Difference between revisions of "Configuration Tool"

[unchecked revision][checked revision]
 
(8 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
__NOTOC__
 
__NOTOC__
[[File:MailStore_Gateway_Configuration.png|right|300px]]
+
[[File:MailStore_Gateway_Configuration_LE_EN.png|right|300px]]
  
The MailStore Gateway Configuration tool, allows administrators to make basic configuration changes and necessary settings to successfully run the MailStore Gateway service.  
+
With the MailStore Gateway Configuration tool administrators can configure basic settings of the MailStore Gateway service.  
  
The MailStore Gateway Configuration tool is either started automatically as part of the initial installation process, or can be started manually through the corresponding desktop or start menu link.
+
The tool is started automatically during the initial installation process; it can be started manually through the corresponding desktop icon or start menu link.
  
 
{{clear}}
 
{{clear}}
  
 
== E-Mail Domain ==
 
== E-Mail Domain ==
The value of the ''E-Mail Domain'' field specifies the domain part of the individual email addresses that are created for each MailStore Gateway mailbox.
+
This value specifies the domain part of each MailStore Gateway mailbox email address (i.e. ''<mailbox-id>@'''<e-mail domain>'' ''').
  
If emails from other email servers (e.g. Microsoft Office 365, Google G Suite, etc.) should be received by MailStore Gateway, the configured ''E-Mail Domain'' must be resolvable via DNS.
+
If MailStore Gateway should receive emails from other email servers (e.g. Microsoft Office 365, Google G Suite, etc.), the configured e-mail domain must be resolvable through DNS.
  
'''Example: ''' If the primary domain is ''example.com'' and MailStore Gateway should receive emails, a DNS record like ''msgw.example.com'' needs be created in the DNS zone ''example.com''. The records must poins to the public IP address on which MailStore Gateway is reachable. If MailStore Gateway is located behind a NAT firewall, additional configuration may be needed. Refer to [[Firewall Configuration]] for further details. In MailStore Gateway, the ''E-Mail Domain'' to be configured would be <tt>msgw.example.com</tt>.  
+
'''Example: ''' If the primary domain is ''example.com'' and MailStore Gateway should receive emails, a DNS record like ''msgw.example.com'' needs to be created in the DNS zone ''example.com''. The record must point to a public IP address on which MailStore Gateway is reachable. In MailStore Gateway the value of ''E-Mail Domain'' would be set to <tt>msgw.example.com</tt>. 
 +
If MailStore Gateway is located behind a NAT router or firewall, additional configuration may be needed. Refer to [[Firewall Configuration]] for further details.  
  
 
== Certificate ==
 
== Certificate ==
MailStore Gateway uses TLS certificates to provide encrypted communication with clients and other servers.
+
MailStore Gateway uses TLS certificates to establish encrypted communication channels with clients and other servers.
  
The MailStore Gateway Configuration tool allows administrators to specify which certificate is to be used by MailStore Gateway. Administrators may choose from the following options:
+
Administrators can choose from the following options which certificate MailStore Gateway should use:
  
* '''Select from Certificate Store'''<br/>A certificate can be selected from the Windows' certificate store. Please note that the ''Personal'' certificate store of the Computers is used, not of the current Windows users.
+
* '''Select from Certificate Store'''<br/>A certificate can be selected from the Windows certificate store. Please note that the ''Personal'' certificate store of the computer account is used, not the store of the current Windows user.
* '''Create Self-Signed Certificates'''<br/>A new self-signed certificate can be created and is automatically selected afterwards. Please note that self-signed certificates are neither trusted by other clients, which may lead to warnings on client computers, nor other servers. Therefor, Self-signed certificates are suitable for testing purpose and should be replaced once a system is used in a productions environment.
+
* '''Create Self-Signed Certificate'''<br/>A new self-signed certificate can be created and is automatically selected afterwards. Please note that self-signed certificates are neither trusted by other clients, which may lead to warnings on client computers, nor other servers. Therefore, self-signed certificates are suitable for testing purposes only and should be replaced once a system is used in a productions environment.
* '''Import from File'''<br/>This option allows administrators to import certificates from ''Private Information Exchange (*.p12;*.pfx)'' files. The configuration tool will automatically import the certificates into the correct Window's certificate store. Since Private Information Exchange files are password protected, a password must be entered to to start the import process.
+
* '''Import from File'''<br/>With this option certificates can be imported from ''Private Information Exchange (*.p12;*.pfx)'' files. The configuration tool will automatically import the certificates into the correct Windows certificate store. Since Private Information Exchange files are password protected, a password must be entered to start the import process.
 +
* '''Obtain from Let's Encrypt'''<br/>Let's Encrypt is a free, automated, and open certificate authority, trusted by all major web browsers and operating systems. Please refer to [[Using Let's Encrypt Certificates]] for more details.
 +
 
 +
== Management Console Port ==
 +
Defines the TCP ports on which MailStore Gateway's Management Console is available. If no other web server is running on the same server, it can safely be changed to the standard HTTPS port 443.
 +
 
 +
== Let's Encrypt Port ==
 +
This port is used temporarily when requesting or renewing certificates from Let's Encrypt.
  
 
== Log Level ==
 
== Log Level ==
The ''Log Level'' defines how much information MailStore Gateway logs into it's log files. The default settings is ''Information'' which should not be changed unless troubleshooting is required.
+
The ''Log Level'' defines how much information MailStore Gateway logs into its log files. The default settings is ''Information'' which should not be changed unless troubleshooting is required.
 +
 
 +
== RFC 3030 support ==
 +
Enables RFC 3030 support for inbound SMTP connections on port 25. This causes MailStore Gateway to advertise the SMTP extensions ''BINARYMIME'' and ''CHUNKING'' in its supported extensions and allows the use of the SMTP verb ''BDAT'' to accept emails with binary content (bare-line feeds) without additional content transfer encoding. This improves compatibility with inbound email servers, such as those of Microsoft 365.
 +
 
 +
; <p class="msnote" style="color:red">'''Important notice:''' MailStore Server 24.4 or MailStore SPE 24.4 or newer are required to correctly archive emails submitted via the BDAT verb. Therefore, make sure to have updated MailStore Server or MailStore SPE ''before'' activating this option.</p>
 +
 
 +
; <p class="msnote">'''Important notice:''' This extension is not supported in proxy mode. Since proxy mode is only activated by authentication after the SMTP EHLO command, incompatibility with clients that also support ''CHUNKING'' may occur.</br>In this case, use SMTP port 465 or 587 of the same gateway or use another gateway where this option remains disabled.</p>
  
 
== Apply Configuration Changes ==
 
== Apply Configuration Changes ==
After the configuration of MailStore Gateway has been changed, the changes need be written to the configuration file by clicking on ''Apply''. Otherwise the changes will not be considered when starting the MailStore Gateway service.  
+
After the configuration of MailStore Gateway has been changed, the changes must be written to the configuration file by clicking on ''Apply''. Otherwise the changed settings will not be used when starting the MailStore Gateway service.  
  
 
== Starting the MailStore Gateway Service ==
 
== Starting the MailStore Gateway Service ==
By clicking the ''Start Service'' button at the bottom of the configuration tool, the MailStore Gateway service will be will be started. This button is only available if the service is currently stopped.
+
By clicking the ''Start Service'' button, the MailStore Gateway service will be started. Changes to the configuration must be applied first, otherwise a warning is issued. This button is only available if the service is currently stopped.
  
If there are unsaved configuration changes, the tools will show a warning
+
== Stopping the MailStore Gateway Service ==
that old values will be used to start the service. If that is not intended, the process should be canceled to apply changes first.
+
By clicking the ''Stop Service'' button, the MailStore Gateway service will be stopped. Changes to the configuration can only be made while the service is stopped. This button is only available if the service is currently running.
  
== Stopping the MailStore Gateway Service ==
+
[[de:Konfigurationswerkzeug]]
By clicking the ''Stop Service'' button at the bottom of the configuration tool, the MailStore Gateway service will be will be stopped. This button is only available if the service is currently running.
+
[[en:Configuration Tool]]

Latest revision as of 08:51, 9 October 2024

MailStore Gateway Configuration LE EN.png

With the MailStore Gateway Configuration tool administrators can configure basic settings of the MailStore Gateway service.

The tool is started automatically during the initial installation process; it can be started manually through the corresponding desktop icon or start menu link.

E-Mail Domain

This value specifies the domain part of each MailStore Gateway mailbox email address (i.e. <mailbox-id>@<e-mail domain> ).

If MailStore Gateway should receive emails from other email servers (e.g. Microsoft Office 365, Google G Suite, etc.), the configured e-mail domain must be resolvable through DNS.

Example: If the primary domain is example.com and MailStore Gateway should receive emails, a DNS record like msgw.example.com needs to be created in the DNS zone example.com. The record must point to a public IP address on which MailStore Gateway is reachable. In MailStore Gateway the value of E-Mail Domain would be set to msgw.example.com. If MailStore Gateway is located behind a NAT router or firewall, additional configuration may be needed. Refer to Firewall Configuration for further details.

Certificate

MailStore Gateway uses TLS certificates to establish encrypted communication channels with clients and other servers.

Administrators can choose from the following options which certificate MailStore Gateway should use:

  • Select from Certificate Store
    A certificate can be selected from the Windows certificate store. Please note that the Personal certificate store of the computer account is used, not the store of the current Windows user.
  • Create Self-Signed Certificate
    A new self-signed certificate can be created and is automatically selected afterwards. Please note that self-signed certificates are neither trusted by other clients, which may lead to warnings on client computers, nor other servers. Therefore, self-signed certificates are suitable for testing purposes only and should be replaced once a system is used in a productions environment.
  • Import from File
    With this option certificates can be imported from Private Information Exchange (*.p12;*.pfx) files. The configuration tool will automatically import the certificates into the correct Windows certificate store. Since Private Information Exchange files are password protected, a password must be entered to start the import process.
  • Obtain from Let's Encrypt
    Let's Encrypt is a free, automated, and open certificate authority, trusted by all major web browsers and operating systems. Please refer to Using Let's Encrypt Certificates for more details.

Management Console Port

Defines the TCP ports on which MailStore Gateway's Management Console is available. If no other web server is running on the same server, it can safely be changed to the standard HTTPS port 443.

Let's Encrypt Port

This port is used temporarily when requesting or renewing certificates from Let's Encrypt.

Log Level

The Log Level defines how much information MailStore Gateway logs into its log files. The default settings is Information which should not be changed unless troubleshooting is required.

RFC 3030 support

Enables RFC 3030 support for inbound SMTP connections on port 25. This causes MailStore Gateway to advertise the SMTP extensions BINARYMIME and CHUNKING in its supported extensions and allows the use of the SMTP verb BDAT to accept emails with binary content (bare-line feeds) without additional content transfer encoding. This improves compatibility with inbound email servers, such as those of Microsoft 365.

Important notice: MailStore Server 24.4 or MailStore SPE 24.4 or newer are required to correctly archive emails submitted via the BDAT verb. Therefore, make sure to have updated MailStore Server or MailStore SPE before activating this option.

Important notice: This extension is not supported in proxy mode. Since proxy mode is only activated by authentication after the SMTP EHLO command, incompatibility with clients that also support CHUNKING may occur.
In this case, use SMTP port 465 or 587 of the same gateway or use another gateway where this option remains disabled.

Apply Configuration Changes

After the configuration of MailStore Gateway has been changed, the changes must be written to the configuration file by clicking on Apply. Otherwise the changed settings will not be used when starting the MailStore Gateway service.

Starting the MailStore Gateway Service

By clicking the Start Service button, the MailStore Gateway service will be started. Changes to the configuration must be applied first, otherwise a warning is issued. This button is only available if the service is currently stopped.

Stopping the MailStore Gateway Service

By clicking the Stop Service button, the MailStore Gateway service will be stopped. Changes to the configuration can only be made while the service is stopped. This button is only available if the service is currently running.