthly - Send monthly spam status even if no messages pending
  1159. g_spam_subject - If score is above this, add spam rating to subject (Spam: ****) e.g. 8
  1160. g_spam_subject_dom - Destination domains to tag subject for
  1161. g_spam_subject_gateway - If true then spam_subject setting applies to gatewayed messages too
  1162. g_spam_subject_word - The word that gets added to subject, default is 'Spam', UCE is another good one
  1163. g_spam_url - Scale for url word matching, default is 1.0, Valid range is zero to two
  1164. g_spam_user_badto - Max bad recipients from authenticated user per 30 minutes, e.g. 50
  1165. g_spam_user_max - Max messages an authenticated user can send per 30 minutes, e.g. 5000
  1166. g_spam_user_skip - Users to skip g_spam_user_max limit for
  1167. g_spam_user_warn - Alert user when they send this many messages in one day, .8 to alert at 80% of max
  1168. g_spam_user_warn_msg - Message when user approaches send limit
  1169. g_spam_userconfig - Allow users to specify specific spam features
  1170. g_spam_vanish - If spamdetect score (number of '*'s) is above this, vanish message if local delivery. NEVER USE THIS
  1171. g_spam_vanish_all - If spamdetect score is above this, vanish message, applies to all messages regardless of user settings. NEVER USE THIS
  1172. g_spamdetect_some - Only show spamdetect header for bad scores
  1173. g_spawn_log - If true the spawns are logged to lib_spawn.log
  1174. g_speech_cmd - Command to convert sound file to text (append .txt to filename)
  1175. g_speech_end - End text after the converted text
  1176. g_speech_from - Only attempt conversion if from this email address
  1177. g_speech_info - Intro text above the converted text
  1178. g_speech_size - Default 10mb, will not convert larger files
  1179. g_spf_baddns_skip - If spf dns failure then allow message through (instead of giving retry error)
  1180. g_spf_byemail - Perform allow bounce confirmation via email.
  1181. g_spf_debug_log - Enable spf.log file
  1182. g_spf_default - (strict only) Default spf record if none found default 'mx/16 a ptr:%{d2} -all'
  1183. g_spf_default_noblock - (strict only) Only stamp headers if default spf record fails when no real spf header
  1184. g_spf_dns_timeout - Seconds to wait for dns lookups for spf, best not to change
  1185. g_spf_domain - Domain for SPF rewrite and allow messages (defaults to first domain on server)
  1186. g_spf_enforce - List of wildcard/domains to enforce spf for, e.g.,*bank*
  1187. g_spf_enforce_auto - Enforce spf for commonly forged domains,*bank*
  1188. g_spf_enforce_known - Enforce spf even if we think this ip address is safe
  1189. g_spf_enforce_local - If spf fails and it's a local domain then skip grey listing and bounce
  1190. g_spf_enforce_real - Enforce spf for domains with strong spf entries
  1191. g_spf_fake - Fake spf record to use for testing
  1192. g_spf_header - Use g_verify_mx_skip and apply to resulting ip
  1193. g_spf_mode - Do SPF check and then perform action, stamp | block | strict, action is conditional on [g_]spam_block settings
  1194. g_spf_noallow - Give hard bounce (no allow message) for spf failures for these domains & ignore friends
  1195. g_spf_nocache - Disable SPF cache
  1196. g_spf_nofriend - Ignore friends for spf
  1197. g_spf_nogrey - Skip SPF grey listing for these domains (require allow response)
  1198. g_spf_norewrite - Exceptions to rewrite rule, e.g. *@my.domain,bob@this.domain
  1199. g_spf_required - Require an spf entry for these domains
  1200. g_spf_rev_skip - Skip SPF checks if reverse ip name matches in this list, e.g. *
  1201. g_spf_rewrite - Rewrite 'from' envelope in redirected mail (SRS)
  1202. g_spf_rewrite_gateway - Rewrite even if gateway rule applies
  1203. g_spf_rewrite_relay - Rewrite even if from ip is a host to relay for
  1204. g_spf_share - List of hosts to share allow ips with. Must all have same srs.secret file
  1205. g_spf_skip - Skip spf checks for these ip addresses, e.g. other mx hosts
  1206. g_spf_skip_from - Skip based on from, e.g. noreply@*,..., Also skips RBL
  1207. g_spf_skip_to - Skip based on rcpt to, also skips RBL rules,...
  1208. g_spf_timeout - Seconds to wait for all spf lookups to finish, default 48 seconds
  1209. g_spf_user_domain - Make allow bounces use destination user domain name
  1210. g_spf_very_strict - (strict only) Only give 'allow' option for default spf rule failures not real ones
  1211. g_spf_web_url - Specify full url for spf byweb commands
  1212. g_spflog_domains - Specify which domains should get spflog entries sent to them.
  1213. g_spflog_enable - Enable this if this server is a frontend for a SurgeMail server users log into.
  1214. g_spool_path - Scan this directory for *.msg files to send as emails
  1215. g_ssl_allow - IP Wild card list to allow SSL encryption from
  1216. g_ssl_allow_fix - Disable incoming ssl on ssl failure from an ip
  1217. g_ssl_allow_imap - IP Wild card list to allow SSL encryption from for imap
  1218. g_ssl_auto - Generate letsencrpt ssl certificates automatically for all domains
  1219. g_ssl_ciphers - List permitted ciphers, DANGEROUS
  1220. g_ssl_ciphers_add - More permitted ciphers (added to g_ssl_ciphers) DANGEROUS
  1221. g_ssl_ciphers_web - List permitted ciphers for web, DANGEROUS
  1222. g_ssl_disable - Disable protocols tlsv1,tlsv1_1,tlsv1_2,sslv2,sslv3
  1223. g_ssl_disable_des - Disable DES ciphers, breaks outlook on XP
  1224. g_ssl_disable_port25 - Prevent ssl on port 25
  1225. g_ssl_disable_renegotiation - Disable SSL renegotiation.
  1226. g_ssl_disable_sslv2 - Disables ssl 2.0 support for enhanced security
  1227. g_ssl_disable_sslv3 - Disables ssl 3.0 support for enhanced security
  1228. g_ssl_disable_tlsv1 - Disables tls 1.0, not recommended
  1229. g_ssl_disable_tlsv1_1 - Disables tls 1.1 support, not recommended
  1230. g_ssl_disable_tlsv1_2 - Disables tls 1.2 support, breaks LETSENCRYPT, NEVER USE
  1231. g_ssl_disable_web - Disable protocols for web only
  1232. g_ssl_dmalloc - Enable dmalloc tracking in ssl
  1233. g_ssl_fips - Enable FIPS mode crash if not available (DO NOT USE)
  1234. g_ssl_guess_domain - Guess domain using SSL hostname to allow login without
  1235. g_ssl_honor - Honor server cipher order
  1236. g_ssl_lets_exclude - Domains urls to not update, user must copy from ssl to lets folder
  1237. g_ssl_lets_path - Path to webservers /.well-known folder for letsencrypt
  1238. g_ssl_lets_slave - Run letsencrypt on SLAVE too
  1239. g_ssl_per_domain - Create/use an SSL certificate for each domain
  1240. g_ssl_perfect - Apply good SSL settings, best to remove g_ssl_ciphers setting too
  1241. g_ssl_require - IP Wild card list to require SSL encryption from
  1242. g_ssl_require_imap - IP Wild card list to require SSL encryption from for IMAP
  1243. g_ssl_require_in - Local domains that must only receive SSL messages
  1244. g_ssl_require_login - IP Wild card list to require SSL encryption for POP/IMAP/SMTP don't use with broadworks
  1245. g_ssl_require_out - Remote ip, remote domain for which we must send using SSL
  1246. g_ssl_require_smtp - If IP matches then require SSL for incoming SMTP message
  1247. g_ssl_require_web - Require https for most web features (excluding blogs file sharing and surgeplus)
  1248. g_ssl_retry_seconds - Second to try and establish ssl connection, default is 5
  1249. g_ssl_sha1_sign - Obsolete, sha256 is now always used
  1250. g_ssl_test_fail - Break ssl to test auto downgrade
  1251. g_ssl_try_from - Try and start ssl mode if from this user, e.g. *
  1252. g_ssl_try_not - Skip ssl for these hosts
  1253. g_ssl_try_out - Try and start ssl mode to these hosts
  1254. g_ssl_verify - Domains that must have valid ssl certificates
  1255. g_ssl_warn - Send users weekly reminder if they keep using non SSL logins
  1256. g_ssl_warn_ignore - Don't give warnings if user is from this trusted host
  1257. g_ssl_warn_text - Last line of email warning sent to user if SSL not used
  1258. g_sstat_disable - Disable netwin statistics gathering.
  1259. g_stack - For testing only, NEVER SET THIS
  1260. g_stack_imap - For testing only, NEVER SET THIS
  1261. g_startup_delay - Seconds to wait before starting surgemail
  1262. g_status_login - Require login for spam status actions
  1263. g_status_url - Specify default global url for status messages
  1264. g_status_view_html - Obsolete setting
  1265. g_store_dropped - Store upto 5000 bad bounces in the dropped directory
  1266. g_subject_blank - Subject header if one is missing
  1267. g_surbl - SURBL Spam URI Realtime Blocklists
  1268. g_surbl_from - Also check the return path
  1269. g_surbl_reject - Reject email with SURBL hits
  1270. g_surbl_skip - URL's to allow even if listed in surbl
  1271. g_surbl_skip_ip - Skip SURBL check if sender is from listed ip
  1272. g_surbl_whois - Also check whois info on suspect urls - not for busy servers!
  1273. g_surgeblog - Specialize SurgeMail as a Blog server
  1274. g_surgeplus_delay_tell_upgrade - Delay informing existing users about new SurgePlus versions for
  1275. g_surgeplus_delay_tell_upgrade_exempt - Users exempt from delayed new version informing
  1276. g_surgeplus_hide_client_downloads - Hide the links to download and install SurgePlus Windows client
  1277. g_surgeplus_links - Add web links to SurgePlus from other web interfaces (and vice versa) for users allowed to use SurgePlus.
  1278. g_surgeplus_log_level - SurgePlus log level. 'none', 'info', or 'debug'. Default is 'info'
  1279. g_surgeplus_online - Enable online tracking in surgeplus
  1280. g_surgeplus_pop_server_name - Default pop server to set SurgePlus client download to connect to.
  1281. g_surgeplus_port - SurgePlus port to listen on, default is 7110
  1282. g_surgeplus_secure_port - SurgePlus SSL secure port, default is 7995
  1283. g_surgeplus_smtp_server_name - Default smtp server to set SurgePlus client download to connect to.
  1284. g_surgeplus_web_port - SurgePlus web port to listen. Default is to use HTTP webmail port
  1285. g_surgeplus_web_url - Direct SurgePlus users to access shared files at this url
  1286. g_surgewall_ignore_error - Deliver even if some rule sais bounce
  1287. g_surgewall_redirect - Allow redirect/responder for surgewall
  1288. g_surgewall_split - Split up surgewall messages, one per recipient
  1289. g_surgeweb_backend_server - Backend machine to connect to
  1290. g_surgeweb_backend_web - Backend machine to connect to
  1291. g_surgeweb_benchmark - Log web request timing info for surgeweb benchmarking - matches ip addresses
  1292. g_surgeweb_cache_less - Reduce surgeweb caching
  1293. g_surgeweb_debug - Log surgeweb debug info - matches ip addresses or email addresses - avoid
  1294. g_surgeweb_disable - Disable access to SurgeWeb
  1295. g_surgeweb_forgot_show - Show forgot password link on surgeweb login page
  1296. g_surgeweb_ics - Surgeweb email/calendaring integration (ie ics file processing and sending)
  1297. g_surgeweb_idle_timeout - Idle timeout for surgeweb sessions (hours, default=48)
  1298. g_surgeweb_logall - For requests matching g_surgeweb_debug also leave all webio & temp files - avoid
  1299. g_surgeweb_path - Change surgeweb path
  1300. g_surgeweb_process - Run surgeweb in it's own process (beta)
  1301. g_surgeweb_remember_timeout - "Remember" timeout / max session length for surgeweb sessions (days, default=14)
  1302. g_surgeweb_restrict - Restrict surgeweb use to these accounts only
  1303. g_surgeweb_testing - NEVER USE
  1304. g_surgeweb_testrig - Disable session cache for testrig
  1305. g_surgeweb_work - Path to Surgeweb cache/work files
  1306. g_tarpit_badrcpt - Delay rejection of bad recipients (in seconds, default 4s)
  1307. g_tarpit_blackhole - Reject the email one recipient at a time
  1308. g_tarpit_drop - Drop link and ban for 1 hour if tarpit limits exceeded
  1309. g_tarpit_hacker - Slow DOS attacks in some situations
  1310. g_tarpit_max - Number of local recipients before slowing down per 30 minutes
  1311. g_tarpit_max_remote - Number of remote recipients before slowing down
  1312. g_tarpit_retry - Send retry error, 450 if tarpit limits exceeded
  1313. g_tarpit_skip - Skip tarpit limit for these destination users or domains, e.g. *
  1314. g_tarpit_skip_from - Skip tarpit limit for messages from these users e.g. *
  1315. g_tcp_bf_size - Set tcpip snd/rcv buffer sizes, best left blank
  1316. g_tcp_proxy_ip - Enable TCP proxy protocol for specific address
  1317. g_tcp_que_len - Length of listen queue for incoming connections
  1318. g_tcp_read_timeout - Timeout in 'seconds' on pop connections, do not adjust. (default 600)
  1319. g_tellmail_ip - Addresses to allow tellmail commands from (should never be *)
  1320. g_thread_log - Enable thread.log
  1321. g_thread_max - Max threads allowed on this system (best not changed)
  1322. g_thread_max_restart - Crash and restart if max threads exceeded from local ip on smtp
  1323. g_thread_pool - Keep all threads in a common pool
  1324. g_thread_reuse2 - Reuse threads - fixes unix bug - not implemented
  1325. g_thread_smooth - Throttle thread creation as max hit to reduce peaks
  1326. g_thread_spinlock - Spin more before sleeping when waiting for mutex
  1327. g_timeout_try_later - If timeout while waiting for message to arrive tell other end to retry
  1328. g_timezone - Places in timezone part of date string, e.g. +1200 NZT. Please leave blank!
  1329. g_timezone_force - Hours offset to local time, e.g. 5 (best left blank)
  1330. g_tmalloc_log - write tmalloc.log for gd library memory access.
  1331. g_to_valid - Require an @ and dotted domain in all dest addresses
  1332. g_tohost_local - Authentication database tohost name entry to deliver locally (see g_proxy and g_route_by_tohost)
  1333. g_token_httponly - Use httponly flag, stop scripts using token, may break attachments
  1334. g_token_secure - Use secure flag for surgeweb, stops http access to token, so requires https to work
  1335. g_toscan_path - Path used for mime parts for virus scanner
  1336. g_train_store - Number of messages to store in each spam training directory (1000-5000)
  1337. g_twilio_from - Twilio SMS from phone number
  1338. g_twilio_sid - Twilio account SID
  1339. g_twilio_token - Twilio account TOKEN
  1340. g_uidl_big - Use random uidl if uidl not found
  1341. g_unique_name - A unique name for this server
  1342. g_url_alias - Allows translation from one url to another
  1343. g_url_enable - Enable widearea URL spam database
  1344. g_url_host_noscan - Disable the scan for url_host settings matching the domain in an incoming web request
  1345. g_url_master - Set if this is the central URL server (for netwin use only)
  1346. g_url_master_to - Central URL server email address (leave blank)
  1347. g_url_redirect - Sends http 301 redirect to tell browser resource has moved
  1348. g_user_access - User.cgi features granted to access groups
  1349. g_user_access_always - Run spam and filter regardless of access UI settings
  1350. g_user_access_default - Default user.cgi features granted to users
  1351. g_user_access_from - When sending use from for useraccess rules
  1352. g_user_access_webonly - Means user_access rules only stop web interface not actual spam checking etc
  1353. g_user_alias - Number of aliases accounts can create
  1354. g_user_alias_file - User aliases configuration file
  1355. g_user_block_time - Block chrisp from pop access for this time period
  1356. g_user_blogs - Number of blogs accounts can create
  1357. g_user_cookies - Enable browser cookies for user self management
  1358. g_user_delete - Let users delete themselves
  1359. g_user_disable - Filename listing users to disable
  1360. g_user_domainlist - Who to show domain dropdown list to on user.cgi login page and 'user' pages
  1361. g_user_filter_early - Process user exceptions/accept filters before tagging message as spam
  1362. g_user_friends_domain_log_disable - Disable domain level friend.log file
  1363. g_user_friends_log_disable - Disable user level friend.log file
  1364. g_user_hide_security - Hide user level security.log access
  1365. g_user_list_quota - Number of mailing lists users can create
  1366. g_user_mail_view - Whether an admin/manager can view/display users inbox mail
  1367. g_user_mfilter - Mfilter to run for individual user delivery, some features not supported
  1368. g_user_pipe - Pipe run on file just before delivery to user, $USER$ available on command line
  1369. g_user_receive_rule - Define valid source addresses for users in a group
  1370. g_user_report - Daily,Weekly,Monthly, emailed to managers of each domain
  1371. g_user_send_all - Apply all g_user_send_rules that match
  1372. g_user_send_ip - Block any ip that sends more than this many emails per day
  1373. g_user_send_max - Maximum number of emails per day (requires SMTP AUTH)
  1374. g_user_send_rule - Define valid recipient addresses for users in a group (requires SMTP AUTH)
  1375. g_user_send_warning - Warn manager if any user sends more than this many messages per day, e.g. 5000
  1376. g_user_send_white - No limit for these ip addresses/users
  1377. g_user_sms_quota - Number of sms messages accounts can send
  1378. g_user_status_from - Send status with return address of the user
  1379. g_user_status_fromhdr - Send status with return address of this
  1380. g_user_status_send - Number of days after which to send user status messages (0 = never)
  1381. g_user_utoken_days - Number of days a user self management login token is valid for
  1382. g_user_utoken_expire - Length of time a user self management login token is valid for
  1383. g_user_utoken_idle - Length of time a user self management login token may remain idle for
  1384. g_user_virus_scan - Allow virus scans for specific users instead of all users
  1385. g_utf8_case_insensitive - Use case insensitive compare for surgeweb and imap searches
  1386. g_vanish_any_bounce - Vanish all bounces, requires g_vanish_bad_bounces
  1387. g_vanish_bad_bounces - Vanish suspected spam bounces (requires g_received_name)
  1388. g_vanish_relay - Vanish bad bounces before relaying email too
  1389. g_vanish_virus_bounces - Vanish suspected virus bounces (requires g_received_name)
  1390. g_verify_helo - Verify helo name translates to same network as sending system
  1391. g_verify_image_hard - Use extra difficult human verification image (used in blogs)
  1392. g_verify_mx - Verify MX records contain senders IP address (see g_verify_mx_skip)
  1393. g_verify_mx_skip - Use to define incoming mail gateway ips so the mx verify doesn't fail on them
  1394. g_verify_smtp2 - Verify we can talk back to the SMTP port on incoming ip address
  1395. g_verify_timeout - Seconds to wait for SMTP response, default is 10 seconds
  1396. g_vipre_enable - Enable vipre scanner on windows
  1397. g_virus_allow_unmonitorable - Allow unmonitorable content (avast antivirus)
  1398. g_virus_avast_attachments - Only scan messages with suspect attachments (windows only currently)
  1399. g_virus_avast_hour - Hour of day to update avast definitions, e.g. 9 = 9a.m.
  1400. g_virus_avast_old - Enable AVAST virus scanner integration, OBSOLETE, DO NOT USE
  1401. g_virus_cloud - Use cloud scanner, not recommended
  1402. g_virus_cloud_wild - File types to cloud scan *.exe,*.com
  1403. g_virus_cmd - Virus checker for mime parts, use $FILE$ in cmd
  1404. g_virus_cmd_body - Scan raw msg file too
  1405. g_virus_cmd_codes - List of return codes to bounce message, e.g. 1,2,3,4,5
  1406. g_virus_cmd_drop - Drop silently instead of reject at data stage - not recommended
  1407. g_virus_cmd_email - Set if scanner can understand email message files
  1408. g_virus_cmd_log - Log stdout of virus command line scanner to vcmd.log
  1409. g_virus_cmd_max - Max concurrent threads that should run this command, if exceeded messages are not checked
  1410. g_virus_cmd_nodel - Disables cleanup of scanned files, so you can test manually
  1411. g_virus_cmd_size - Max size of messages to scan
  1412. g_virus_cmd_sleep - Milli seconds to wait after g_virus_cmd incase delete is not immediate, e.g 500 = half a second
  1413. g_virus_cmd_test - Continue after virus found to compare scanners
  1414. g_virus_debug3 - Testing virus scanners do not use
  1415. g_virus_disable_local - Disable scanning for local trusted users
  1416. g_virus_disable_remote - Disable virus scans for non-local addresses
  1417. g_virus_filter - Virus checker which works like an authent module (talk to on stdin/stdout) - vpipe
  1418. g_virus_filter_require - If any g_virus_filter pipe fails bounce messages rather than allow to continue
  1419. g_virus_fprot - Port for FProt mail scanner (usually 11200)
  1420. g_virus_late - Run virus scan after most spam filter processing
  1421. g_virus_localhost - Don't skip virus checks for originating emails
  1422. g_virus_recent_skip - Skip virus recent cache which attempts to speed up virus scanners
  1423. g_virus_rename - Rename executables by changing '.' to '_' prevents many auto run viruses
  1424. g_virus_rename_skip - Skip rename for these from/to addresses
  1425. g_virus_rename_skipauth - Skip rename if user sending is authenticated local user
  1426. g_virus_report - Report detected viruses to someone
  1427. g_virus_report_all - Report every virus using g_virus_report
  1428. g_virus_report_user - Report virus to recipients
  1429. g_virus_restart - Restart vpipe virus scanners every this many items
  1430. g_virus_scanner_list - List of files to be virus scanned *.exe,*.bat,etc...
  1431. g_virus_simple - Enable internal simple virus scanner
  1432. g_virus_simple_list - List of dangerous file extensions, *.exe,*.bat,etc...
  1433. g_virus_simple_skip - Skip simple check for from/to addresses
  1434. g_virus_simple_skipauth - Skip simple virus if user sending is authenticated local user
  1435. g_virus_simple_test - Compare with avast results
  1436. g_virus_simple_zip - Check zip files for executables and block
  1437. g_virus_skip - Skip virus scanner for matching from envelope
  1438. g_virus_skip_ip - Skip virus scanner for matching ip addresses
  1439. g_virus_strangers - Use simple attachment filter for non friends, turn off g_virus_simple
  1440. g_vpipe_concurrent - Concurrent requests to vpipe process, default is 7, set to 1 to debug vpipe issues
  1441. g_vpipe_fail_crash - If virus scanner fails, crash surgemail (for debugging)
  1442. g_vpipe_notag - Disable headers showing vpipe results in messages
  1443. g_vpipe_skip - Skip scanner for this IP address (e.g. trusted mailing lists)
  1444. g_vpipe_timeout - Timeout if scanner takes this long to respond default 60 seconds
  1445. g_warning_to - Addresses to treat as local and send warning bounces to
  1446. g_web_access_grp - Restrict user groups to specific web ports
  1447. g_web_access_ip - Restrict access to web ports based on ip
  1448. g_web_access_max - Maximum number of concurrent web logins for group
  1449. g_web_add - Add http headers
  1450. g_web_admin_max - Maximum number of concurrent web admin sessions
  1451. g_web_api_ip - Allow access to web based API for msg access
  1452. g_web_appsname - Apps url name on unified web interface
  1453. g_web_appsroot - Apply apps interface at web root ie /
  1454. g_web_charset - Charset for html pages
  1455. g_web_force_doctype_first_disable - Disable webserver behaviour to force doctype definitions to be displayed first.
  1456. g_web_forwarded_test - Fake the forwarded-for header
  1457. g_web_forwarded_uselast - Use last address in multiple item forwarded-for header
  1458. g_web_hide_source_names - Hide the name of the source template page in output web pages.
  1459. g_web_max - Max concurrent web connections, default is 100
  1460. g_web_max_perip - Max concurrent web connections per-ip, default is 60
  1461. g_web_noserver - Disable Server header in http responses
  1462. g_web_old_behaviour - Revert to old style webserver behaviour
  1463. g_web_php_exe - Path to php.exe
  1464. g_web_policy_disable - Disable obscure web policy security headers
  1465. g_web_ref_path_extension - Path extension to add to web page image/css references.
  1466. g_web_timeout - Timeout for web requests
  1467. g_web_title - Title to use on specified web page
  1468. g_web_trust_ip - Trust ip address from rev proxy web server X-Forwarded-For
  1469. g_web_url_path - Url to path translation with access specifier
  1470. g_web_utf8 - Make sure all user.cgi handling is done in UTF8
  1471. g_webdav_enable - Enable webdav access for users (do not use)
  1472. g_webdav_group - Only allow webdav if member of webdav access group
  1473. g_webdav_path - Root path for webdav storage
  1474. g_webdav_public - Enable non authenticated access to pub folder (readonly)
  1475. g_webmail_limit - Maximum number of concurrent webmail requests
  1476. g_webmail_popmode - Use POP3 instead of IMAP in WebMail.
  1477. g_webmail_port - HTTP Webmail port to listen on, default is 7080
  1478. g_webmail_save - Write surgehost.ini and other obsolete webmail config info
  1479. g_webmail_secret - Secret string used by webmail when sending the ip address of connecting users
  1480. g_webmail_secure_port - HTTPS secure WebMail port, default is https 7443
  1481. g_webmail_select_domain - Send select_domain instead of host in webmail autologins
  1482. g_webmail_timeout - Timeout for webmail or any cgi process (in seconds, default 360)
  1483. g_webmail_url - Url to the WebMail cgi
  1484. g_webmail_urladd - Url data to append to WebMail auto-login link
  1485. g_webmail_useip - Use the ip address in g_webmail_port setting
  1486. g_webmail_workarea - Path to WebMail workarea
  1487. g_winmail_fix - Replace winmail.dat with normal attachments, requires tnef installed first
  1488. g_winmail_reject - Rejects all winmail.dat files - this is a bit harsh
  1489. g_winmail_reject_send - Stops your own users sending winmail.dat files so they can fix their email client settings
  1490. g_work - Workarea for temp files
  1491. g_xauthuser_hide - Hide X-Authenticated-User header in processed mail
  1492. g_xfile_allow - Allow xfile & web upload features for users. Set to '*'
  1493. g_xrcpt_hide - Hide X-Rcpt-To header in locally delivered mail (not recommended)
  1494. g_xrcptoriginal_hide - Hide X-Rcpt-Original header in locally delivered mail
  1495. g_xserver_hide - Hide X-Server header in processed mail

WebMail settings

  1. see separate manual - further documentation to be completed