Also see the dedicated surgemail.com website with knowledge base and ticketing system

SurgeMail Configuration Settings Overview

This page is an automatically generated top level overview of all the surgemail settings.

Domain Specific Settings

  1. abook - Define surgeweb shared address books for this domain
  2. access_group_default - Default group to place users in
  3. admin_access_default - Default admin features granted to domain admins in this domain
  4. alias_file - Alias translation file for this domain, unix format
  5. alias_max - Maximum number of aliases for this domain
  6. assume_created_epoch - If user has no 'created' field assume they were created an arbitrarily large time in the past
  7. att_in - Detach attachments for incoming messages
  8. att_in_keep - Days to keep incoming attachments
  9. att_send - Detach attachments when sending messages
  10. att_send_keep - Days to keep sent attachments
  11. blogs_max_per_user - Number of blogs each account can create
  12. broad_sync - Broadsoft Sync Enable
  13. centipaid - Enable CentiPaid feature for matching accounts
  14. class - Define class of user for following commands to apply to
  15. comment - Management notes and comments about the domain
  16. create_block - Block new users from this ip
  17. create_cleanup - Cleanup existing data before adding a user
  18. create_delete_days - Number of days a disabled new account remains before deletion
  19. create_disable_days - Number of days new accounts remain active for
  20. create_image - Use verification image on signups
  21. create_linkto - Link to redirect to after successful live account creation
  22. create_max - Maximum signups from ip in time period
  23. create_repass - Users must enter their password twice on creation
  24. create_reqd - Required fields for new users, e.g. (phone,age)
  25. create_subdomain - Allow users to have their own subdomain - NO LONGER SUPPORTED
  26. create_tpl_dir - Relative directory (from /web) where 'netauth' pages are stored
  27. create_user - Method for adding new users
  28. delete_user_after - Number of days an account can remain unread before it is deleted
  29. disable_smtp_after - Number of days an account can remain unread before delivery is disabled
  30. disable_surgeplus - Disable SurgePlus Calendar/File Sharing
  31. dmail_bin_path - Path for dmail bin files to automatically convert delivered mail
  32. dmail_deliver - Deliver messages into dmail drop directories (not supported)
  33. dmail_drop_path - Path for dmail / sendmail style drop files to automatically convert delivered mail
  34. dmail_drop_prefix - Whether prefix is used on drop file names
  35. dmail_hash - Hashing scheme used by dmail_drop_path and dmail_bin_path
  36. dmail_skip_imap - Skip conversion of old imap *.mbx folders
  37. encrypt_ifnew - Allow surgeweb ifnew options
  38. encrypt_limit - Max encrypted msgs per user per day
  39. encrypt_limitsz - Max size of encrypted msgs per user per day
  40. encrypt_noconfirm - Disable confirmation for encrypted messages
  41. encrypt_rule - Domain level rules
  42. encrypt_smart - Encrypt smart features enabled for this domain
  43. encrypt_subject - Subject when encrypted message sent - default is original subject
  44. encrypt_surgeweb_hide - Hide lock icon on surgeweb
  45. encrypt_token - This setting is not used, instead use smart and ifnew settings
  46. enotify_from - From address to use in email notification messages
  47. expire_age - Expire inbox mail older than (days) CAUTION!
  48. expire_att_age - Remove attachments older than this
  49. expire_att_size - And larger than this
  50. expire_rule - Expire rules for specific folders, age is in days - Caution!
  51. expire_size - and larger than this
  52. fallback - Default address or catchall for this domain, NOT RECOMMENDED
  53. fallback_always - Also relay to old system even if user does exist - not recommended
  54. fallback_check - Check if user exists on fallback_relay host before accepting it
  55. fallback_domain - Fallback domain, rcpt is rewritten @ this domain name
  56. fallback_force - Use fallback even if user does exist as migration not started yet
  57. fallback_mx - Use mx lookup to find ip address for fallback_relay setting
  58. fallback_relay - Host to send messages to if user doesn't exist here
  59. fallback_users - Path to file listing all users to user fallback_relay for
  60. footer_file - Text footer file for this domain, FULL PATH required
  61. footer_html - HTML footer file for this domain, FULL PATH required
  62. forward_illegal - Ban forwards to these addresses
  63. friends_at_rcpt - Whether to check users friends list at rcpt stage
  64. friends_pending_name - The imap name of the friends_pending folder default is 'Friends Pending'
  65. friends_url - Specify full url for friends release http://domain.name:port domain specific setting
  66. from_exact - Check from matches authenticated user
  67. gateway_to - Send all email to another server
  68. header_add - Add header to posts 'from' this domain
  69. host_alias - Alternate name(s) for this domain
  70. imap_max_sync - Limit remote imap sync to this many items (not recommended)
  71. imap_public - Share IMAP folders between users
  72. imap_public_show - Auto subscribe public folders
  73. inbox_archive - Archive old messages to Archives/yyyy/INBOX folder, age in days
  74. language_default - Default language for user web interface
  75. late_forward - Apply domain users forwarding rules after friends, spam, and filtering
  76. ldap_anydomain - Lets users search other than their own domain in ldap
  77. ldap_disable - Stops ldap logins by users of this domain
  78. legal_archive_admin - Enable archive searching for domain admins
  79. legal_archive_disable - Disable legal archive for this domain
  80. legal_archive_hide - Hide legal archive for this domain
  81. legal_archive_keep - Days to keep legal archive, units=days unless you specify years or months
  82. list_disable - Disables creation of mailing lists.
  83. list_max - Maximum number of mailing lists for this domain.
  84. list_max_users - Maximum number of users allowed in all lists in this domain.
  85. loginfails - Disconnect user after this many password guesses
  86. lookup_relay_on_from - Looks up local from addresses to check for relay="true"
  87. mailbox_path - Path to mailbox (inbox) files
  88. manager_anyuser - Allow first domain admin to login to any users account
  89. manager_email - Domain managers email address (for email based account creation confirmation)
  90. manager_username - Domain managers username (for web based domain administration)
  91. msg_max_in - Max size for messages to users in this domain, largest applied if multiple recipients
  92. msg_max_out - Max size for messages sent by authenticated users of this domain
  93. old_imaphost - Old IMAP server:port - transition IMAP accounts and folders if user doesn't exist
  94. old_imaphost_always - Retrieve mail from old imap host on each login (slow - particularly for webmail)
  95. old_imaphost_createuser_disable - Disable old_imaphost user creation on first login
  96. old_imaphost_dom - Migration - Alternative domain on old server for login, also set fallback_domain.
  97. old_imaphost_file - Migration based on file
  98. old_imaphost_lowercase - Migration - All migrated folders are lowercase.
  99. old_imaphost_nodelete - Leave mail on the old server (disables old_imaphost_always)
  100. old_imaphost_nodomain - Strip domain from username when logging into old imap host
  101. old_imaphost_pass - Migration based on file - password field
  102. old_imaphost_prefix - Prefix for old imap server, e.g. mail//
  103. old_imaphost_skip - Migration - Comma seperate wild card list of migrate folders to skip past.
  104. old_imaphost_user - Migration based on file - user field
  105. old_inbox_both - Use pop & imap to migrate the inbox
  106. old_pophost - Old pop server:port - transition accounts and pending messages if user doesn't exist
  107. old_pophost_always - Retrieve mail from old pop host on each login
  108. old_pophost_bind - Bind outgoing connection during pop migration
  109. old_pophost_createuser_disable - Disable old_pophost user creation on first login
  110. old_pophost_inbox - Use pop to migrate the inbox and maintain uidls
  111. old_pophost_nodelete - Leave mail on the old server (disables old_pophost_always)
  112. old_pophost_nodomain - Strip domain from username when logging into old pop host
  113. old_pophost_nofetch - Disable fetching messages from pop host
  114. old_pophost_sep - Seperater, default is '@', e.g. some systems use %
  115. old_smtphost - SMTP host to check for existing users (when creating new accounts)
  116. old_smtphost_skip - Who to disable SMTP host checks for
  117. old_xfile - Migration - Copy xfile data across
  118. pop_min_time - Min seconds between pop logins (see warning)
  119. pop_welcome - POP connection message
  120. prefix - Database username prefix (deprecated, compatibility only)
  121. proxy_pop_nodomain - Strip domain when talking to proxy pop host
  122. quota_default - Default quota
  123. quota_domain - Total quota for the domain, e.g. 300mb, 2gig
  124. rcpt_msg - Response given for invalid recipient errors, message is prefixed by email address.
  125. recycling_imap - Make recycling visible to IMAP users
  126. redirect - Redirect messages from 'was' to the new 'to' address
  127. redirect_cc - Send carbon copy to another address
  128. redirect_hash - Share incoming message evenly between several accounts
  129. redirect_max - Limits the number of redirect rules
  130. security_suffix - Suffix for smtp/imap/pop login
  131. send_helo - Mail host A Record name used when sending helo to other servers - requires g_send_helo_from true
  132. sent_archive - Archive old messages to Archives/yyyy/Sent folder, age in days
  133. sent_store - Store users message in named folder automatically, e.g. Sent
  134. smtp_auth_off - Disable SMTP AUTH from unknown ip addresses
  135. smtp_from_ip - Require incoming email from matching ip
  136. smtp_welcome - SMTP connection message must start with hostname
  137. smtp_welcome_name - SMTP welcome connection hostname
  138. spam_block - Default for this domain to block spf etc failures
  139. spam_noblock - Disable spf blocking for this domain
  140. spam_strip - Strip spamdetect headers for this domain
  141. ssl_alias - Alternate ssl host names, e.g. mail.xyz.com,pop.xyz.com,smtp.xyz.com
  142. ssl_allow - IP Wild card list to allow SSL encryption from
  143. ssl_hsts - Send HSTS header to prevent accidental http access. Dangerous security feature if HTTP is ever needed
  144. ssl_pop_domain - Domain to use for ssl certificates for POP and IMAP
  145. ssl_require_login - Require ssl for this domain if ip matches
  146. ssl_require_web - Require https for most web features (excluding blogs file sharing and surgeplus)
  147. ssl_wildcard - Use if your ssl certificate accepts wildcards, e.g. *.my.domain
  148. status_url - Specify full url for status message e.g. http://domain.name:port domain specific setting
  149. surgeplus_pop_server_name - Default POP server for SurgePlus clients
  150. surgeplus_smtp_server_name - Default SMTP server for SurgePlus clients
  151. surgewall - Surgewall - Proxy this domain to specified mail server
  152. surgewall_auth - SurgeWall SMTP authentication
  153. surgewall_capa_local - Just return local imap capa response rather than remote
  154. surgewall_local_too - For web domain admin try local database too
  155. surgewall_options - Various SurgeWall options
  156. surgewall_saveusers - Save users in the local database as they login
  157. surgeweb_backend_server - Backend server to connect to
  158. surgeweb_backend_smtp - Backend smtp access (if non default)
  159. surgeweb_backend_web - Backend web access - for usercgi /surgeplus (if non default)
  160. surgeweb_custom - Surgeweb customisation level
  161. surgeweb_disable - Disable access to SurgeWeb
  162. suspend - Disable logins for entire domain
  163. suspend_incoming - Disable delivery and give 450 retry message
  164. url_alias - Allows translation from one url to another
  165. url_blogs - BLOGS host A Record name (if different from MX Record name - eg. blogs.mydomain.com)
  166. url_host - Mail host A Record name (if different from MX Record name - eg. mail.mydomain.com)
  167. user_access_default - Default user features granted to users in this domain
  168. user_alias - Number of aliases accounts can create
  169. user_auto - Auto create users when a login attempt occurs
  170. user_auto_always - Always create/reset password, other user* settings required.
  171. user_auto_pass - Auto create users with this password on message delivery
  172. user_centipaid - User Centipaid configuration options
  173. user_hide_security - Hide security logs from users
  174. user_list_quota - Number of mailing lists users can create
  175. user_max - Maximum number of users in this domain
  176. user_report - Daily,Weekly,Monthly, emailed to manager
  177. user_send_max - Maximum number of emails per day (requires SMTP AUTH)
  178. user_sms - Allow users to set up sms notifications
  179. user_sms_quota - Number of sms messages per account
  180. user_status_send - How often to send user status messages (0 = never)
  181. web_access_ip - Restrict access to web ports based on ip
  182. web_path - Path to web admin pages
  183. web_url_path - Url to path translation with access specifier
  184. webdav_quota - Webdav quota per user in this domain, e.g. 100mb
  185. webmail_host - The ip address or name of the machine to instruct webmail to connect to.
  186. webmail_url - Url to the WebMail cgi
  187. webmail_urladd - Url data to append to WebMail auto-login link
  188. webmail_workarea - Path to WebMail workarea
  189. xfile_url - Url to xfile files (see surgeplus utility)

Global settings

  1. g_about_disable - Disable about web page
  2. g_access_group - Grouped per user access limitations
  3. g_access_group_default - Default group to place users in
  4. g_access_surgeweb - Apply g_access_group rules to surgeweb sessions based on client's address
  5. g_access_surgeweb_ip - Ip addresses to allow access to surgeweb
  6. g_access_webonly - Users in this group can only use web not imap or pop
  7. g_acctlog_aliases - Log redirection & aliases in account usage too
  8. g_acctlog_noauth - Log sending usage based on from which may be fake
  9. g_acctlog_sum_inactive - Summarise local accounts that have not logged in yet as not_loggedin_yet@domain.com
  10. g_admin_access - Domain admin features granted to access groups
  11. g_admin_access_default - Default admin features granted to domain admins
  12. g_admin_guesses - Max guesses per IP for web admin access, e.g. 15
  13. g_admin_ip - Mask of valid IP addresses for web admin users (default *)
  14. g_admin_localhost - Allow localhost web admin without user/pass
  15. g_admin_login - Enable form based admin login
  16. g_admin_login_ip - Limit form based login to these ip addresses
  17. g_admin_readonly - System admins with readonly access to the management interface
  18. g_admin_session_time - Admin session timeout (minutes)
  19. g_admin_utoken_expire - Length of time a web admin session is valid for
  20. g_admin_utoken_idle - Length of time a web admin session may remain idle for
  21. g_alias_login_disable - Disable user login as alias
  22. g_allow_bodyless - If true bodyless mail messages will be accepted (usually spam)
  23. g_allow_passzip_from - A list of addresses to allow unmonitorable archive messages to be sent from
  24. g_allow_passzip_to - A list of addresses to allow unmonitorable archive messages to be sent to
  25. g_allow_user_authent_field_get - A space separated list of authent process fields that users are allowed to view for themself using the POP xauthent_field_get command
  26. g_allow_user_authent_field_set - A space separated list of authent process fields that users are allowed to set for themself using the POP xauthent_field_set command
  27. g_apple_bug1 - Apple bug allow content-length headers
  28. g_apple_bug2 - Apple bug2 don't try and return bad if looping
  29. g_arc_check - Check ARC signatures
  30. g_arc_sign - Sign with ARC when forwarding a DKIM signed message
  31. g_archive - Archive messages that match these rules
  32. g_archive_bucketsize - Size for archive bucket files. Default is 1mb
  33. g_archive_early - If true apply archiving before filtering is applied (superceeded by early flag on g_archive)
  34. g_archive_files - Archive attachments to a directory
  35. g_archive_on_delete_dir - Directory to archive user files to on delete
  36. g_archive_on_delete_off - Disables archive and instead deletes the files immediately
  37. g_archive_tcpip - Rules for TCPIP archive process
  38. g_archive_tcpip_host - Host to send archive data too
  39. g_aspam_headers - Add aspam information messages to messages.
  40. g_aspam_need_ip - Require good matches to match external ip address
  41. g_assume_created_epoch - If user has no 'created' field assume they were created an arbitrarily large time in the past
  42. g_atrest_all - Auto encrypt all msgs when users next login
  43. g_atrest_api - Enabe api for enabling atrest encryption - not needed
  44. g_atrest_crazy - No recovery admin password needed
  45. g_atrest_enable - At rest encryption. Unwise usually!
  46. g_atrn_client - Define a rule for fetching email using ATRN protocol
  47. g_atrn_port - Port to listen for 'atrn' (On Demand Relay) requests
  48. g_atrn_server - On Demand Mail Relay settings to define user/pass for clients to fetch mail
  49. g_att_enable - Allow users to enable attachment storage option
  50. g_att_in - Enable for incoming (by default)
  51. g_att_in_keep - Days to keep incoming attachments (2000)
  52. g_att_info - One line text explaining about the attachments
  53. g_att_local_only - Never detach if any recipient is non local
  54. g_att_max - If total msg exceeds this reduce g_att_min/10
  55. g_att_min - Min size to store, dflt 200k
  56. g_att_path - Path to store attachments
  57. g_att_send - Enable when sending (by default)
  58. g_att_send_keep - Days to keep sent attachments (90)
  59. g_attach_convert - Process matching attachments with specified command. Passed two files names
  60. g_auth_hide - Disable SMTP Authentication for this IP List/Wild card address
  61. g_auth_norelay - Ignore SMTP auth for relaying purposes
  62. g_auth_norelay_webok - Allow surgeweb sessions anyway.
  63. g_auth_path - Path to nwauth files
  64. g_auth_skipgateway - Skip gateway rules if we get a proxy SMTP auth command
  65. g_auth_trust - Trust authenticated user header from these servers
  66. g_authent_addip - Send ip address as third parameter to authent module
  67. g_authent_allow_badascii - Allow ascii chars outside the range 32 < 127
  68. g_authent_always - Always lookup user, so virtual domains can exist just in authent module, looses existing users files
  69. g_authent_any - Restore buggy behaviour of looking up users in domains that don't exist
  70. g_authent_cachebad - Set the life in seconds that the cached failed lookups can be used, default 60 seconds
  71. g_authent_cachelife - Set the life in seconds that cached authent lookups can be used, default 1 hour
  72. g_authent_cachesize - Set the size of the authent cache, default is 500 entries
  73. g_authent_case_sensitive - Make passwords case sensitive
  74. g_authent_decrypt - Collect and store plain text passwords for migration in file pass.decrypted
  75. g_authent_domain - If true add @virtual.domain.name to external user lookups, replaced with g_authent_nodomain setting
  76. g_authent_encrypt_key - Encryption key config settings
  77. g_authent_enforce - Days till we prevent user from logging in, NOT RECOMMENDED
  78. g_authent_fwdfile - Enables reading of old dmail .fwd files
  79. g_authent_info - User info names, fields and access rules
  80. g_authent_info_grp - Fields to show to users in this group
  81. g_authent_ip - Lookup ip numbers in authent database with @ip added, to find send_limit=n values, must define tarpit_max_remote and g_tarpit_drop
  82. g_authent_last_login - Store users last login time in the database
  83. g_authent_logall - Turns on logging of authent requests
  84. g_authent_lookup - Check if accounts exist using g_authent_pass too
  85. g_authent_nodomain - If true dont add @virtual.domain.name to external user lookups (NOT RECOMMENDED)
  86. g_authent_number - Number of authent processes to run
  87. g_authent_pass - Authent process to check passwords with
  88. g_authent_path_broken - Allow authent module to return drop path, strongly discouraged, and BROKEN!!
  89. g_authent_prefix_sep - Prefix separator, defaults to an underscore, a single character
  90. g_authent_process - Authent process command line
  91. g_authent_reminders - Days till we remind user to change password
  92. g_authent_require - Days till we require user to change password
  93. g_authent_restart - Cycle auth modules every 1000 lookups
  94. g_authent_single - Allow local users with a single quote char in their name
  95. g_authent_spaces - Allow spaces in passwords DO NOT USE
  96. g_authent_strip_domain - Domain to strip when doing authent lookups
  97. g_authent_timeout - Timeout for authent response, default 60 seconds
  98. g_autologin_file - File to use to share auto login information on NFS based cluster
  99. g_autologin_imap_disable - Disable IMAP based autologins
  100. g_autologin_newlogic - Streamlined logic for surgeweb to user.cgi autologin handover
  101. g_autologin_pop - Performs auto-logins using pop3, used by webmail
  102. g_backtrace_disable - If true backtrace code is disabled on unix
  103. g_bad_login_allow - Number of consecutive bad logins for a user before blocking that user
  104. g_bad_login_dumb - Give login failures even if known address
  105. g_bad_login_ip_allow - Number of bad logins from an ip before blocking that ip
  106. g_bad_login_ip_ignore - IP address(es) to allow any number of bad logins from
  107. g_bad_login_lockout - Lockout addresses permenantly - use if DOS attack
  108. g_bad_login_mins - Minutes to block login for, if consecutive bad ones received
  109. g_badfrom_badmx - If mx host is one of these addresses then drop the message, it's definitely spam (e.g. 127.*)
  110. g_badfrom_check - Check env from by connecting to it, always tick 'stamp' rule too or messages will bounce! NOT RECOMMENDED. DISABLED NOW!
  111. g_badfrom_from - From to use when doing the check, not normally needed, if set must be set to valid account
  112. g_badfrom_noip - Check envelope from domain exists and is a valid ip number, if not reject message
  113. g_badfrom_noip_temp - Makes g_badfrom_noip return a temporary error instead of a 501 error
  114. g_badfrom_stamp - Instead of bouncing message, just stamp a header to show if from address is no good
  115. g_badfrom_whitelist - List of domains that we don't try badfrom checking on (see g_smite_skip)
  116. g_ban_blackhole - Leave connected but reject all recipients without looking them up
  117. g_ban_from - Disconnect if this wild card matches the from envelope
  118. g_ban_helo - Disconnect if user says 'helo xxx' (or wildcard)
  119. g_ban_rcpt - Disconnect any user delivering to this address/wildcard
  120. g_bank_debug - Log request to bank server
  121. g_bank_group - Create price groups with descriptions
  122. g_bank_log - Log lines matching this in response.
  123. g_bank_ok - Find this in response, if found then charge was successful
  124. g_bank_pass - Password for authenticated web request to banks system
  125. g_bank_reason - This line is returned to user if it is found
  126. g_bank_url - URL to charge a credit card (experimental)
  127. g_bank_user - Username for authenticated web request to banks system
  128. g_bind_authent_default - Bind to default if authenticated
  129. g_bind_byfromip - Bind outgoing SMTP connections to the specified IP based on the sender IP
  130. g_bind_from - Bind outgoing SMTP connections based on 'from' envelope
  131. g_bind_in_always - Bind on incoming in preference to g_bind_from
  132. g_bind_incoming - Bind outgoing SMTP connections based on incoming ip address
  133. g_bind_out - Bind outgoing SMTP connections to this IP
  134. g_bind_to - Bind outgoing SMTP if to address matches
  135. g_bind_to_ip - The address to bind to
  136. g_bind_to_name - The name to use in the ehlo
  137. g_black_above - Level for spam detection for blacklisting ip number e.g. 10
  138. g_black_count - Number of spam in a row before we blacklist ip for 30 minutes, e.g. 30
  139. g_black_isspam - Blacklist ip address for any spam training event
  140. g_black_nbad - Blacklist ip address if this many bad recipients in a row (e.g. 8)
  141. g_black_to - Blacklist ip address if they deliver to these user@domain addresses
  142. g_black_white - Whitelist to prevent blacklisting, e.g. 1.2.3.*,mail*.aol.com
  143. g_block_files - Wild card list of files to bounce, e.g. *.exe,*.cmd
  144. g_block_longok - If true allow long file names (more than 180 char)
  145. g_block_skip - From or To address to bypass g_block_files
  146. g_block_wild - Block wild cards in usernames
  147. g_blogs_allow_links - Allow users to post comments that contain urls
  148. g_blogs_cleanup_links - Delete existing posts that contain urls
  149. g_blogs_comment_rev - Show blog comments newest first
  150. g_blogs_default_template - Default template set that is used by newly created blogs
  151. g_blogs_domonly - Only list blogs in a users domain
  152. g_blogs_enable - Surgemail blogs
  153. g_blogs_https - Use https for blog urls
  154. g_blogs_image_optional - Allow users to specify if image verification is required for comments
  155. g_blogs_max_per_user - Maximum number of blogs per user
  156. g_blogs_maximum_image_size - Default maximum image size
  157. g_blogs_maximum_image_width - Default maximum image width
  158. g_blogs_maximum_items_in_top_page - Maximum number of items on the top blog page
  159. g_blogs_no_suffix - Shortens URL, url_blogs must be defined for each domain
  160. g_blogs_not_global - Only allows access to a blog onthe domain it is defined on
  161. g_blogs_not_unique - Allow the same blog name in multiple domains
  162. g_blogs_ping - Sites to ping on each post
  163. g_blogs_sub_domain_prefix - Prefix to use instead of blogs. for blog subdomains. use ! to have no prefix.
  164. g_blogs_use_sub_domains - Make blogs accessible at http://blog_name.domain/
  165. g_body_filter - Enable user email body filtering
  166. g_bomb_max - Max msgs to a single email address/hour
  167. g_bomb_max_from - Max msgs from a single email address/hour
  168. g_bomb_white - don't apply bomb_max limit if to address matches
  169. g_bounce_bind - Use a specific ip address for outgoing bounces
  170. g_bounce_disable - Disable all bounces (NOT A GOOD IDEA)
  171. g_bounce_limit - Max size in bytes of message to send back as bounce, message is truncated if necessary
  172. g_bounce_nodrop - Enables locally generated bounces for non local users
  173. g_bounce_paranoid - Prevent external bounces going through surgemail
  174. g_bounce_redirect - Send all bounces to a local address
  175. g_bounce_reject - Reject bounces by ip address from known dumb mail servers
  176. g_bounce_safe - Only send bounces to local domains
  177. g_bounce_some_stop - Disables locally generated bounces for partial message failure - NEVER use this!
  178. g_bounce_suggest - Send bounces to postmaster if spf cannot be verified
  179. g_bounce_to - Domains to treat as local and send bounces to
  180. g_bounce_to_recipient - Bounce suregewall failure to the recipient
  181. g_breakin_enable - Stop multiple ip logins for one account in a few seconds
  182. g_breakin_n - Number of different ip's that trigger a lockout, default is 8
  183. g_breakin_short - Match on 1.2.3.* for ip addresses, helps with google sending
  184. g_breakin_white - Email addresses that can send concurrently from mulltiple ips (use * to allow everyone)
  185. g_breakin_window - Window in seconds, default is 300
  186. g_broad_noadd - Disable buttons on message
  187. g_broad_pass - BroadSoft pass
  188. g_broad_port - BroadSoft port
  189. g_broad_server - URL to BroadSoft server
  190. g_broad_url - URL to this server
  191. g_broad_user - BroadSoft user
  192. g_bughunt_enable - Enable specific bughunt logs
  193. g_bull_maxage - Delete bulletins over maxage days
  194. g_bull_rule - Post bulletins to this domain
  195. g_byname_old - Enable old slow domain lookup functions
  196. g_calendar_version - CalDAV / SabreDAV calendaring configuration version number
  197. g_callhome_disable - Disable misc features that reference netwinsite
  198. g_centipaid - CentiPaid address and port
  199. g_cgi_syntax_strict - Be stricter with cgi parsing (eg /cg/user.cgi~ becomes not found instead of user.cgi page)
  200. g_check_date - Reject messages if date is in the future
  201. g_cid_skip_to - Skip CID score, good for lawyers etc
  202. g_comment - Management notes and comments about the server
  203. g_con_gateway - Connection limit per ip also applies to gateways
  204. g_con_perip - Connection limit per ip - sum of SMTP/POP/IMAP (if over refuse connection)
  205. g_con_perip_except - Exception IP addresses to g_con_perip
  206. g_con_persubnet - Global concurrent connection limit per ip subnet x.x.x.*
  207. g_con_peruser - Connection limit per user for imap/pop. Set above 20
  208. g_con_peruser_except - Exception users to g_con_peruser, include domain name
  209. g_convert_percent - Convert % to @ sign in rcpt address
  210. g_cookie_secure - Set all cookies to secure mode on https connections
  211. g_country_allow - user@domain list to bypass country_login rule
  212. g_country_allowip - Ip addresses to bypass country_login rule
  213. g_country_ip - Tag messages with country of origin
  214. g_country_login - List of countries to allow logins from, 2 letter codes
  215. g_country_url - Url service for geo location checking
  216. g_cpu_notest - Disable cpu busy test
  217. g_cpu_slow - Email warning if no cpu for this many seconds
  218. g_crash_NOLOGGING - Crash without any logging on windows
  219. g_crash_nomini - Crash without minidump on windows
  220. g_crash_normal - Crash without catching signals 10,11 so good core dump on freebsd
  221. g_crash_simple - Crash simpler for solaris to avoid deadlock situation
  222. g_create_allow - List of characters allowed in usernames
  223. g_create_allow_pass - List of characters allowed in passwords, - is a range
  224. g_create_apply - List of user groups to apply create_* settings for.
  225. g_create_apply_admin - Apply allow* rules to the administrator
  226. g_create_badnames - List of illegal usernames
  227. g_create_cleanup - Cleanup existing data before adding a user
  228. g_create_dictionary - File containing dictionary words to compare passwords to
  229. g_create_pass_digit - Require one digit and letter in a password
  230. g_create_pass_length - Limit the length of user passwords
  231. g_create_pass_mixed - Require mixed case passwords
  232. g_create_pass_notuser - Ban password containing username
  233. g_create_pass_recheck - Recheck passwords during login and warn user if g_hack_touser is true
  234. g_create_pass_recheck_text - Added to end of recheck email to give users a url to a help page
  235. g_create_pass_slack - Slacken restrictions on trivial password creation
  236. g_create_pass_special - Require special character, e.g. !@#$%^&*(){}[];:?><.,
  237. g_create_record_ip - Causes surgemail to store ipnum in the authent database
  238. g_create_strict - Whether to apply strict rules to usernames/passwords
  239. g_create_strict_admin - Enforce strict rules for admins too, set g_create_strict AS WELL!!
  240. g_create_user_length - Limit the length of usernames
  241. g_date_add_utc - Add UTC if date header is missing it
  242. g_dbabble_links - Add web links to DBabble from other web interfaces (and vice versa)
  243. g_dbabble_smtp_port - DBabble SMTP port (do not manually change this setting - it should be set from the DBabble section of the web admin interface only)
  244. g_dbabble_smtp_prefix - DBabble SMTP prefix (do not manually change this setting - it should be set from the DBabble section of the web admin interface only)
  245. g_debug_block - For catching bugs in block file processsing
  246. g_debug_body - Save msg body during processing
  247. g_debug_check - Use more dmalloc debugging, some performance impact. Also set g_debug_free
  248. g_debug_crt - Some CRT debugging on windows, do not use
  249. g_debug_free - Check free memory isn't corrupted - slows performance slightly
  250. g_debug_freepc - 0-100 percent of malloc/free's to check later
  251. g_debug_image - Save image thumbnail files to find bug
  252. g_debug_imap - Log imap folder renames and deletes in kmsg.log
  253. g_debug_ini - Debugging, don't use this
  254. g_debug_ncpy - Debug ncpy function
  255. g_debug_ncpy2 - Debug ncpy clear only
  256. g_debug_padpc - 0-100 percent of malloc/free's to pad
  257. g_debug_timing - Record dfopen timing, tellmail dfopen_stats
  258. g_debug_vanished - Name of file to check for, if file vanishes, crash
  259. g_delete_exclude - Field and value that excludes an account from g_delete_user_after
  260. g_delete_user_after - Number of days an account can remain unread before it is deleted, NOT automatic! see docs!.
  261. g_delete_user_mode - Action when account is due to delete (write a command file etc...)
  262. g_delete_user_suspend - If suspending an unread account set this field/value.
  263. g_deliver_robot - Robot/Script to run at delivery time $FILE$ AND $TO$ parameters
  264. g_demo - Demo mode lock unsafe admin features
  265. g_demo_to - Demo mode valid external destinations
  266. g_deny - Block users from some ip addresses
  267. g_deny_country - Block email from some countries, use 2 digit code not the full name, see IpToCountry.csv, turn on g_country_ip!
  268. g_deny_log - Log g_deny rejections to msg.log - can clutter log
  269. g_deny_login - Block users from some ip ranges logging in
  270. g_deny_msg - Change the message for blocked ip addresses
  271. g_deny_smtp - Block users from some ip ranges connecting to SMTP only
  272. g_disable_exclude - Field and value that excludes an account from g_disable_smtp_after
  273. g_disable_qnum - Disable qnum msg header
  274. g_disable_skip - Ip address of senders to accept email from even if user account is disabled due to g_disable_smtp_after
  275. g_disable_smtp_after - Number of days an account can remain unread before delivery is disabled
  276. g_disable_surgeplus - Disable SurgePlus (SurgePlus is obsolete and not supported)
  277. g_disable_surgeplus_updates - Disable automated downloading of new versions of SurgePlus client from netwinsite.com
  278. g_disk_debug - Log slow disk access n
  279. g_disk_warning - Give manager warning if disk % exceeded, default 95%
  280. g_diskio_abort - Shutdown if diskIO failure on queue files
  281. g_distlist_public - Allow internet messages to make use of distribution list delivery
  282. g_dkim_allow - From addresses to not enforce dkim for
  283. g_dkim_allowip - From ip addresses to not enforce dkim for
  284. g_dkim_alt_domains - Use selector 'alt_name' for these domains
  285. g_dkim_alt_name - Name of selector to use
  286. g_dkim_always_force - Always uses force from even for local domains
  287. g_dkim_check - DKIM Check incoming DKIM signatures
  288. g_dkim_exclude - DKIM Domains to not sign for outgoing email
  289. g_dkim_force_from - Replacement from header to use for non local domains
  290. g_dkim_headers - DKIM List which headers to sign (blank=default, and is usually best)
  291. g_dkim_legacy_only - Revert pre 8.0f1 behaviour (DO NOT USE)
  292. g_dkim_lockfail_retry - If dkim lock fails retry later (as opposed to sending without signing)
  293. g_dkim_noforce - Don't replace from for these domains
  294. g_dkim_nogateway - Don't sign if gateway rule used
  295. g_dkim_only - DKIM Domains to sign for outgoing email (default is all)
  296. g_dkim_return - Sign if 'return path' matches g_dkim_only
  297. g_dkim_selector - DKIM Policy name for your server (used creating dns entry for dkim)
  298. g_dkim_sign - DKIM Sign outgoing messages
  299. g_dkim_skip - DKIM Destination Domains to not sign
  300. g_dlist_nolocal - Remove add local button from mailing lists
  301. g_dlist_nostart - If set then don't start dlist (dmail compatibility)
  302. g_dlist_one - Only allow one recipient if message is to a mailing list
  303. g_dlist_path - DList Path NOT SUPPORTED do not use! Also set in dlist.ini
  304. g_dlist_spam - Link list to user account
  305. g_dmail_filter - DMail compatible filter.txt file
  306. g_dmarc_allow - Allow user@domains to bypass dmarc, e.g. *@xyz.com
  307. g_dmarc_enforce - Enforce dmarc reject / quarantine more strictly do not use
  308. g_dmarc_none_quarantine - Treat a 'none' policy as quarantine rule
  309. g_dmarc_quarantine - If true store in spam folder if policy is quaratine
  310. g_dmarc_use - Reject and quarantine based on DMARC use this
  311. g_dmarc_whitelist - Use and share reputation data for dmarc whitelisting
  312. g_dns_blank_fail - NEVER USE! Bounce email if dns response blank rather than retry
  313. g_dns_cache_size - Set size of forward dns cache, default 7000
  314. g_dns_disk - Enables DNS disk cache
  315. g_dns_host - Host to send DNS lookups to
  316. g_dns_match_msg - Message for stamp or bounce if forward and reverse lookup don't match
  317. g_dns_nlookup - Concurrent DNS lookups to send to DNS server, default=20
  318. g_dns_nocache - Disables DNS cache for spf lookups (20 minute life)
  319. g_dns_noptr - Set to reject or retry, for ip addresses with no reverse dns entry (rdns)
  320. g_dns_noptr_msg - Message for stamp or bounce if DNS lookup fails on ip address
  321. g_dns_noptr_skip - Skip RDNS for these ip addresses
  322. g_dns_paranoid - Compare forward and reverse dns lookup and check they match (set to STAMP or REJECT) not recomended
  323. g_dns_require - Require MAIL FROM header matches senders ip reverse dns
  324. g_dns_retryretry - Retry lookup on next server if retry error
  325. g_dns_system - Use system code to do reverse lookups
  326. g_dns_test_blank - Break dns lookups to test how it's handled
  327. g_dns_threaded - Enable threaded dns lookups
  328. g_dns_translate - If mx response is x.x.x.x translate to y.y.y.y:port
  329. g_dns_unthreaded - Disable threaded dns lookups
  330. g_domadmin_utoken_expire - Length of time a domain admin login token is valid for in seconds
  331. g_domadmin_utoken_idle - Length of time a domain admin login token may remain idle for
  332. g_domain_create_auto - Auto create domain if it doesn't exist when creating a user
  333. g_domain_create_route - Auto create route to mx mail server
  334. g_domain_default - Default domain if user does not enter a domain on pop/imap login
  335. g_domain_list_max - Maximum number of domains to list at once
  336. g_domain_separator - Separator character for virtual domains
  337. g_domain_templates - Check for domain specific templates
  338. g_domuser_file - Domain user file. Create thousands of virtual domains easily
  339. g_dotlock_minutes - Minutes to wait for NFS lock file, default 20 minutes
  340. g_dotstuff_fix - Debugging setting, do not change or bad things will happen
  341. g_doweb - Do web part only
  342. g_download - Fetch an http file and do an ini reload
  343. g_drop_use_len - Use the content-len header for drop file processing (Solaris)
  344. g_dsn_enable - Enable DSN (Delivery Status Notification) esmtp extension.
  345. g_dsn_loggedin - Enable DSN (Delivery Status Notification) for trusted senders.
  346. g_dsn_nofinal - Try not to show real final recepients but just original recipients
  347. g_ehlo_8bitmime - Enable 8bitmime in ehlo response (NEVER USE)
  348. g_ehlo_fault - Internal - for generating/testing faulty ehlo responses
  349. g_ehlo_log - Log ehlo/bind to msg*.rec logs
  350. g_ehlo_simple - Ip addresses to give simple ehlo respone to
  351. g_ehlo_smtputf8 - Enable smtputf8 for matching ip addresses (NEVER USE)
  352. g_emailreg_enable - Enable whitelist http://www.emailreg.org register to use
  353. g_encrypt_config - Encrypt some config settings (passwords)
  354. g_encrypt_disable - Disable encryption
  355. g_encrypt_expire - Days to keep encrypted messages, default 60
  356. g_encrypt_inline - Use INLINE method by default
  357. g_encrypt_limit - Max encrypted msgs per user per hour
  358. g_encrypt_max - Max encrypted per day server wide
  359. g_encrypt_nodomain - Allow encryption for users without local domains
  360. g_encrypt_nofwd - Don't encrypt forwarded
  361. g_encrypt_noip - Don't encrypt if from this ip range
  362. g_encrypt_nolate - Disable encryption on late forwarding
  363. g_encrypt_none - Don't encrypt if subject starts with this
  364. g_encrypt_nowater - Show this if no water mark defined yet
  365. g_encrypt_path - Path to encrypted files, this is not supported when mirroring!
  366. g_encrypt_prefix - Prefix for encrypted messages must match encrypt rule so replies are encrypted
  367. g_encrypt_pw_host - Central host for encryption password storage
  368. g_encrypt_pw_key - Central host password key
  369. g_encrypt_reminders - Days before we send users a reminder to change passwords, not recommended
  370. g_encrypt_reply_plain - Send plain message for local replies
  371. g_encrypt_reset_easy - Send the reset request dirctly to the destination user - security risk!
  372. g_encrypt_reset_msg - Msg Body sent when password has been reset
  373. g_encrypt_reset_safe - When users password is reset, delete all messages to them
  374. g_encrypt_reset_sender - Msg Body sent to sender when password reset requested
  375. g_encrypt_reset_user - Msg to person when they click on reset password button
  376. g_encrypt_rule - Matches will be encrypted when sent
  377. g_encrypt_smart - Smart Encrypt Private Feature (not available)
  378. g_encrypt_ssl_force - Require ssl on incoming encrypted messages
  379. g_encrypt_ssl_noforce - Exceptions, e.g. surgeweb or localhost
  380. g_encrypt_surgeweb_show - Show SurgeVault in SurgeWeb
  381. g_encrypt_unlock - Unlock for these destinations. e.g. user@domain
  382. g_encrypt_wall - Encrypt surgewall msgs
  383. g_enotify_from - From address to use in email notification messages
  384. g_eof_fix_off - Turns off auto stripping of control+Z
  385. g_error_xlate - Change error messages
  386. g_event_list - Events wanted by url
  387. g_event_url - Send msg events to a url
  388. g_everyone - Create alias $everyone@domain.name
  389. g_expire_all_rules - Scan all users for rule files (not needed usually)
  390. g_expire_every - Only expire spool once every 'n' days
  391. g_expire_imaptime - Use message imap timestmap stored in the filename instead of filesystem last modified timestamp for expiry
  392. g_expire_onlyunread - For the inbox only expire message if they are unread
  393. g_expire_silent - Don't send users emails telling them what was expired.
  394. g_expire_trash - Expire any messages found in trash folders after 7 days
  395. g_expire_warning - Give warning 'n' days before deleting each file
  396. g_external_all - Tag messages from friends too
  397. g_external_dlist - Tag messages arriving for mailing lists
  398. g_external_ip_disable - Do not add X-External-IP header
  399. g_external_msg - Msg to insert at the top of external mails
  400. g_external_only - Enable only these destinations
  401. g_external_spam - Tag messages in spam folder too
  402. g_external_style - css style for the warning
  403. g_external_warn - Tag external messages from non friends
  404. g_external_white - Disable for return path matches
  405. g_external_white_to - Disable for these recipients
  406. g_fallback - Default address for all local domains
  407. g_fallback_relay_if_exists - Use FALLBACK_RELAY if not logged in but user exists (OLD_POPHOST_CREATEUSER_DISABLE)
  408. g_fast_time_off - Disable faster time function
  409. g_feat_testing - Testing setting do not use
  410. g_filter_max - Max size for items to be sent to filter_pipe, or g_user_pipe, default no limit
  411. g_filter_n - Concurrent filters to run at one time, default is 20
  412. g_filter_pipe - Filter program that accepts msg on stdin and sends on stdout
  413. g_filter_pipe_headers - Re-read headers after pipe finishes
  414. g_filter_pipe_noauth - Skip for auth users
  415. g_filter_pipe_skip - Skip filter if ip matches this
  416. g_filter_timeout - Filter timeout in seconds, default is 360
  417. g_find_wrong - Find domain based on IP even if url suggests other vdomain
  418. g_fix_crcrlf - Fix email messages containing crcrlf for line termination, NEVER USE
  419. g_fix_imap_lf - During IMAP import fix email messages containing lf
  420. g_footer_auth - Only add footer for authenticated local users
  421. g_footer_file - Footer file full path required
  422. g_footer_html - HTML Footer file, full path required
  423. g_footer_notfound - Only add footer if footer is not in message already
  424. g_footer_send - Footer file added to outgoing messages only (do not use with DKIM)
  425. g_footer_sendonly - If true only add footers when sending to non local users
  426. g_footer_skip - Skip footers for these users
  427. g_footer_skipfound - Only add footer if this text is not already in the message, requires g_footer_notfound
  428. g_footer_trusted - Only add footers if sender is trusted
  429. g_forgot_disable - Completely disable end user password reset features
  430. g_forward_attach - When late forwarding send as attachment to these domains
  431. g_forward_fixfrom - When late forwarding rewrite from/return path as local user, use G_SPF_NOREWRITE
  432. g_forward_illegal - Ban forwards to these addresses
  433. g_forward_oops - Internal testing setting, not for general use sorry
  434. g_friends_add_trusted - Add to friends list when if sender is trusted
  435. g_friends_allow_spf - Allow all email through as if it was a friend during temporary allow
  436. g_friends_always - Always use friends list.
  437. g_friends_at_rcpt - Whether to check users friends list at rcpt stage
  438. g_friends_autodom - Auto whitelist friends based on domain/ip
  439. g_friends_bounce_friend - Allow exception rules to bounce a mesesage from a friend
  440. g_friends_bounce_rej - Reject blank return path as friends failures
  441. g_friends_bounce_second - Bounce the next time the user sends a message if waiting for confirm still
  442. g_friends_byemail - Use old email based friends rejections
  443. g_friends_check_spf - Disable friends bounces if SPF headers missing/failed to avoid backscatter.
  444. g_friends_cleanup - Cleanup/repair large friend.lst files
  445. g_friends_confirm_debug - Log sucessful friends confirmation responses
  446. g_friends_confirm_subject - String to use as the subject of a friends confirmation email
  447. g_friends_daemon_ok - Accept emails from any mailer deamon
  448. g_friends_debug1 - NEVER USE, only for NetWin testing
  449. g_friends_default_autoadd - Default auto addition when sending (recommended)
  450. g_friends_default_mode - Default friends mode, smite (recommended) silent, or list
  451. g_friends_global_add - Add to a global friends list if ip matches and sender doesn't match authenticated user
  452. g_friends_global_auto - Enable global friendslist
  453. g_friends_global_exclude - Addresses not to auto add, e.g. *@paypal.com
  454. g_friends_ignore - List of addresses considered friends for all users on the system
  455. g_friends_ignore_trusted - If from trusted ip still apply friends
  456. g_friends_lang_auto - Set users language settings automatically based on observed emails from friends
  457. g_friends_latest_headers - Causes friends to re-read message headers, allowing rules based on headers added during delivery
  458. g_friends_local_match - If from!=returnpath and one is local, then block friends match
  459. g_friends_long - In friends web release addresses use a longer url
  460. g_friends_msg - Message used for friends bounce.
  461. g_friends_msg_link - Message used for friends link bounce.
  462. g_friends_name - What to call the friends system on pages and in email
  463. g_friends_obey_spf - If SPF failed then no friends match allowed for local domains
  464. g_friends_old_status_email - Use older status email & processing
  465. g_friends_only - Enable friendonly features - must be enabled by users too
  466. g_friends_pending_keep - Number of days to store users pending messages, default 14
  467. g_friends_pending_max - Max items in pending before deleting them
  468. g_friends_pending_name - The imap name of the friends_pending (and spam store) quarantine folder - should match surgeweb imap_spam_folder - default is 'Friends Pending'
  469. g_friends_pending_vanish - Enable auto-vanish of pending messages on confirmation bounce
  470. g_friends_release_wash - Clean any subject marking (ie stars) when releasing/allowing
  471. g_friends_rotate - Rotate user level log file, default 30k
  472. g_friends_safer - Make friends always avoid back scatter.
  473. g_friends_silent - Disable friends responses to users
  474. g_friends_silent_level - If spam score above this then don't send friends message
  475. g_friends_skip_ip - List of ip addresses considered friends for all users on the system
  476. g_friends_spam_score - Default level to quaranteen message in spam folder (Recommended 8 or 10)
  477. g_friends_spf - Refine friends matching using spf/dmarc when possible
  478. g_friends_spf_fail_bounce - Bounce SPF failures, do not send friends confirmations (Not recommended)
  479. g_friends_status_sort - Sort friends status messages with low scores at the top
  480. g_friends_testurl - Test g_friends_url and status_url and url_host work externally
  481. g_friends_url - Specify default global url for friends release http://domain.name:port
  482. g_friends_use_https - Use https port for friends urls
  483. g_friends_warnonce - Give bounce on only the first message
  484. g_from_allow - Other email addresses we allow, e.g. *@x.y.com,*@b.com,fred@bb.com
  485. g_from_allow_ip - IP addresses to bypass local from check
  486. g_from_allow_to - destination user to bypass local from check
  487. g_from_bl - Domain Based Blacklist Zones, lookups FROM domain in dns
  488. g_from_body_bounce - Reject if local from header address is probably faked
  489. g_from_bounce - Reject if local from envelope address is probably faked
  490. g_from_check - Check from domains match valid local domains if user is authenticated, or g_from_allow
  491. g_from_domain - Default domain for from envelope
  492. g_from_domain_match - Force domain of from and return path to match for outgoing email
  493. g_from_exact - Check from matches authenticated user
  494. g_from_force - From address for all sent messages
  495. g_from_header - From header used in delivery bounces
  496. g_from_list_too - Also enforce from rules from lists
  497. g_from_must_exist - Require local from addresses to exist or reject mail
  498. g_from_noforge - If envelope or from is local domain then the other must be too
  499. g_from_noforge_some - If from matches this then from/envelope must match
  500. g_from_noforgeme - If to==from then from and env from must match
  501. g_from_noforgename - If from contains two addresses the domains must match
  502. g_from_nofriend - If forge setting would bounce message then allow message but don't allow friend match
  503. g_from_ok - Whitelist for invalid from addresses we will permit
  504. g_from_relay - If not authenticated and g_relay_allow_ip matched then block if not local domain or whitelisted
  505. g_from_relay_white - White list of domains for g_from_relay setting
  506. g_from_rewrite - Rewrite from envelope for outgoing email, e.g. *@this.domain -> %1@another.domain
  507. g_from_rewrite_header - Rewrite the from header as well
  508. g_from_rewrite_sender - Rewrite the sender header as well
  509. g_from_stamp - Stamp if local from address is probably faked
  510. g_from_timeout - Timeout when checking bad from addresses, default 60 seconds
  511. g_from_valid - Require an @ and dotted domain in all return addresses
  512. g_gateway - Gateway messages for that domain to the specified address
  513. g_gateway_allow - Known hosts that act as incoming SMTP or surgewall servers for us
  514. g_gateway_always - Always send to gateway even if local domain exists
  515. g_gateway_auth - Send SMTP auth requests to another host
  516. g_gateway_data - Gateway at the data stage
  517. g_gateway_from - Pass 'from' header thru during gatewawy check
  518. g_gateway_helo - Header that must exist in incoming bounces (g_send_helo) or bounces are dropped
  519. g_gateway_ifnot - Send local deliveries to scanner (using gateway rule) before delivering locally, deliver locally if from ip matches
  520. g_gateway_ignorewild_ip - Ignore * gateway rules if from ip matches (allows outbound email scanning using gateway * to external scanner)
  521. g_gateway_mx - If specified IP address is found in mx record for destination then allow relay (not recommended)
  522. g_gateway_open - Allows an open relay setting in g_gateway
  523. g_gateway_orcpt - Writes an original receipt header when forwarding a message, this may disclose multiple recipients, cc/bcc etc use only for tracking faults
  524. g_gateway_shuffle - Round robbin shuffle of to ip addresses for gateway rules
  525. g_gift_disable - Disable check for imap gift hacker
  526. g_group_field - Auth field to add to group membership
  527. g_gzip_disable - Disable gzip web compression
  528. g_hack_detect_disable - Stop admin emails when users login with a weak password
  529. g_hack_msg - Message to send to users with a weak password
  530. g_hack_noemail - Disable weak password reports
  531. g_hack_report - Address to send weak password reports to
  532. g_hack_touser - Send warnings about hacking directly to users
  533. g_hack_url - Url for users to change password
  534. g_hacker_alert - Email manager if address is locked out
  535. g_hacker_days - Days to keep ipaddress locked out, default 7
  536. g_hacker_fwd - Email manager if user sets fowarding rule
  537. g_hacker_max - Login guesses for one ip address before we lockout the ip address
  538. g_hacker_more - Be more restrictive, don't allow /24 netblocks based on loginip
  539. g_hacker_password - If hacker attempts to login with account name as password, then blacklist ip
  540. g_hacker_passwords - Failed logins that use these passwords will lockout the ip address
  541. g_hacker_poison - Poison accounts. Instantly blacklist ip address e.g. root@*
  542. g_hacker_star - Lockout users who say * at us
  543. g_hacker_timeout - Lockout users who timeout smtp connections
  544. g_hacker_weak - If user tries weak password, lockout ip address
  545. g_hacker_whitelist - Ip addresses to avoid guessing issues
  546. g_header_out - Header to add to outgoing posts
  547. g_header_strip - Strip listed headers from incoming messages
  548. g_helo_optional - Helo is optional for SMTP protocol (not recommended)
  549. g_help_local - Make all help references to the local help files
  550. g_help_url - Link to another website for help instead of surgemail.com
  551. g_home - Home path of server configs log etc
  552. g_honeypot_key - Key for HTTP RBL service www.projecthoneypot.org - not recommended
  553. g_honeypot_rbl - RBL name to lookup, typically dnsbl.httpbl.org
  554. g_host_alias_sni - Fix fault where host_alias matches domain rather than ssl name
  555. g_host_ip - This host public IP address
  556. g_host_redirect - Redirection based on host for surgeweb's https_required redirection
  557. g_http_11 - Use http 1.1 requests to netwinsite (do not use)
  558. g_http_add_header - Add generic headers to web responses
  559. g_http_proxy - Proxy web server for fetching files from netwinsite.com if direct access fails
  560. g_imap_acl - Enable ACL (shared folders) in imap
  561. g_imap_acl_prefix - Changes prefix from ~ to ^ to fix IOS bug
  562. g_imap_allow_trailing - Allow leading/trailing spaces on folder names on linux, not a good idea
  563. g_imap_auto_create - Create folders matching this list in response to 'select' commands
  564. g_imap_auto_subscribe - Auto subscribe folders for users
  565. g_imap_blacklist - Test if imap users are in rbl's and email admin
  566. g_imap_capa - Where to get the CAPABILITY value from
  567. g_imap_capa_strip - Capability values to hide
  568. g_imap_cram_enable - Enable CRAM-MD5 authentication (requires nwauth 4.0h or greater)
  569. g_imap_debug - For NetWin use only
  570. g_imap_delay - Glob data into bigger packets, never use this
  571. g_imap_expunge_close - Expunge on every close, not recommended
  572. g_imap_folder - Type can be: Trash,Junk,Sent,Drafts,Archive
  573. g_imap_folder_create - Auto create default folders for Trash/Sent etc
  574. g_imap_friends - Make the friends_pending folder visible in imap
  575. g_imap_idle_free - Releases threads in 'idle' state DO NOT USE
  576. g_imap_idle_nsf - The number of seconds before a complete directory rescan. To be used on NFS network drives
  577. g_imap_inactive_free - Releases threads not active DO NOT USE
  578. g_imap_log - Enable imap.log logging
  579. g_imap_log_body - Log imap fetch body commands to msg*.rec log files
  580. g_imap_log_copy - Log imap copy commands to msg*.rec log files
  581. g_imap_log_flush - Flush imap log on every write (for debugging)
  582. g_imap_log_header - Log imap fetch header commands to msg*.rec log files (not usually needed)
  583. g_imap_log_main - Log imap to mail.log too (not recommended)
  584. g_imap_log_protocol - Log more of the protocol
  585. g_imap_log_size - Size of imap.log file
  586. g_imap_log_user - Log imap info to imap.log in users mdir folder
  587. g_imap_loop_report - Report imap loops of bad email clients
  588. g_imap_max_limit - Limits messages being put in folders
  589. g_imap_max_messages - The number of messages in a single imap folder, default 200000
  590. g_imap_maxbusy - Limit for concurrent requests per user, user is throttled if exceeded dflt 8
  591. g_imap_maxdup - Max duplicate imap fetch commands before we throttle connection, default 500
  592. g_imap_move - IMAP move extension
  593. g_imap_no_internal_date - Disables internal date which helps stupid outlook client show correct dates
  594. g_imap_old - Revert to old imap module
  595. g_imap_old_ip - Revert to old imap module for some ip's
  596. g_imap_pop_burst - Always burst using imap code
  597. g_imap_port - IMAP port to listen on, default is 143 (needs restart)
  598. g_imap_search_body - Build and use indexes for imap body searching
  599. g_imap_search_index - Build and use indexes for imap header searching
  600. g_imap_search_noattach - Skip non text attachments when searching
  601. g_imap_search_text - Use only body and header indexes, fast but won't get all matches
  602. g_imap_search_timeout - Limit on imap search, default is 180 seconds
  603. g_imap_secure_port - IMAP SSL secure port to listen on, default is 993
  604. g_imap_size_fetch - If true, will display message sizes on fetch command. (ie * 123 EXISTS)
  605. g_imap_spam_train - Train if moving message to 'spam' folder, or from 'spam' folder to inbox
  606. g_imap_status_cache - Cache imap status responses (Obsolete, use _stored setting)
  607. g_imap_status_stored - Keep imap folder counts stored on disk
  608. g_imap_sync_all - Apply imap_max_sync to all folders
  609. g_imap_sync_nomax - Exception to imap_max_sync setting
  610. g_imap_testing - Test imap module instead of normal one (not functional)
  611. g_imap_throttle - Limit for sustained imap commands per second before warning admin, default is 5
  612. g_imap_throttle_exclude - Users who are not limited
  613. g_imap_throttle_limit - Daily mb download limit before applying throttle speed, e.g. 500
  614. g_imap_throttle_speed - Limit to this speed in bytes per second when throttling, e.g. 50k
  615. g_imap_timeout - Time, in minutes for imap timeout, RFC required default is 30
  616. g_imap_timeout_login - Timeout prior to login in seconds
  617. g_imap_timezone - Timezone to display - for testing purposes only NOT USED
  618. g_imap_trash_nocopy - Prevent copying from Trash to Trash folder
  619. g_imap_uidl_nofix - If true, disable auto repair of identical uidl entries
  620. g_imap_unsub_auto - Unsubscribe if a folder doesn't exist
  621. g_imap_use_nil - Give NIL instaed of empty response (do not use)
  622. g_imap_user_flags - This setting may confuse some email clients (mac) use with cautioun
  623. g_imap_user_moreflags - Allow unlimited flags
  624. g_imap_warn_big - Warn user if inbox or sent has more than this many messages
  625. g_inbox_archive - Archive old messages to Archives/yyyy/Inbox folder, age in days
  626. g_inbox_max - Max messages permitted in inbox e.g. 5000
  627. g_inbox_nolimit - Users with no limit on inbox
  628. g_include - Include another ini file global settings only
  629. g_iplimit - Untrusted local ip addresses e.g. web servers, special sending limits applied.
  630. g_iplimit_islocal - Add domains to list of domains considered local for limit counting
  631. g_iplimit_local - Max sends from untrusted ip to local domains per 30 minutes.
  632. g_iplimit_remote - Max sends from untrusted ip to remote domains per 30 minutes.
  633. g_iplimit_whitelist - List of 'from' addresses that should bypass limits
  634. g_ipv4_only - List of hosts/mx that should NOT use IPV6 addresses
  635. g_ipv6_enable - Enable IPV6 networking only use if you have an IPV6 address for some reason
  636. g_ipv6_notrim - Prevent automatic conversion of ::ffff:x.x.x.x to x.x.x.x
  637. g_ipv6_only - List of hosts/mx that should NOT use IPV4 addresses
  638. g_kann_test - Testing spam module do not use
  639. g_keepalive - Attempts to use keepalive for the web sessions (experimental & faulty currently)
  640. g_key_manual - Try and activate automatically when the key expires
  641. g_key_nowarning - Disable reminders to update your license
  642. g_known_skip - Disable the bypass of known ip addresses from spf failures
  643. g_language_default - Default language for user web interface
  644. g_last_login - If true create last_login file each time user logs in via imap/pop. Do not use on MIRROR systems
  645. g_last_login_days - If last login is more than this many days then reject email - do not use on mirrors
  646. g_late_forward - Apply all users forwarding rules after friends, spam, and filtering
  647. g_late_skiplocal - Skip late forwarding for local destinations
  648. g_ldap_forward - Remote ldap server to forward requests to (only for testing do not use)
  649. g_ldap_outlook_browse_max - Basic outlook ldap address browsing, max items (KEEP THIS SMALL eg <50): default=0 (disabled)
  650. g_ldap_port - LDAP port, set to 389 to enable simple address book lookups only. (NOT YET FULLY FUNCTIONAL)
  651. g_legal_archive_accesskey - Amazon s3 awsaccesskeyid
  652. g_legal_archive_add - Users must belong to this group to get their email archived
  653. g_legal_archive_body - Allow body searching, very very slow
  654. g_legal_archive_bucket - bucket for for net service
  655. g_legal_archive_early - Store to archive before phishing changes
  656. g_legal_archive_enable - Enable legal archive
  657. g_legal_archive_encrypt_key - Key for encrypting the data, you MUST never loose this
  658. g_legal_archive_exclude - Accounts to exclude e.g. hr@xyz.com,*@doctor.com
  659. g_legal_archive_hostid - Unique integer for this host 1-9 use if sharing mail spool
  660. g_legal_archive_keep - Days to keep legal archive, units=days unless you specify years or months, default 5 years
  661. g_legal_archive_local - Store files locally only
  662. g_legal_archive_mirror - Mirror the archive, also use tellmail resync_archive
  663. g_legal_archive_nofail - Don't bounce messages if archive fails
  664. g_legal_archive_only - Drop all messages after archiving them!
  665. g_legal_archive_path - Local path for archive indexes
  666. g_legal_archive_secretkey - Amazon s3 awssecretkey
  667. g_legal_archive_show - Users must belong to 'archive_show' group to see their own archive
  668. g_legal_archive_spam - Store files even if identified as spam (OBSOLETE)
  669. g_legal_archive_trim - Trim messages to max size e.g 20mb
  670. g_letsencrypt - Path to find letsencrypt certificates (obsolete)
  671. g_lf_fix_list - Enable lf fix for faulty email clients
  672. g_lf_fix_off - Disable lf fix, obsolete SEE g_lf_fix_list
  673. g_local_skipgateway - If true skip gateway rule for local messages (bounces etc)
  674. g_log_admin_web - Log web admin interface web requests to wweb.log
  675. g_log_bounce_disable - Stop bounce reject entries filling up log (typically from spam bounces)
  676. g_log_date_old - Log old short date in log files
  677. g_log_disable - Disable most logging - not recommended
  678. g_log_dns - Log dns responses in gory detail
  679. g_log_dns_mx - Only log MX lookups
  680. g_log_dns_only - Only log lookups for this domain
  681. g_log_dropped_disable - Don't log if no 'data' command sent
  682. g_log_fakemid - Header to use instead of message-id in log files
  683. g_log_flush - Flush log file after every write
  684. g_log_fwd - This setting is obsolete and has no effect
  685. g_log_level - Level of logging, info, debug, error
  686. g_log_norcpt - Disable Log individual recipients in msg.rec files
  687. g_log_password - Log password failures to login_failed.log
  688. g_log_path - Directory for log files, defaults to G_HOME
  689. g_log_pid - Log PID in log lines
  690. g_log_quota - Log quota for specified user
  691. g_log_reject_disable - If true then rejects are not recorded in .rec files
  692. g_log_size - Size of each mail*.log file (e.g. 5mb)
  693. g_log_slow - Do slower logging system
  694. g_log_ssl_fail - Log SSL failures to msg.rec
  695. g_log_start_norotate - Don't rotate log on startup
  696. g_log_syslog - Send 'msg.rec' entries to syslog
  697. g_log_syslog_debug - Send 'mail.log' entries to syslog as 'mail.debug' data
  698. g_log_syslog_host - Specify host to send syslog entries to (windows only)
  699. g_log_syslog_only - Disable writing to msg.rec
  700. g_log_syslog_port - Default is 514 (windows only)
  701. g_log_tcp_read - Log actual tcp read data - for matching ip addresses - avoid
  702. g_log_tcp_write - Log actual tcp write data - for matching ip addresses - avoid
  703. g_log_thid - Log thread id in .rec files
  704. g_log_user - Log pop/imap/smtp protocol for specified user
  705. g_login_log_size - Size of login.log file
  706. g_lookup_names - Lookup ip names of connecting users (can be slow)
  707. g_lookup_reject_fails - If lookup cannot get a name, reject user (not generally recommended)
  708. g_lowdisk_mailbox - Disksize warning limit for mailbox_paths
  709. g_lowdisk_warning - Disksize below which to send a warning to the system manager
  710. g_mailbox_inbox - Path for inboxes (experimental, do not use!)
  711. g_mailbox_path - Default directory to store mail
  712. g_maildir_imap_max - Use imap max setting, defaults to 100,000
  713. g_maildir_max - Max messages in a POP folder, do not adjust
  714. g_maildir_netwin - Use NETWIN proprietry storage format - Not Recommended
  715. g_maildir_report - Email manager on ndb errors
  716. g_maildir_standard - Use more standard maildir layout (NOT SUPPORTED)
  717. g_mailstatus_message - Error message to give when mailstatus is set to specified state
  718. g_manager - Email address of manager
  719. g_manager_port - HTTP Manager port to listen on, default is 7026
  720. g_manager_secure_port - HTTPS secure Manager port, default is https 7025
  721. g_manager_smtp - SMTP server for error reporting
  722. g_manager_username - Global domain managers username (for web based domain administration)
  723. g_max_bad_ip - Max bad recipients per ip address before blocking that ip
  724. g_max_bad_ip_skip - Skip g_max_bad_ip tests
  725. g_max_bad_ip_time - Seconds to block guessing hackers
  726. g_max_bad_nolookup - Max bad recipients in a row, if exceeded skip user lookup
  727. g_max_bad_to - Max bad recipients in a row
  728. g_mdir_hash - Hashing mode for surgemail (not supported, use at your own risk)
  729. g_mdir_prefix - Prefix for maildir folders DO NOT USE THIS SETTING, NOT SUPPORTED!!!
  730. g_mfa_backup_email - Alternate MFA using recovery email address
  731. g_mfa_backup_sms - Alternate backup MFA using SMS (requires g_twilio to be configured)
  732. g_mfa_nicer - Nicer surgeweb MFA workflow (RECOMMENDED, enables settings below)
  733. g_mfa_require - Force users to turn on MFA to use SurgeWeb
  734. g_mfa_webtrust_disable - Disable 'Trust this browser' long duration MFA trust tokens
  735. g_mfa_webtrust_duration - Session life of 'Trust this browser' in days (default = 14)
  736. g_mfa_webtrust_scope - Scope (IP range) of 'Trust this browser' (default = country)
  737. g_mfilter_addonly - If true, then only allow 'adding' headers, not changing them
  738. g_mfilter_bounces - Run mfilter on bounce messages and responders etc
  739. g_mfilter_disable - Disable mfilter.rul completely
  740. g_mfilter_file - Mfilter rule file. For spam rule processing (mfilter.rul)
  741. g_mfilter_localonly - If true then only run mfilter on local deliveries
  742. g_mfilter_maxlen - Size to truncate messages to before processing with filter
  743. g_mfilter_noisey - Do log anything in mfilter
  744. g_mfilter_skip_from - From addresses (envelope) to skip mfilter processing for
  745. g_mfilter_skip_ip - IP address(es) to skip mfilter processing for
  746. g_mfilter_skip_to - To addresses to skip mfilter processing for
  747. g_mfilter_trace - Log trace lines in mfilter
  748. g_migrate_domain - The domain which g_migrate_password is for
  749. g_migrate_email - Send each user email on start/end of migration
  750. g_migrate_onsmtp - Migrate on smtp login events
  751. g_migrate_password - Allows login to all accounts create hash with tellmail master_password
  752. g_migrate_skip - Skip imap folders matching this, use for shared folders
  753. g_migrate_translatet - Translate folder names during migration
  754. g_mirror_config - Mirror surgemail.ini to/from mirror_host, must set on both systems!
  755. g_mirror_config_except - Settings to ignore when accepting the incoming config
  756. g_mirror_debug - Log more info to mirror log.
  757. g_mirror_debug3 - NEVER USE, MAKES MIRROR FAIL.
  758. g_mirror_email - Email manager list of fixes sent
  759. g_mirror_host - Mirror other host name
  760. g_mirror_lists_one - Mirror list changes only one way to slave
  761. g_mirror_live - Mirror: Send incoming messages immediately
  762. g_mirror_live_max - Limit size of mirror_live default 60k
  763. g_mirror_lock - Lock PRIMARY during secondary bursts
  764. g_mirror_max - Max items in one folder to mirror, default 160k currently
  765. g_mirror_mode - Mirrorring mode (one system must be PRIMARY and the other SECONDARY)
  766. g_mirror_nossl - Disable SSL for mirror protocol connection - recommended
  767. g_mirror_nsend - Sending threads to use, default 8
  768. g_mirror_nwauth - Mirror send nwauth database to other server, ONLY set on primary
  769. g_mirror_nwauth_always - Mirror nwauth database files
  770. g_mirror_others - BETA Other hosts, for 3,4 host mirrors,(DO NOT USE)
  771. g_mirror_prune_age - Mirror minimum age for items to be pruned during sync_prune, default 14 days
  772. g_mirror_repair - Run resync_prune once per month, only set on primary, TURN OFF DURING FAILURES
  773. g_mirror_resync_inbox - BETA Resync inbox for active users once a day
  774. g_mirror_secret - Mirror shared secret
  775. g_mirror_threads - Max threads we can use during resync_fast, default 6
  776. g_mirror_trash - Normally on a resync the trash folder is ignored.
  777. g_modern_admin - More modern admin ui layout
  778. g_modern_hicontrast - Easy to see color scheme, Control f5 to reload css after changing!
  779. g_modern_surgeweb - More modern layout for surgeweb
  780. g_modern_user - More modern layout for user self admin
  781. g_monitor_disable - Disable monitor process completely (requires restart)
  782. g_monitor_port - HTTP port for Surgemail Monitor to listen on, default is 7027
  783. g_msg_hops_max - Maximum received lines or message is bounced, default 30
  784. g_msg_log_body - Log body fetches too
  785. g_msg_log_dkim - Log DKIM in msg*.rec
  786. g_msg_log_extra - Extra user activity logging
  787. g_msg_log_from - Log From in msg*.rec
  788. g_msg_log_pop - Log all pop reads in msg*.rec
  789. g_msg_max - Max size of a single message (if over refuse with 552 error)
  790. g_msg_max_drop - Drop link if size exceeded (DO NOT USE)
  791. g_msg_max_in - Max message size inbound
  792. g_msg_max_send - Max size for authenticated local users
  793. g_msg_max_total - Max size of a message * recipients
  794. g_msg_nodup - Drop duplicate messages by msgid/user matching
  795. g_msg_track - Message tracking - for debugging
  796. g_mtasts - Enable MTA-STS ssl/tls rules
  797. g_mtasts_report - Alert manager on MTASTS failures
  798. g_mtasts_white - Domains to ignore MTA-STS rules
  799. g_mutex_fast - Use fast mutex handling DEBUGGING option only
  800. g_mutex_timeout - Default mutex timeout period in seconds default is 600
  801. g_mutex_timing - Name of mutex to collect extra timing information for
  802. g_mx_tryall - Try all mx hosts even if lower than own mx priority
  803. g_myrbl_disable - Disable internal rbl database
  804. g_myrbl_disable_rbl - Disable netwin rbl database
  805. g_myrbl_fake - Fake myrbl response for testing
  806. g_myrbl_share - Use and Share RBL reputation data with central NetWin server (Recommended)
  807. g_myrbl_store - Size of internal myrbl database
  808. g_myrbl_to - Debug setting for rbl sharing do not use
  809. g_myurl_disable - Disable internal url database
  810. g_naked_msg - Error message if body contains naked lf characters
  811. g_newui_advanced - Always run new admin ui in advanced mode
  812. g_newui_disable - Disable new admin ui (do not use)
  813. g_no_bull - Special accounts that should not get bulletins
  814. g_notag_notascii - Don't add x-notascii: charset to any non ascii message
  815. g_notag_url_forgery - Don't add x-UrlForgery when a ref urls seem to not match
  816. g_notlocal - Add ALERT to message subject if domain is local but origin is external NOT FUNCTIONAL!
  817. g_notlocal_message - ALERT text to add to suspect messages that appear to be from a local domain
  818. g_nwv_test - Test NetWin setting, best not played with)
  819. g_oauth_bearer - Enable OAuth 2.0 bearer for SMTP and Imap (NOT IMPLEMENTED)
  820. g_oauth_bearer_url - URL for OAuth bearer login (NOT IMPLEMENTED)
  821. g_oauth_client_id - OAuth 2.0 client_id
  822. g_oauth_client_secret - OAuth 2.0 client_secret
  823. g_oauth_propagate_pass - OAuth 2.0 always propagate oauth password to local authent database
  824. g_oauth_trim - OAuth 2.0 trim @domain.name
  825. g_oauth_url - OAuth 2.0 server for password lookup, e.g. http://x.com/oauth
  826. g_old_imap_headbody - Get head and body seperately
  827. g_old_imap_nossl - Disable auto ssl mode
  828. g_old_imap_skip - Skip these folders
  829. g_old_pophost_debug - Log extra info when doing old pophost logins
  830. g_old_user_check - Disable the account status enabled check on rcpt lines
  831. g_old_webmail_links - Show webmail links in user cgi instead of surgeweb
  832. g_orbs_cache_life - Time to keep RBL cached entries in seconds, default is 7200 seconds
  833. g_orbs_check_all - Keep doing lookups even if found in a RBL, this is slower of course!
  834. g_orbs_exception - Realtime Blackhole List, exception list of IP addresses
  835. g_orbs_fake - Ip address to pretend we find in rbl database for testing
  836. g_orbs_force - Force RBL check even if g_allow_ip matches this ip number
  837. g_orbs_late - Do late disconnect so user has time to send SMTP authentication (Also applies G_SPF_SKIP_TO)
  838. g_orbs_list - Realtime Blackhole Lists (RBL's), action=deny,accept,stamp
  839. g_orbs_multi_thread - Use multithreaded code
  840. g_orbs_nosubmit - Revert to old behaviour, orbs check before submit
  841. g_orbs_rec - Log to record file if RBL deny action occurs (can fill logs up)
  842. g_orbs_report - List of IP's to check in RBL(s)
  843. g_orbs_service - Service Name - Obsolete - use g_orbs_list to define services
  844. g_orbs_system - If true use system dns lookups instead of surgemails for orbs (not recommended)
  845. g_orbs_test2 - Test block all addresses
  846. g_orbs_testing - If true, RBL lookups are recorded but not blocked
  847. g_orbs_timeout - Seconds to wait for RBL lookups, default is 10 seconds
  848. g_outgoing_block - Block user if this many spam sent in one day
  849. g_outgoing_n - Send manager email if more than this many spam from one user per day
  850. g_outgoing_white - Whitelist for outgoing spam detector
  851. g_pass_force - Force user to reset password if admin changes it
  852. g_pass_twofactor - Enable two factor authentication
  853. g_pass_twofactor_bypass - Bypass twofactor for ip addresses
  854. g_pass_twofactor_life - Session life in minutes, dflt 4 hours
  855. g_pass_twofactor_merged - Require +code for imap/pop logins sometimes
  856. g_pass_twofactor_prefix - Short string to identify your site in Authenticator app eg Surge
  857. g_perflog_disable - Completely disable 'perflog' historical performance logging
  858. g_perflog_flush_interval - Interval in seconds to flush the performance log files to disk (default 1hr = 3600)
  859. g_perflog_logall - Log all trend graph counters including undisplayed graphs (recommended)
  860. g_perflog_lowres - Do low resolution perflog sampling (hiding hour scale)
  861. g_perflog_surgeonly - Only log surgemail counters
  862. g_phish_block - Replace most urls with a warning link to stop phishing
  863. g_phish_friends - Replace urls for msgs from friends too
  864. g_phish_key - Used in key generation, never change
  865. g_phish_local - Replace urls for locally sent msgs too
  866. g_phish_only - Email addresses to apply link rewrite, default is everyone
  867. g_pipelining - Show pipelining in ehlo response - not recommended - has no behavior affect
  868. g_policy_enable - Enable policy.dat rules, still testing
  869. g_pop_add_size - Improves pop performance on nfs slightly
  870. g_pop_blocksize - Size of packets to read pop messages (best left alone)
  871. g_pop_cram_enable - Enable cram-md5 support
  872. g_pop_delay - If true packets are sent in bunches, this slows down some mail clients
  873. g_pop_flush_lines - Flush to tcp every line of message sent (slow)
  874. g_pop_lock - Lock pop spool
  875. g_pop_max - Max threads for POP or IMAP connections
  876. g_pop_min_late - Give min time error on first command after login
  877. g_pop_min_msg - Additional warning to give user when they login too soon
  878. g_pop_min_skip - Skip ip addresses matching this list.
  879. g_pop_min_time - Min time in seconds between consecutive POP logins, NEVER USE
  880. g_pop_nolock - Allows concurrent pop logins, recommended
  881. g_pop_notseen - Don't mark message as seen when pop reads message
  882. g_pop_port - POP3 port to listen on, default is 110 (needs restart)
  883. g_pop_secure_port - POP3 SSL secure port to listen on, default is 995
  884. g_pop_warning - Send manager warning if this many sessions (pop or imap) reached (max 1 per hour)
  885. g_popfetch - Fetch incoming mail from another pop server
  886. g_popfetch_interval - Interval between popfetch attempts in seconds
  887. g_popfetch_kick - If true then popfetch will try and open the link for 10 seconds, then retry, this should bring up ISDN lines.
  888. g_popfetch_nodup - Drop duplicate messages
  889. g_ppd_port - PopPassD port for setting passwords, default is 106
  890. g_private - Enable a private customer specific feature
  891. g_proxy - Proxy mode, best avoided for most situations
  892. g_proxy_default - Proxy mode default forward to host
  893. g_proxy_smtp - Proxy direct to gateway for listed domains, set webmail_secret too
  894. g_proxy_to_gateways - Proxy pop/imap connections to matching gateway settings
  895. g_proxy_usercgi - Proxy user.cgi requests to tohost (web_ref_text.txt & g_web_ref_path_extension must match on all servers)
  896. g_proxy_webmail - Redirect webmail logins to external host name
  897. g_pstat_disable - Disable pstat per user accounting (for debugging)
  898. g_queue_all - Always queue local messages before delivery
  899. g_queue_limit - If on disk queue exceeds this block incoming mail
  900. g_queue_max - Size of internal que file cache, range 500-3000
  901. g_queue_spawn - Run command on queue files before delivery ONLY if g_queue_all is true, filename is passed as parameter
  902. g_queue_warning - If on disk queue exceeds this send manager a warning
  903. g_quota - Disk quota for users in specified g_access_group
  904. g_quota_550 - Give 550 quota response instead of 552
  905. g_quota_at - Default is 80%
  906. g_quota_before_forward - Do quota check before forwarding.
  907. g_quota_default - Default quota
  908. g_quota_disable - Disable quota system
  909. g_quota_friends - Count friends pending messages as part of quota
  910. g_quota_from - Return address for quota warning messages
  911. g_quota_noemail - Disables all quota messages to the user
  912. g_quota_notrash - Remove Trash folder from quota calculation
  913. g_quota_rcpt_disable - Disables quota check at rcpt stage
  914. g_quota_report - Send quota warnings to the manager
  915. g_quota_skip - Skip quota for matching ip addresses
  916. g_quota_try_later - Give 450 response if user is over quota so message will be resent
  917. g_quota_warning_disable - Disables the 80% quota warning message
  918. g_rbl_login - Server to lookup ips that should not be allowed to login
  919. g_rcpt_bang - Allow bang character in addresses
  920. g_rcpt_colon - Allow colon character in addresses
  921. g_rcpt_max - Max recipients per message, default 1000, can only be lower than 3000.
  922. g_rcpt_max_in - Limit for recipients of untrusted channels, default g_rcpt_max
  923. g_rcpt_msg - Response given for invalid recipient errors, message is prefixed by email address.
  924. g_rcpt_nodup - Ignore duplicate recipients to the same user
  925. g_rcpt_ok - Whitelist for invalid rcpt addresses we will permit
  926. g_rcpt_quote - Allow quote character(s) in addresses
  927. g_rcpt_trace - Add X-Rcpt-Trace headers
  928. g_rdns_timeout - Timeout for reverse DNS lookups default is 30 seconds
  929. g_received_name - Name shown in received headers
  930. g_received_names - List of valid received names for incoming email
  931. g_received_skip - Skip local received header for trusted users (DO NOT USE)
  932. g_received_skip_all - Skip local received header (DO NOT USE)
  933. g_received_skip_spf - Skip spf received header (DO NOT USE)
  934. g_recent_bypass - Bypass recent failure checking
  935. g_record_days - Days to keep msg*.rec record of incoming messages, default 90
  936. g_record_hash - Hash storage of daily .rec files
  937. g_record_login - Log successful logins to msg*rec files
  938. g_record_path - Directory for daily .rec files defaults to G_HOME
  939. g_recover_noquestions - Remove question based password recovery system
  940. g_recover_reminder - Send users reminder email monthly until they set a recovery email address
  941. g_recycling - Keep deleted messages so users can undelete email
  942. g_recycling_del - Allow usergroup to delete messages from the recycle folder
  943. g_recycling_imap - Make visible to IMAP users, default is now ONLY surgeweb users
  944. g_recycling_life - Days to keep imap deleted messages, default 30
  945. g_recycling_pop - Do recycling for POP deletes too
  946. g_recycling_visible - Only allow members of this group to see recycling folder
  947. g_redirect - Redirect messages from 'was' to the new 'to' address
  948. g_redirect_cc - Send carbon copy to another address
  949. g_redirect_cc_attach - Redirect message as attachment if rule applies
  950. g_redirect_from - Redirect if from envelope matches
  951. g_redirect_from_cc - Send carbon copy if from envelope matches
  952. g_redirect_hide - Hide the redirection in the output
  953. g_redirect_iflocal - If local domain, then apply redirect
  954. g_redirect_ignore_errors - Accept email even if redirected addresses fail
  955. g_redirect_newmid - Generate new MID on redirection
  956. g_redirect_noautocreate_rules - Don't create redirection rules for domains automatically
  957. g_redirect_ses - If message is not local then apply redirect
  958. g_relay_allow_from - Allow relaying from users if the from envelope and from header match this NEVER USE, SPAMMERS ABUSE THIS
  959. g_relay_allow_ip - Allow relaying from users at this ip address
  960. g_relay_dom_and_ip - Allow relaying if from envelope and ip address both match
  961. g_relay_ifnot - Accept locally only if not from this ip
  962. g_relay_message - Message to give to users who try to relay through your system
  963. g_relay_nolocal - Do not automatically relay for 127.0.0.1
  964. g_relay_process - Relay process, e.g. testip.exe $WHOIP, return 1 to allow relaying, 0=deny
  965. g_relay_to - Relay to this domain from anyone
  966. g_relay_to_user - Relay to specific user from anyone
  967. g_relay_window - Minutes to allow relay after pop/imap login NOT RECOMMENDED
  968. g_relay_window_from - Requires pop authed user is in from header of sent message
  969. g_rename_content - Wild card list of mime types to rename, e.g. application*zip*
  970. g_rename_files - Wild card list of files to rename, e.g. *.exe,*.cmd (see help for defaults) g_virus_rename setting required
  971. g_report_host - Report facts to a central host
  972. g_report_notspam - Send not spam samples to netwinsite.com automatically (unwise)
  973. g_report_spam - Send spam samples to netwinsite.com when msg trained
  974. g_responder_delay - Delay between responses to the same address.
  975. g_responder_friends - Only respond if from known friends
  976. g_responder_from - Send 'from' destination user.
  977. g_responder_noreply - Send 'from' noreply@ destination domain, improves delivery
  978. g_responder_safer - Only respond if the sender can be verified in some way (spf/domainkeys)
  979. g_responder_score - Do not respond if spam score is above this
  980. g_responder_sender - Responder whitelist for email from address
  981. g_responder_skip - Skip responder if from matches
  982. g_responder_source - Responder whitelist for from ip name or number
  983. g_responder_to - Responder whitelist for destination user
  984. g_responder_utf8 - Send response in utf8 format
  985. g_restart - Restart server if it dies
  986. g_restart_kill - Allow swatch to kill surgemail if not responding - beta
  987. g_restart_malloc - Restart server if malloc exceeds this (in mb), e.g. 1000
  988. g_restart_vmsize - Restart server if vmsize exceeds this (in mb), e.g. 1000
  989. g_retry_bounces - Max hours to keep trying to deliver a bounce, default is 48hrs
  990. g_retry_dns - Hours to keep trying if dns response suggested invalid domain name, default 0
  991. g_retry_from - Time to keep messages from these domains
  992. g_retry_limit - Max hours to keep trying to deliver a message, default is 48hrs
  993. g_retry_minutes - Time between attempting resends, defaults to 60 minutes
  994. g_retry_rule - Time to keep messages to these domains
  995. g_retry_unwarn - Send user sent on confirmation if warning sent
  996. g_retry_warn - Send user a warning if first send fails
  997. g_retry_warn_n - Send user a warning if nth send fails
  998. g_route - Route messages matching from and to both must be specified, * can be used
  999. g_route_by_tohost - Route messages using server specified in 'tohost' in authent database
  1000. g_route_except - IP exception to g_route / g_route_by_tohost
  1001. g_route_local - Route messages for local domains if the rule applies
  1002. g_route_local_ifexists - CONFUSING NAME For non smtp auth sessions, prevent application of g_route rule for local address if account does not exist
  1003. g_route_local_keep - For local domains, if the route rule applies, deliver locally preferentially else route by rule (needs g_route_local too)
  1004. g_route_tous - Route messages back to our own ip
  1005. g_rules_msgtime - Use msg time rather than file time for expire rules
  1006. g_rules_old - Never use
  1007. g_run_cmd - Run command on all messages use $FILE$ in cmd parameters
  1008. g_sabre_version - SabreDAV version (DO NOT CHANGE, for debugging only)
  1009. g_safe_alert - Email manager when user fails to login from new ip
  1010. g_safe_country - White list use 2 char country code, e.g. US,NZ,AU a list is ok, use with g_safe_smtp
  1011. g_safe_country_nowarning - Whitelist countries for just this setting
  1012. g_safe_imap - Force users to prove they are real if logging in from pop/imap NEVER NEVER USE
  1013. g_safe_message - First line of email sent to user when login blocked
  1014. g_safe_smtp - Force users to prove they are real with each new address, whitelist email or ip with g_safe_white
  1015. g_safe_smtp_email - Email manager as remote ip addresses are added
  1016. g_safe_text - The first line of the warning email when a new login occurs
  1017. g_safe_warning - Email user for logins from new ip addresses
  1018. g_safe_white - White list for g_safe* settings
  1019. g_sample_get - Sample account to check if deliveries work
  1020. g_sample_show - Headers to show from sample messages
  1021. g_scan_action - Converts return value from g_scan_cmd, action=drop,accept,bounce
  1022. g_scan_cmd - Run command on message, and return integer, see g_scan_action
  1023. g_scan_cmd_failok - Don't reject if script fails
  1024. g_scan_cmd_skip - Skip for matching ip addresses
  1025. g_scan_cmd_testing - Don't reject, (for testing)
  1026. g_sched_utoken_timeout - Timeout for sched utokens in minutes
  1027. g_send_backoff - Seconds to leave slow responding host alone (default 900)
  1028. g_send_body_end_retry - Try again if connection fails after entire body sent
  1029. g_send_body_noretry - If a send fails during the body send give up at once.
  1030. g_send_body_once - Don't try 3 times if failure occurs sending body
  1031. g_send_bug1 - Fail while sending messages
  1032. g_send_conspeed - Outgoing connections per second per destination, default is 4
  1033. g_send_delay - Wait this many seconds after sending each item.
  1034. g_send_first_retry - Minutes for first retry, default is 16 minutes, do not adjust!
  1035. g_send_helo - Fully qualified domain to use for all outgoing SMTP helo commands and MessageIDs
  1036. g_send_helo_from - Use matching domain name if we have one if user is authenticated/trusted AVOID THIS!
  1037. g_send_helo_in - Lookup dns name of incoming ip connection on local interface, UNSAFE
  1038. g_send_lines - Send messages in single line packets, slow!
  1039. g_send_lowpriority - Ip address of bulk sending servers
  1040. g_send_max - How many concurrent sending sessions in total
  1041. g_send_max_perchan - Msgs to send on one open channel
  1042. g_send_max_perdom - How many concurrent sessions allowed to another domain, default is 3
  1043. g_send_max_rcpt - How many rcpt's to send per message when sending
  1044. g_send_no_domain - Message to show when domain points to us but can't find user or domain
  1045. g_send_nolimit - Don't apply g_max_perdom limit when sending to this domain
  1046. g_send_nopoll - Use sleep loop instead of poll (debugging only)
  1047. g_send_nosize - Don't send size with from envelope
  1048. g_send_noskipslow - Don't remember hosts that are slow to open and avoid them
  1049. g_send_onpopfetch - Only send outgoing while doing a popfetch (For dialup use)
  1050. g_send_open_timeout - Timeout, in seconds when opening a link
  1051. g_send_retry_550 - Retry on 550 responses (general failure)
  1052. g_send_retry_552 - Retry on 552 responses (typically quota exceeded)
  1053. g_send_rewrite - Rewrite envelope recipient at send stage, does not change destination server
  1054. g_send_speed - Bytes per second to limit each outgoing channel to, default no limit, eg 10k
  1055. g_send_sslheader - Add x-encrypted header when sending via ssl
  1056. g_send_store_disable - Disable sendstore smtp extenstion
  1057. g_send_strip - Headers to strip when sending
  1058. g_send_timeout - Timeout, in seconds when sending, default is 540 (9 minutes)
  1059. g_send_tolimit - Limit speed to send to one or more domains.
  1060. g_sent_archive - Archive old messages to Archives/yyyy/Sent folder, age in days
  1061. g_sent_nodup - Drop duplicates in Sent folder due to sent_store
  1062. g_sent_store - Store all sent messages in IMAP folder if smtp authenticated
  1063. g_server_name - SERVER_NAME to set for list of wildcard urls
  1064. g_server_stamp - Replaces SurgeMail and version string in received headers
  1065. g_setpassword_firstlogin - Accept any password on first POP login and set in database (EMERGENCY USE ONLY, requires nwauth -reasonfail parameter)
  1066. g_sf_binary - Use Binary Network
  1067. g_sf_disable - Smart Filter Disable
  1068. g_sf_generate - Build local smart filter
  1069. g_sf_ignore_users - Ignore user submissions just use automatic samples (obsolete)
  1070. g_sf_limit - Limit range of self training
  1071. g_sf_list - Use list mechanism for scoring
  1072. g_sf_nnet - Use Neural Network (Experimental, ONLY FOR TESTING)
  1073. g_sf_nosanity - Disables improved g_sf_binary with sanity checks
  1074. g_sf_obey_users - Obey user submissions about non spam, usually not a good idea
  1075. g_sf_rules - Use manual rules to improve scoring
  1076. g_sf_saneonly - Sane score only
  1077. g_sf_sanity2 - Enables improved sanity scoring
  1078. g_sf_sanity_test - Experimental setting never use
  1079. g_sf_test2 - Testing
  1080. g_share_home - Allow sharing of home directory
  1081. g_share_mail - Set true if mail area is shared (by nfs or other mechanism)
  1082. g_share_quota - Do quota on disk (e.g. when using nfs shared spool)
  1083. g_show_senders - Show top senders in domain admin pages
  1084. g_shutdown_ifmissing - Shutdown if specified file doesn't exist
  1085. g_shutdown_slow - Add 20 second delay to shutdown for debugging
  1086. g_skip_return - Skip return path
  1087. g_slow_welcome - Add 30 second delay to welcome message for debugging
  1088. g_smite_all - Add spamdetect and smitematch headers to all messages going past
  1089. g_smite_gateway - Add spamdetect and smitematch headers to gatewayed/redirected messages
  1090. g_smite_level - If smitematch score is above this drop message (just throw it away) e.g. 1
  1091. g_smite_skip - Whitelist/Skip spam scanner (and spf) if from matches this wild card (Whitelist)
  1092. g_smite_skip_auth - Skip spam scanner if user logged in
  1093. g_smite_skip_from - Skip spam scanner if from header/env matches this wild card
  1094. g_smite_skip_ip - Skip spam scanner if senders ip matches
  1095. g_smite_skip_only - Skip spam scanner if to matches this wild card and no other recipients that 'don't' match...
  1096. g_smite_skip_relay - Skip spam scanner if ip can relay
  1097. g_smite_skip_to - Skip spam scanner if to matches this wild card
  1098. g_smite_tag - Tag message with smitematch header if message is in spam database when read
  1099. g_sms_forward - Specifies IP's which are allowed to forward to SMS gateways
  1100. g_sms_gateway - Address and port of your sms gateway (use g_twilio instead)
  1101. g_sms_gateway_force - Force sms notifications to go to g_sms_gateway
  1102. g_sms_gateway_msgbytes - Maximum amount of message to send to g_sms_gatway (bytes)
  1103. g_sms_gateway_subjbytes - Maximum length of subject in sms message
  1104. g_sms_recover_text - Sent to users when SMS password recovery msg sent
  1105. g_smtp_allow_invalid - Allow messages with invalid headers
  1106. g_smtp_auth_debug - Auth Debug (do not use)
  1107. g_smtp_auth_ip - Ip Addresses to accept smtp authentication from
  1108. g_smtp_auth_off - Disable SMTP AUTH from unknown ip addresses (NOT RECOMMENDED)
  1109. g_smtp_big - Slow down incoming SMTP reads to get bigger packets (experimental)
  1110. g_smtp_bounce_nslow - Number of handles to use for doing slow rejections of smtp connections
  1111. g_smtp_chunking - Protocol Extension, never use
  1112. g_smtp_cmd_timeout - Seconds to wait after getting a message for next command (sendmail bug)
  1113. g_smtp_cram_enable - Enable CRAM-MD5 authentication (requires nwauth 4.0h or greater) - Not Recommended
  1114. g_smtp_data_bug - Fail on incoming emails for debugging
  1115. g_smtp_data_timeout - Seconds for timeout for data input, default 540 (9 minutes)
  1116. g_smtp_delay - Seconds to wait before responding to rcpts, 1-20, this reduces load on bulk senders
  1117. g_smtp_delay_stamp - Stamp header if sender sends data before seeing welcome response (usually spam)
  1118. g_smtp_etrn_auth - Only do etrn processing if user is authenticated
  1119. g_smtp_fast_bounce - Reject bad connections immediately
  1120. g_smtp_fix_nohead - Accept messages with no headers and try and cope
  1121. g_smtp_help_disable - Disable help in SMTP (minor security issue)
  1122. g_smtp_log_protocol - If true log SMTP protocol to log file
  1123. g_smtp_log_size - Size of smtp.log file
  1124. g_smtp_max - Max concurrent incoming SMTP connections
  1125. g_smtp_max_nolimit - Ip addresses that don't have max smtp limit applied
  1126. g_smtp_max_reason - Reason to give to user if g_smtp_max is exceeded
  1127. g_smtp_maxbad - Max bad command per session before dropping smtp link, default no limit
  1128. g_smtp_no_brackets - Allow from/rcpt without angle brackets
  1129. g_smtp_noauth - Limit SMTP to just these addresses (not generally useful) always include 127.0.0.1
  1130. g_smtp_noauth_msg - Message given when sender is told to use authentication because of g_smtp_noauth
  1131. g_smtp_noauthm - Limit SMTP to just these addresses (not generally useful)
  1132. g_smtp_noclear - Disable smtp buffer clear after starttls command
  1133. g_smtp_plain_hide - Hide 'plain' from the ehlo response
  1134. g_smtp_port - SMTP port to listen on, default is 25 (needs restart)
  1135. g_smtp_portauth - SMTP ports which require smtp authentication, typically 587,465
  1136. g_smtp_portforce - Block logins for ports not listed in g_smtp_portauth
  1137. g_smtp_secure_port - SMTP SSL secure port to listen on, default is 465
  1138. g_smtp_thread - Use seperate thread for incoming SMTP connections
  1139. g_smtp_vrfy_allow - Allow vrfy from these addresses, not recommended
  1140. g_smtp_vrfy_msg - Change Response to VRFY, e.g. 252 Not telling
  1141. g_smtp_warning - Send manager warning if this many sessions reached (max 1 per hour)
  1142. g_smtp_welcome_delay - Seconds to delay welcome message, drop if we get data before we send welcome, recommend 1-3 seconds
  1143. g_spam_alias_any - User aliase string e.g. "++" if defined then strip suffix from emails - not advised!
  1144. g_spam_allbad - Auto blacklist from/ip/to combinations
  1145. g_spam_allow - IP Wild card exceptions to spam limits
  1146. g_spam_allow_disable - Disable allow bounce messages
  1147. g_spam_allow_known - Unblock IP address if we have received messages from it for 3 days (so it's not a transient spammer)
  1148. g_spam_allow_msg - Template for unblock messages, use ||reason|| and ||allow|| and maybe a url
  1149. g_spam_allow_rbl - Give unblock message to RBL bounces too
  1150. g_spam_allow_rdns - Trust ip name for spam checking, not recommended
  1151. g_spam_allow_recent - Skip spam rules if recent pop ip number
  1152. g_spam_aspam - Scale for aspam, default is 1.0, Valid range is zero to two
  1153. g_spam_autotrain - Auto train spam filter good messages based on first 1000 outgoing emails
  1154. g_spam_black_auto - Auto blacklist for user when isspam pressed
  1155. g_spam_black_tospam - Put blacklist matches in spam folder
  1156. g_spam_block - Block spam (as decided by spf etc), if not set then user or domain can set
  1157. g_spam_block_gateway - Block spam gatewayed messages too
  1158. g_spam_block_msg - Template for spf blocked message if allow is disabled
  1159. g_spam_body - If spamdetect score is above this, add spamdetect header at top of message body NOT RECOMMENDED e.g. 7
  1160. g_spam_body_more - Add more info to spam body (ip address, ptr address, reply to and bounce address)
  1161. g_spam_body_url - Text part of info to add to body, usually a url to your site
  1162. g_spam_bounce - If spamdetect score (number of '*'s) is above this, bounce message. Never set below 14
  1163. g_spam_bounce_all - If spamdetect score is above this, bounce message, applies to all messages regardless of user settings. e.g. 7 NEVER USE THIS
  1164. g_spam_bounce_store - If true store rejected spam in Spam_Rejected folder
  1165. g_spam_bounce_text - Error to return to user when message is bounced due to g_spam_bounce setting
  1166. g_spam_bounce_trusted - If spamdetect score is above this, bounce message if trusted (spam_allow or authenticated)
  1167. g_spam_catcher - Addresses on web pages that shouldn't get any email (robot bait)
  1168. g_spam_char - Character to use instead of '*' for smitespam headers (best left alone if possible)
  1169. g_spam_check_auth - Don't skip spam rules for authenticated users
  1170. g_spam_cmd - Command line spam checker, use $FILE$ in cmd parameters
  1171. g_spam_cmd_if - If internal spam rating is below this number, then run external filter
  1172. g_spam_cmd_reject - If external filter returns number larger than this reject
  1173. g_spam_cmd_skip - If internal spam rating is below this number, then skip external filter
  1174. g_spam_content_disable - Disable aspam_content.txt rules
  1175. g_spam_flag - Add X-SPAM-FLAG: Yes header if smite score is above this level
  1176. g_spam_folders - Train on any message dropped into the relevant folders
  1177. g_spam_folders_show - List the special folders for all users
  1178. g_spam_from_blacklist - Fetch list of bad domains to reject email from - not recommended
  1179. g_spam_from_max - Max outgoing messages per ipaddress/return path pair, 30 minutes, e.g. 5000
  1180. g_spam_grey - OBSOLETE DO NOT USE, Enable old greylisting for spf mechanism
  1181. g_spam_grey_bounce - Bounce if message was allowed due to grey listing, and spam score is above this, default 8 (was 4)
  1182. g_spam_grey_classc - Apply grey listing to x.x.x.*
  1183. g_spam_grey_dflt - Enable greylisting for spf default accept events (not recommended)
  1184. g_spam_grey_dflt_bad - Enable greylisting instead of allow in some cases (recommended for block or strict)
  1185. g_spam_grey_nofive - Skip 5-6 minute black window for these domains
  1186. g_spam_grey_nohard - Avoid hard spf bounces always try and do a grey list instead
  1187. g_spam_grey_nseen - Number of messages from an unknown host, default is 6
  1188. g_spam_grey_size - Size of grey listing table, default is 3000
  1189. g_spam_grey_verify - Skip grey listing if host was not listening
  1190. g_spam_grey_window - Window to block bad messages, typically 60 seconds
  1191. g_spam_header_trust_ip - List of IP addresses from which to trust/accept existing X-SpamDetect headers in emails
  1192. g_spam_hold_hide - Hide spam hold settings for end users and other held2pend user.cgi tweaks
  1193. g_spam_hold_keep - Number of days to store users spam hold messages - OBSOLETE see G_FRIENDS_PENDING_KEEP
  1194. g_spam_info - Info line and url to explain aspam system
  1195. g_spam_info_hide - Removes the x-spamdetect-info header line
  1196. g_spam_internal - Enable new 'internal' spam processing
  1197. g_spam_isspam_ignore - Don't block messages from ip addresses recorded as a spam source
  1198. g_spam_isspam_kind - Allow isspam from recent pop, gateway to etc
  1199. g_spam_nobounce - Remove old user held/vanish but after 5.2 will allow bounce
  1200. g_spam_nolang - Don't add header with a guess at body language
  1201. g_spam_notrain - Disable isspam and notspam addresses for user training
  1202. g_spam_notspam - Address that non authenticated users can send non spam to.
  1203. g_spam_noupdate - Disable fetch of aspam filter rules etc from netwinsite
  1204. g_spam_phishing - Download list of known phishing addresses and block outgoing email to them
  1205. g_spam_phishing_ok - Allow to these addresses even if phishing database blocks them
  1206. g_spam_phrase - Enable auto spam phrase filter
  1207. g_spam_poly - Scale for poly word matching, default is 0.1, Valid range is zero to two, Use 1.0 to enable, EXPERIMENTAL
  1208. g_spam_poly_disable - Disable poly code.
  1209. g_spam_private - Enable users to define 'private' extensions user--STUFF@domain
  1210. g_spam_probe_enable - Probe suspect urls to find spammers - can cause RBL
  1211. g_spam_probe_friends - Probe even if email is from a friend
  1212. g_spam_probe_more - Probe even if email is from a known ip address
  1213. g_spam_probe_unknown - Probe any unknown url (dangerous)
  1214. g_spam_probe_whois - Do whois lookups on web pages found in probe
  1215. g_spam_share - Use and share some spam/aspam information with central server (netwin) experimental
  1216. g_spam_status_hour - Process all spam status messages at this time (disk io intensive)
  1217. g_spam_status_monthly - Send monthly spam status even if no messages pending
  1218. g_spam_subject - If score is above this, add spam rating to subject (Spam: ****) e.g. 8
  1219. g_spam_subject_dom - Destination domains to tag subject for
  1220. g_spam_subject_gateway - If true then spam_subject setting applies to gatewayed messages too
  1221. g_spam_subject_word - The word that gets added to subject, default is 'Spam', UCE is another good one
  1222. g_spam_url - Scale for url word matching, default is 1.0, Valid range is zero to two
  1223. g_spam_user_badto - Max bad recipients from authenticated user per 30 minutes, e.g. 50
  1224. g_spam_user_lockout - Lockout user until released with unlock_all command
  1225. g_spam_user_max - Max messages an authenticated user can send per 30 minutes, e.g. 5000
  1226. g_spam_user_skip - Users to skip g_spam_user_max limit for
  1227. g_spam_user_warn - Alert user when they send this many messages in one day, .8 to alert at 80% of max
  1228. g_spam_user_warn_msg - Message when user approaches send limit
  1229. g_spam_userconfig - Allow users to specify specific spam features
  1230. g_spam_vanish - If spamdetect score (number of '*'s) is above this, vanish message if local delivery. NEVER USE THIS
  1231. g_spam_vanish_all - If spamdetect score is above this, vanish message, applies to all messages regardless of user settings. NEVER USE THIS
  1232. g_spamdetect_some - Only show spamdetect header for bad scores
  1233. g_spawn_log - If true the spawns are logged to lib_spawn.log
  1234. g_speech_cmd - Command to convert sound file to text (append .txt to filename)
  1235. g_speech_end - End text after the converted text
  1236. g_speech_from - Only attempt conversion if from this email address
  1237. g_speech_group - Only attempt conversion if user is memeber of 'speech' group
  1238. g_speech_info - Intro text above the converted text
  1239. g_speech_size - Default 10mb, will not convert larger files
  1240. g_speech_to - Only attempt conversion if to this email address
  1241. g_spf_baddns_skip - If spf dns failure then allow message through (instead of giving retry error)
  1242. g_spf_byemail - Perform allow bounce confirmation via email.
  1243. g_spf_debug_log - Enable spf.log file
  1244. g_spf_default - (strict only) Default spf record if none found default 'mx/16 a ptr:%{d2} -all'
  1245. g_spf_default_noblock - (strict only) Only stamp headers if default spf record fails when no real spf header
  1246. g_spf_dns_timeout - Seconds to wait for dns lookups for spf, best not to change
  1247. g_spf_domain - Domain for SPF rewrite and allow messages (defaults to first domain on server)
  1248. g_spf_enforce - List of wildcard/domains to enforce spf for, e.g. paypal.com,*bank*
  1249. g_spf_enforce_auto - Enforce spf for commonly forged domains paypal.com,*bank*
  1250. g_spf_enforce_known - Enforce spf even if we think this ip address is safe
  1251. g_spf_enforce_local - If spf fails and it's a local domain then skip grey listing and bounce
  1252. g_spf_enforce_real - Enforce spf for domains with strong spf entries
  1253. g_spf_fake - Fake spf record to use for testing
  1254. g_spf_header - Use g_verify_mx_skip and apply to resulting ip
  1255. g_spf_mode - Do SPF check and then perform action, stamp | block | strict, action is conditional on [g_]spam_block settings
  1256. g_spf_noallow - Give hard bounce (no allow message) for spf failures for these domains & ignore friends
  1257. g_spf_nocache - Disable SPF cache
  1258. g_spf_nofriend - Ignore friends for spf
  1259. g_spf_nogrey - Skip SPF grey listing for these domains (require allow response)
  1260. g_spf_norewrite - Exceptions to rewrite rule, e.g. *@my.domain,bob@this.domain
  1261. g_spf_required - Require an spf entry for these domains
  1262. g_spf_rev_skip - Skip SPF checks if reverse ip name matches in this list, e.g. *.yahoo.com
  1263. g_spf_rewrite - Rewrite 'from' envelope in redirected mail (SRS)
  1264. g_spf_rewrite_gateway - Rewrite even if gateway rule applies
  1265. g_spf_rewrite_relay - Rewrite even if from ip is a host to relay for
  1266. g_spf_share - List of hosts to share allow ips with. Must all have same srs.secret file
  1267. g_spf_skip - Skip spf checks for these ip addresses, e.g. other mx hosts
  1268. g_spf_skip_from - Skip based on from, e.g. noreply@*paypal.com,..., Also skips RBL
  1269. g_spf_skip_to - Skip based on rcpt to, also skips RBL rules,...
  1270. g_spf_timeout - Seconds to wait for all spf lookups to finish, default 48 seconds
  1271. g_spf_trust_local - Skip spam checking for local domain that passes spf
  1272. g_spf_user_domain - Make allow bounces use destination user domain name
  1273. g_spf_very_strict - (strict only) Only give 'allow' option for default spf rule failures not real ones
  1274. g_spf_web_url - Specify full url for spf byweb commands http://domain.name:port
  1275. g_spflog_domains - Specify which domains should get spflog entries sent to them.
  1276. g_spflog_enable - Enable this if this server is a frontend for a SurgeMail server users log into.
  1277. g_spool_path - Scan this directory for *.msg files to send as emails
  1278. g_ssl_allow - IP Wild card list to allow SSL encryption from
  1279. g_ssl_allow_fix - Disable incoming ssl on ssl failure from an ip
  1280. g_ssl_allow_imap - IP Wild card list to allow SSL encryption from for imap
  1281. g_ssl_auto - Generate letsencrpt ssl certificates automatically for all domains
  1282. g_ssl_ciphers - List permitted ciphers, DANGEROUS
  1283. g_ssl_ciphers_add - More permitted ciphers (added to g_ssl_ciphers) DANGEROUS
  1284. g_ssl_ciphers_web - List permitted ciphers for web, DANGEROUS
  1285. g_ssl_disable - Disable protocols tlsv1,tlsv1_1,tlsv1_2,sslv2,sslv3 (restart surgemail)
  1286. g_ssl_disable_des - Disable DES ciphers, breaks outlook on XP
  1287. g_ssl_disable_port25 - Prevent ssl on port 25
  1288. g_ssl_disable_relax - Override and relax g_ssl_disable for certain ip address + protocol combinations
  1289. g_ssl_disable_renegotiation - Disable SSL renegotiation.
  1290. g_ssl_disable_sslv2 - Disables ssl 2.0 support for enhanced security (obsolete use g_ssl_disable)
  1291. g_ssl_disable_sslv3 - Disables ssl 3.0 support for enhanced security (obsolete use g_ssl_disable)
  1292. g_ssl_disable_tlsv1 - Disables tls 1.0, not recommended (obsolete use g_ssl_disable)
  1293. g_ssl_disable_tlsv1_1 - BROKEN: Use g_ssl_disable setting instead
  1294. g_ssl_disable_tlsv1_2 - Disables tls 1.2 support, breaks LETSENCRYPT, NEVER USE
  1295. g_ssl_disable_web - Disable protocols for web only (restart surgemail)
  1296. g_ssl_dmalloc - Enable dmalloc tracking in ssl
  1297. g_ssl_fips - Enable FIPS mode crash if not available (DO NOT USE)
  1298. g_ssl_guess_domain - Guess domain using SSL hostname to allow login without @domain.name
  1299. g_ssl_honor - Honor server cipher order
  1300. g_ssl_hsts - Send HSTS header to prevent accidental http access. Dangerous security feature if HTTP is ever needed
  1301. g_ssl_lets_exclude - Domains urls to not update, user must copy from ssl to lets folder
  1302. g_ssl_lets_path - Path to webservers /.well-known folder for letsencrypt
  1303. g_ssl_lets_slave - Run letsencrypt on SLAVE too
  1304. g_ssl_per_domain - Create/use an SSL certificate for each domain
  1305. g_ssl_perfect - Apply good SSL settings, best to remove g_ssl_ciphers setting too
  1306. g_ssl_require - IP Wild card list to require SSL encryption from
  1307. g_ssl_require_imap - IP Wild card list to require SSL encryption from for IMAP
  1308. g_ssl_require_in - Local domains that must only receive SSL messages
  1309. g_ssl_require_login - IP Wild card list to require SSL encryption for POP/IMAP/SMTP don't use with broadworks
  1310. g_ssl_require_out - Remote ip, remote domain for which we must send using SSL
  1311. g_ssl_require_smtp - If IP matches then require SSL for incoming SMTP message
  1312. g_ssl_require_web - Require https for most web features (excluding blogs file sharing and surgeplus)
  1313. g_ssl_retry_seconds - Second to try and establish ssl connection, default is 5
  1314. g_ssl_sha1_sign - Obsolete, sha256 is now always used
  1315. g_ssl_test_fail - Break ssl to test auto downgrade
  1316. g_ssl_try_from - Try and start ssl mode if from this user, e.g. *@xyz.com
  1317. g_ssl_try_not - Skip ssl for these hosts
  1318. g_ssl_try_out - Try and start ssl mode to these hosts
  1319. g_ssl_verify - Domains that must have valid ssl certificates
  1320. g_ssl_warn - Send users weekly reminder if they keep using non SSL logins
  1321. g_ssl_warn_ignore - Don't give warnings if user is from this trusted host
  1322. g_ssl_warn_text - Last line of email warning sent to user if SSL not used
  1323. g_sstat_disable - Disable netwin statistics gathering.
  1324. g_stack - For testing only, NEVER SET THIS
  1325. g_stack_imap - For testing only, NEVER SET THIS
  1326. g_startup_delay - Seconds to wait before starting surgemail
  1327. g_status_login - Require login for spam status actions
  1328. g_status_url - Specify default global url for status messages
  1329. g_status_view_html - Obsolete setting
  1330. g_store_dropped - Store upto 5000 bad bounces in the dropped directory
  1331. g_subject_blank - Subject header if one is missing
  1332. g_suffix_report_admin - Report email to admin if suffix prevents login
  1333. g_suffix_report_user - Report email to user if suffix prevents login
  1334. g_surbl - SURBL Spam URI Realtime Blocklists
  1335. g_surbl_from - Also check the return path
  1336. g_surbl_reject - Reject email with SURBL hits
  1337. g_surbl_showall - Show all surble urls to check in a message header
  1338. g_surbl_skip - URL's to allow even if listed in surbl
  1339. g_surbl_skip_ip - Skip SURBL check if sender is from listed ip
  1340. g_surbl_whois - Also check whois info on suspect urls - not for busy servers!
  1341. g_surgeblog - Specialize SurgeMail as a Blog server
  1342. g_surgeplus_delay_tell_upgrade - Delay informing existing users about new SurgePlus versions for
  1343. g_surgeplus_delay_tell_upgrade_exempt - Users exempt from delayed new version informing
  1344. g_surgeplus_hide_client_downloads - Hide the links to download and install SurgePlus Windows client
  1345. g_surgeplus_links - Add web links to SurgePlus from other web interfaces (and vice versa) for users allowed to use SurgePlus.
  1346. g_surgeplus_log_level - SurgePlus log level. 'none', 'info', or 'debug'. Default is 'info'
  1347. g_surgeplus_online - Enable online tracking in surgeplus
  1348. g_surgeplus_pop_server_name - Default pop server to set SurgePlus client download to connect to.
  1349. g_surgeplus_port - SurgePlus port to listen on, default is 7110
  1350. g_surgeplus_secure_port - SurgePlus SSL secure port, default is 7995
  1351. g_surgeplus_smtp_server_name - Default smtp server to set SurgePlus client download to connect to.
  1352. g_surgeplus_web_port - SurgePlus web port to listen. Default is to use HTTP webmail port
  1353. g_surgeplus_web_url - Direct SurgePlus users to access shared files at this url
  1354. g_surgewall_ignore_error - Deliver even if some rule sais bounce
  1355. g_surgewall_redirect - Allow redirect/responder for surgewall
  1356. g_surgewall_split - Split up surgewall messages, one per recipient
  1357. g_surgeweb_allow_abk_v2 - Accept v2.1 vcard format and treat is as a v3.0 vcard
  1358. g_surgeweb_auth_ok - Alow smtp auth for surgeweb even when disabled
  1359. g_surgeweb_backend_server - Backend machine to connect to
  1360. g_surgeweb_backend_web - Backend machine to connect to
  1361. g_surgeweb_benchmark - Log web request timing info for surgeweb benchmarking - matches ip addresses
  1362. g_surgeweb_cache_less - Reduce surgeweb caching
  1363. g_surgeweb_debug - Log surgeweb debug info - matches ip addresses or email addresses - avoid
  1364. g_surgeweb_disable - Disable access to SurgeWeb
  1365. g_surgeweb_forgot_show - Show forgot password link on surgeweb login page
  1366. g_surgeweb_ics - Surgeweb email/calendaring integration (ie ics file processing and sending)
  1367. g_surgeweb_idle_timeout - Idle timeout for surgeweb sessions (hours, default=48)
  1368. g_surgeweb_logall - For requests matching g_surgeweb_debug also leave all webio & temp files - avoid
  1369. g_surgeweb_login_revert - Revert to old surgeweb login logic (DO NOT USE, NETWIN TESTING ONLY)
  1370. g_surgeweb_logtmp - For requests matching g_surgeweb_debug leave all temp files - avoid
  1371. g_surgeweb_path - Change surgeweb path
  1372. g_surgeweb_process - Run surgeweb in it's own process (beta)
  1373. g_surgeweb_remember_timeout - "Remember" timeout / max session length for surgeweb sessions (days, default=14)
  1374. g_surgeweb_restrict - Restrict surgeweb use to these accounts only
  1375. g_surgeweb_testing - NEVER USE
  1376. g_surgeweb_testrig - Disable session cache for testrig
  1377. g_surgeweb_work - Path to Surgeweb cache/work files
  1378. g_tarpit_badrcpt - Delay rejection of bad recipients (in seconds, default 4s)
  1379. g_tarpit_blackhole - Reject the email one recipient at a time
  1380. g_tarpit_drop - Drop link and ban for 1 hour if tarpit limits exceeded
  1381. g_tarpit_hacker - Slow DOS attacks in some situations
  1382. g_tarpit_max - Number of local recipients before slowing down per 30 minutes
  1383. g_tarpit_max_remote - Number of remote recipients before slowing down
  1384. g_tarpit_retry - Send retry error, 450 if tarpit limits exceeded
  1385. g_tarpit_skip - Skip tarpit limit for these destination users or domains, e.g. *@xyz.com
  1386. g_tarpit_skip_from - Skip tarpit limit for messages from these users e.g. *@xyz.com
  1387. g_tcp_bf_size - Set tcpip snd/rcv buffer sizes, best left blank
  1388. g_tcp_proxy_ip - Enable TCP proxy protocol for specific address
  1389. g_tcp_que_len - Length of listen queue for incoming connections
  1390. g_tcp_read_timeout - Timeout in 'seconds' on pop connections, do not adjust. (default 600)
  1391. g_tellmail_ip - Addresses to allow tellmail commands from (should never be *)
  1392. g_thread_log - Enable thread.log
  1393. g_thread_max - Max threads allowed on this system (best not changed)
  1394. g_thread_max_restart - Crash and restart if max threads exceeded from local ip on smtp
  1395. g_thread_pool - Keep all threads in a common pool - removed
  1396. g_thread_reuse2 - Reuse threads - fixes unix bug - not implemented
  1397. g_thread_smooth - Throttle thread creation as max hit to reduce peaks
  1398. g_thread_spinlock - Spin more before sleeping when waiting for mutex
  1399. g_timeout_try_later - If timeout while waiting for message to arrive tell other end to retry
  1400. g_timezone - Places in timezone part of date string, e.g. +1200 NZT. Please leave blank!
  1401. g_timezone_force - Hours offset to local time, e.g. 5 (best left blank)
  1402. g_tmalloc_log - write tmalloc.log for gd library memory access.
  1403. g_to_valid - Require an @ and dotted domain in all dest addresses
  1404. g_tohost_local - Authentication database tohost name entry to deliver locally (see g_proxy and g_route_by_tohost)
  1405. g_token_httponly - Use httponly flag, stop scripts using token, may break attachments
  1406. g_token_secure - Use secure flag for surgeweb, stops http access to token, so requires https to work
  1407. g_toscan_path - Path used for mime parts for virus scanner
  1408. g_trace_flush - Flush to trace_dump.log via monitor
  1409. g_train_store - Number of messages to store in each spam training directory (1000-5000)
  1410. g_twilio_api - Twilio compatible API endpoint (not normally needed)
  1411. g_twilio_from - Twilio SMS from phone number
  1412. g_twilio_sid - Twilio account SID
  1413. g_twilio_token - Twilio account TOKEN
  1414. g_uidl_big - Use random uidl if uidl not found
  1415. g_unique_name - A unique name for this server
  1416. g_url_alias - Allows translation from one url to another
  1417. g_url_enable - Enable widearea URL spam database
  1418. g_url_host_noscan - Disable the scan for url_host settings matching the domain in an incoming web request
  1419. g_url_master - Set if this is the central URL server (for netwin use only)
  1420. g_url_master_to - Central URL server email address (leave blank)
  1421. g_url_redirect - Sends http 301 redirect to tell browser resource has moved
  1422. g_user_access - User.cgi features granted to access groups
  1423. g_user_access_always - Run spam and filter regardless of access UI settings
  1424. g_user_access_default - Default user.cgi features granted to users
  1425. g_user_access_from - When sending use from for useraccess rules
  1426. g_user_access_webonly - Means user_access rules only stop web interface not actual spam checking etc
  1427. g_user_alias - Number of aliases accounts can create
  1428. g_user_alias_file - User aliases configuration file
  1429. g_user_block_time - Block chrisp from pop access for this time period
  1430. g_user_blogs - Number of blogs accounts can create
  1431. g_user_cookies - Enable browser cookies for user self management
  1432. g_user_delete - Let users delete themselves
  1433. g_user_disable - Filename listing users to disable
  1434. g_user_domainlist - Who to show domain dropdown list to on user.cgi login page and 'user' pages
  1435. g_user_filter_early - Process user exceptions/accept filters before tagging message as spam
  1436. g_user_friends_domain_log_disable - Disable domain level friend.log file
  1437. g_user_friends_log_disable - Disable user level friend.log file
  1438. g_user_hide_security - Hide user level security.log access
  1439. g_user_list_quota - Number of mailing lists users can create
  1440. g_user_mail_view - Whether an admin/manager can view/display users inbox mail
  1441. g_user_mfilter - Mfilter to run for individual user delivery, some features not supported
  1442. g_user_pipe - Pipe run on file just before delivery to user, $USER$ available on command line
  1443. g_user_receive_rule - Define valid source addresses for users in a group
  1444. g_user_report - Daily,Weekly,Monthly, emailed to managers of each domain
  1445. g_user_send_all - Apply all g_user_send_rules that match
  1446. g_user_send_ip - Block any ip that sends more than this many emails per day
  1447. g_user_send_max - Maximum number of emails per day (requires SMTP AUTH)
  1448. g_user_send_rule - Define valid recipient addresses for users in a group (requires SMTP AUTH)
  1449. g_user_send_warning - Warn manager if any user sends more than this many messages per day, e.g. 5000
  1450. g_user_send_white - No limit for these ip addresses/users
  1451. g_user_sms_quota - Number of sms messages accounts can send
  1452. g_user_status_from - Send status with return address of the user
  1453. g_user_status_fromhdr - Send status with return address of this
  1454. g_user_status_send - Number of days after which to send user status messages (0 = never)
  1455. g_user_utoken_days - Number of days a user self management login token is valid for
  1456. g_user_utoken_expire - Length of time a user self management login token is valid for
  1457. g_user_utoken_idle - Length of time a user self management login token may remain idle for
  1458. g_user_virus_scan - Allow virus scans for specific users instead of all users
  1459. g_utf8_case_insensitive - Use case insensitive compare for surgeweb and imap searches
  1460. g_vanish_any_bounce - Vanish all bounces, requires g_vanish_bad_bounces
  1461. g_vanish_bad_bounces - Vanish suspected spam bounces (requires g_received_name)
  1462. g_vanish_fake_local_bounces - Vanish spam masquerading as local bounces
  1463. g_vanish_relay - Vanish bad bounces before relaying email too
  1464. g_vanish_virus_bounces - Vanish suspected virus bounces (requires g_received_name)
  1465. g_verify_helo - Verify helo name translates to same network as sending system
  1466. g_verify_image_hard - Use extra difficult human verification image (used in blogs)
  1467. g_verify_mx - Verify MX records contain senders IP address (see g_verify_mx_skip)
  1468. g_verify_mx_skip - Use to define incoming mail gateway ips so the mx verify doesn't fail on them
  1469. g_verify_smtp2 - Verify we can talk back to the SMTP port on incoming ip address
  1470. g_verify_timeout - Seconds to wait for SMTP response, default is 10 seconds
  1471. g_vipre_enable - Enable vipre scanner on windows
  1472. g_virus_allow_unmonitorable - Allow unmonitorable content (avast antivirus)
  1473. g_virus_avast_attachments - Only scan messages with suspect attachments (windows only currently)
  1474. g_virus_avast_hour - Hour of day to update avast definitions, e.g. 9 = 9a.m.
  1475. g_virus_avast_old - Enable AVAST virus scanner integration, OBSOLETE, DO NOT USE
  1476. g_virus_cloud - Use cloud scanner, not recommended
  1477. g_virus_cloud_wild - File types to cloud scan *.exe,*.com
  1478. g_virus_cmd - Virus checker for mime parts, use $FILE$ in cmd
  1479. g_virus_cmd_body - Scan raw msg file too
  1480. g_virus_cmd_codes - List of return codes to bounce message, e.g. 1,2,3,4,5
  1481. g_virus_cmd_drop - Drop silently instead of reject at data stage - not recommended
  1482. g_virus_cmd_email - Set if scanner can understand email message files
  1483. g_virus_cmd_log - Log stdout of virus command line scanner to vcmd.log
  1484. g_virus_cmd_max - Max concurrent threads that should run this command, if exceeded messages are not checked
  1485. g_virus_cmd_nodel - Disables cleanup of scanned files, so you can test manually
  1486. g_virus_cmd_size - Max size of messages to scan
  1487. g_virus_cmd_sleep - Milli seconds to wait after g_virus_cmd incase delete is not immediate, e.g 500 = half a second
  1488. g_virus_cmd_test - Continue after virus found to compare scanners
  1489. g_virus_debug3 - Testing virus scanners do not use
  1490. g_virus_disable_local - Disable scanning for local trusted users
  1491. g_virus_disable_remote - Disable virus scans for non-local addresses
  1492. g_virus_filter - Virus checker which works like an authent module (talk to on stdin/stdout) - vpipe
  1493. g_virus_filter_require - If any g_virus_filter pipe fails bounce messages rather than allow to continue
  1494. g_virus_fprot - Port for FProt mail scanner (usually 11200)
  1495. g_virus_late - Run virus scan after most spam filter processing
  1496. g_virus_localhost - Don't skip virus checks for 127.0.0.1 originating emails
  1497. g_virus_recent_skip - Skip virus recent cache which attempts to speed up virus scanners
  1498. g_virus_rename - Rename executables by changing '.' to '_' prevents many auto run viruses
  1499. g_virus_rename_skip - Skip rename for these from/to addresses
  1500. g_virus_rename_skipauth - Skip rename if user sending is authenticated local user
  1501. g_virus_report - Report detected viruses to someone
  1502. g_virus_report_all - Report every virus using g_virus_report
  1503. g_virus_report_user - Report virus to recipients
  1504. g_virus_restart - Restart vpipe virus scanners every this many items
  1505. g_virus_scanner_list - List of files to be virus scanned *.exe,*.bat,etc...
  1506. g_virus_simple - Enable internal simple virus scanner
  1507. g_virus_simple_list - List of dangerous file extensions, *.exe,*.bat,etc...
  1508. g_virus_simple_skip - Skip simple check for from/to addresses
  1509. g_virus_simple_skipauth - Skip simple virus if user sending is authenticated local user
  1510. g_virus_simple_test - Compare with avast results
  1511. g_virus_simple_zip - Check zip files for executables and block
  1512. g_virus_skip - Skip virus scanner for matching from envelope
  1513. g_virus_skip_ip - Skip virus scanner for matching ip addresses
  1514. g_virus_strangers - Use simple attachment filter for non friends, turn off g_virus_simple
  1515. g_vpipe_concurrent - Concurrent requests to vpipe process, default is 7, set to 1 to debug vpipe issues
  1516. g_vpipe_fail_crash - If virus scanner fails, crash surgemail (for debugging)
  1517. g_vpipe_notag - Disable headers showing vpipe results in messages
  1518. g_vpipe_skip - Skip scanner for this IP address (e.g. trusted mailing lists)
  1519. g_vpipe_timeout - Timeout if scanner takes this long to respond default 60 seconds
  1520. g_warning_to - Addresses to treat as local and send warning bounces to
  1521. g_web_access_grp - Restrict user groups to specific web ports
  1522. g_web_access_ip - Restrict access to web ports based on ip
  1523. g_web_access_max - Maximum number of concurrent web logins for group
  1524. g_web_add - Add http headers
  1525. g_web_admin_max - Maximum number of concurrent web admin sessions
  1526. g_web_api_ip - Allow access to web based API for msg access
  1527. g_web_appsname - Apps url name on unified web interface
  1528. g_web_appsroot - Apply apps interface at web root ie /
  1529. g_web_charset - Charset for html pages
  1530. g_web_check_host - Check host matches valid domain
  1531. g_web_disable_delete - Disable web verb delete
  1532. g_web_disable_head - Disable web verb head
  1533. g_web_disable_mkcalendar - Disable web verb mkcalendar
  1534. g_web_disable_mkcol - Disable web verb mkcol
  1535. g_web_disable_options - Disable web verb options
  1536. g_web_disable_propfind - Disable web verb propfind
  1537. g_web_disable_report - Disable web verb report
  1538. g_web_force_doctype_first_disable - Disable webserver behaviour to force doctype definitions to be displayed first.
  1539. g_web_forwarded_test - Fake the forwarded-for header
  1540. g_web_forwarded_uselast - Use last address in multiple item forwarded-for header
  1541. g_web_hide_source_names - Hide the name of the source template page in output web pages.
  1542. g_web_max - Max concurrent web connections, default is 100
  1543. g_web_max_perip - Max concurrent web connections per-ip, default is 60
  1544. g_web_noserver - Disable Server header in http responses
  1545. g_web_old_behaviour - Revert to old style webserver behaviour
  1546. g_web_php_exe - Path to php.exe
  1547. g_web_policy_always - Break surgeweb with web policy feature :-)
  1548. g_web_policy_disable - Disable obscure web policy security headers
  1549. g_web_ref_path_extension - Path extension to add as suffix to web page image/css references.
  1550. g_web_timeout - Timeout for web requests
  1551. g_web_title - Title to use on specified web page
  1552. g_web_trust_ip - Trust ip address from rev proxy web server X-Forwarded-For
  1553. g_web_url_path - Url to path translation with access specifier
  1554. g_web_utf8 - Make sure all user.cgi handling is done in UTF8
  1555. g_webdav_enable - Enable webdav access for users (do not use)
  1556. g_webdav_group - Only allow webdav if member of webdav access group
  1557. g_webdav_path - Root path for webdav storage
  1558. g_webdav_public - Enable non authenticated access to pub folder (readonly)
  1559. g_webmail_limit - Maximum number of concurrent webmail requests
  1560. g_webmail_popmode - Use POP3 instead of IMAP in WebMail.
  1561. g_webmail_port - HTTP Webmail port to listen on, default is 7080
  1562. g_webmail_save - Write surgehost.ini and other obsolete webmail config info
  1563. g_webmail_secret - Secret string used by webmail when sending the ip address of connecting users
  1564. g_webmail_secure_port - HTTPS secure WebMail port, default is https 7443
  1565. g_webmail_select_domain - Send select_domain instead of host in webmail autologins
  1566. g_webmail_timeout - Timeout for webmail or any cgi process (in seconds, default 360)
  1567. g_webmail_url - Url to the WebMail cgi
  1568. g_webmail_urladd - Url data to append to WebMail auto-login link
  1569. g_webmail_useip - Use the ip address in g_webmail_port setting
  1570. g_webmail_workarea - Path to WebMail workarea
  1571. g_winmail_fix - Replace winmail.dat with normal attachments, requires tnef installed first http://netwinsite.com/tnef.htm
  1572. g_winmail_reject - Rejects all winmail.dat files - this is a bit harsh
  1573. g_winmail_reject_send - Stops your own users sending winmail.dat files so they can fix their email client settings
  1574. g_work - Workarea for temp files
  1575. g_xauthuser_hide - Hide X-Authenticated-User header in processed mail
  1576. g_xfile_allow - Allow xfile & web upload features for users. Set to '*'
  1577. g_xrcpt_hide - Hide X-Rcpt-To header in locally delivered mail (not recommended)
  1578. g_xrcptoriginal_hide - Hide X-Rcpt-Original header in locally delivered mail
  1579. g_xserver_hide - Hide X-Server header in processed mail

WebMail settings

  1. see separate manual - further documentation to be completed