MailStore Server Help - User contributions [en]

User:Dweuthen

2021-02-15T09:47:13Z

Dweuthen: Created page with "<youtube autoplay="true">https://www.youtube.com/watch?v=dQw4w9WgXcQ</youtube>"

<youtube autoplay="true">https://www.youtube.com/watch?v=dQw4w9WgXcQ</youtube>

MDaemon Integration

2020-12-17T16:34:30Z

Dweuthen: /* Connection to the MDaemon */

{{DISPLAYTITLE:Synchronizing User Accounts with an MDaemon User Database}}

{{Directory Services Preamble|MDaemon Email Server}}

== Accessing the Directory Service Integration ==
{{Directory Services Accessing Configuration|MDaemon Email Server|Mdaemon_sync_01.png}}

== Connection to the MDaemon ==
For synchronization MailStore Server requires information on how to access the MDaemon App directory.

*'''MDaemon App Directory''' Enter the path to the App directory of your MDaemon installation. The App directory contains the files ''Userlist.dat'' and ''Groups.dat''. If MailStore Server is installed on the same computer as the MDaemon Email Server, the MDaemon App directory is detected automatically. If MailStore Server is not installed on the same machine, share the App directory of the MDaemon Email Server with the MailStore Server computer and enter the share's UNC path into the field ''MDaemon App Directory'' (e.g. <code>\\MDAEMON\MDApp</code>).

::'''Please note:''' To access the MDaemon App directory through a network share it may be necessary to configure [[Using_Network_Attached_Storage_(NAS)|a connection to a network share]] for the MailStore Server Service.
*'''Code Page''' You only have to change this option if the encoding of the files''Userlist.dat'' and ''Groups.dat'' differs from the standard encoding of the MailStore Server computer.

== User Database Synchronization ==
After configuring the connection settings as described above, you can specify filter criteria for the MDaemon user database synchronization in this section.

*'''MDaemon Groups''' Choose one or more groups to let only their members be created as MailStore Server Users. If no groups are selected, all users will be synchronized.

=== Authentication ===
{{Directory Services MDaemon Authentication|MDaemon Email Server}}
{{Directory Services Options|MDaemon Email Server}}
{{Directory Services Assign Default Privileges|an MDaemon Email Server}}
{{Directory Services Run Synchronization|MDaemon Email Server}}[[File:ApplicationIntegration_sync_02.png|450px|center]]

{{Directory Services Test Authentication}}
{{Directory Services Login with Directory Services Credentials|MDaemon}}

[[de:MDaemon-Integration]]
[[en:MDaemon_Integration]]

File:Tech config 03.png

2020-12-14T14:14:26Z

Dweuthen: Dweuthen uploaded a new version of File:Tech config 03.png

File:Tech config 02.png

2020-12-14T14:13:58Z

Dweuthen: Dweuthen uploaded a new version of File:Tech config 02.png

Importing image file

File:Tech config 01.png

2020-12-14T14:13:13Z

Dweuthen: Dweuthen uploaded a new version of File:Tech config 01.png

Importing image file

Generic LDAP Integration

2020-12-08T16:42:42Z

Dweuthen: /* Configuration Samples */

{{Directory Services Preamble|LDAP server}}

== Accessing Directory Service Integration ==
{{Directory Services Accessing Configuration|LDAP server|Mldap_sync_01.png}}

== Connection to the LDAP Directory Service ==
For synchronization MailStore Server requires information on how to connect to the LDAP directory service and how to obtain the required data from it.

=== LDAP Connection ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Server Name
| DNS name or IP address of your LDAP server
|-
| Protocol
| Configure whether the connection to the LDAP server is to be unencrypted on port 389, LDAP-TLS on port 389, or LDAP-SSL on port 636
|-
| Accept all certificates (only when using LDAP-TLS or LDAP-SSL)
| {{Option_Accept_all_certificates}}
|-
| Administrative DN
| Distinguished Name (DN) or user name of a user with appropriate privileges on the LDAP server
|-
| Password
| Password of the user specified in Administrative DN
|-
| Base DN
| LDAP base DN, if needed
|}

=== User Filter and Attributes ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Filter (optional)
| Filter LDAP objects to return only user objects with email addresses
|-
| User Name
| The LDAP attribute containing the username that you wish MailStore to use
|-
| Local Part Only (E-mail Addresses / UPN)
| If unchecked, MailStore will use the full username including domain portion, e.g. ''username@example.com''. If checked, MailStore will only use the local part of the User Name specified, e.g. the ''username''
|-
| Full Name (optional)
| The full name of the user, for display purposes within MailStore
|-
| E-mail Addresses (opt.)
| The LDAP attribute containing the user's email address. This can contain multiple, comma separated, e-mail addresses
|}

=== Group Filter and Attributes ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Filter
| LDAP filter to return only group objects
|-
| Name
| The LDAP attribute that contains the common name of a group
|-
| Description (optional)
| The LDAP attribute that contains a human readable description for each group
|-
| Members
| The LDAP attribute that contains the common name of group members
|-
| Search Filter for Members
| LDAP filter to resolve group members when members are not specified as a DN string as part of the group results. MailStore will fill in the <tt>{member}</tt> variable with values from the ''Members'' attribute
|-
| Group
| The actual group(s) containing users that MailStore Server will synchronize
|}

=== Options ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Automatically delete users in MailStore Server
| If enabled, MailStore will delete users from the local MailStore database when the user is deleted, removed from the filtered group, or falls out of scope based on the above LDAP filter settings
|}

{{Directory Services Assign Default Privileges}}

== Configuration Samples ==

=== Active Directory ===
It is possible to connect LDAP Generic to Active Directory, allowing for more flexibility and control than MailStore's built-in Active Directory support. For example, LDAP Generic will allow you to accept invalid or self-signed certificates when using LDAP-SSL or LDAP-TLS, use custom filters or change which attributes are used by MailStore.

It is assumed that the Active Directory LDAP service is reachable by the MailStore instance on TCP port 389 or 636, including opening ports in the firewall, where applicable.

As most Active Directory configurations are quite similar, it will be possible to copy/paste most of the examples below, making only minor modifications based on your environment.

==== LDAP Connection ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Server Name
| <tt>dc001.example.com</tt>
| DNS name or IP address of an Active Directory domain controller.
|-
| rowspan=3 | Protocol
| <tt>LDAP</tt>
| Do not use transport encryption
|-
| <tt>LDAP-TLS</tt>
| Use TLS as transport encryption
|-
| <tt>LDAP-SSL</tt>
| Use SSL as transport encryption
|-
| rowspan=2| Accept all certificates
| ''Enabled''
| Establish a TLS/SSL encrypted connection, even if the certificate validation failed.
|-
| ''Disabled''
| Do not establish a TLS/SSL encrypted connection, if the certificate validation failed.
|-
| Administrative DN
| <tt>mailstore@example.com</tt>
| Active Directory account for MailStore's use
|-
| Password
| <tt>MySecretPassword</tt>
| Password of the user specified in ''Administrative DN'' above
|-
| Base DN
| ''Empty''
| LDAP base DN will be detected automatically in Active Directory environments
|}

==== User Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
|rowspan = 4 | Filter (optional)
|<tt>(objectCategory=User)</tt>
|All users
|-
|<tt>(&(objectCategory=User)(mail=*))''</tt>
|All users with Active Directory e-mail addresses
|-
|<tt>(&(objectCategory=User)(proxyAddresses=*))</tt>
|All users with Exchange e-mail addresses
|-
|<tt>(&(objectCategory=User)(proxyAddresses=*)(mail=*))</tt>
|All users with Exchange e-mail addresses who are also listed in the global address book
|-
|rowspan = 2 |User Name
|<tt>userPrincipalName</tt>
| Use Active Directory user name as MailStore user name
|-
|<tt>sAMAccountName</tt>
| Use pre-Windows 2000 user name as MailStore user name
|-
|rowspan = 2 |Local Part Only (E-mail Addresses / UPN)
|''Enabled''
| Only use the local part from the Active Directory user name in UPN format
|-
|''Disabled''
| Use the full Active Directory user name in UPN format
|-
|Full Name (optional)
|<tt>displayName</tt>
|The user's visible name in Active Directory
|-
|rowspan = 2 |E-mail Addresses (opt.)
|<tt>proxyAddresses</tt>
|Exchange environments
|-
|<tt>mail</tt>
|Non-Exchange environments
|}

==== Group Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Filter
| <tt>(objectCategory=Group)</tt>
| All objects of category ''Group'', usually all groups
|-
| Name
| <tt>cn</tt>
| Use the value of the LDAP attribute ''CN'' as group name
|-
| Description (optional)
| <tt>description</tt>
| Use the value of the LDAP attribute ''description'' as group name
|-
| Members
| <tt>member</tt>
| Use the value LDAP attribute ''member'' to determine group members
|-
| Search Filter for Members
| ''emtpy''
| Group members are returned as Distinguished Names
|-
| Group
| <tt>MailStore Users</tt>
| Synchronize only users from the ''MailStore Users'' group
|}

=== OpenLDAP ===
OpenLDAP is a commonly used LDAP server, configuration will require some knowledge of your LDAP environment.

It is assumed that the LDAP service is reachable by the MailStore instance on TCP port 389 or 636, including opening ports in the firewall, where applicable.

As OpenLDAP is very flexible, configuration options vary from server to server and you may need to make significant modifications to the examples below to fit the schema used in your environment.

==== LDAP Connection ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Server Name
| <tt>directory.example.com</tt>
| DNS name or IP address of the OpenLDAP server.
|-
| rowspan=3 | Protocol
| <tt>LDAP</tt>
| Do not use transport encryption
|-
| <tt>LDAP-TLS</tt>
| Use TLS as transport encryption
|-
| <tt>LDAP-SSL</tt>
| Use SSL as transport encryption
|-
| rowspan=2| Accept all certificates
| ''Enabled''
| Establish a TLS/SSL encrypted connection, even if the certificate validation failed.
|-
| ''Disabled''
| Do not establish a TLS/SSL encrypted connection, if the certificate validation failed.
|-
| Administrative DN
| <tt>cn=admin,dc=example,dc=com</tt>
| LDAP username that MailStore should use for accessing the OpenLDAP server
|-
| Password
| <tt>MySecretPassword</tt>
| Password of the user specified in ''Administrative DN'' above
|-
| Base DN
| <tt>dc=example,dc=com</tt>
| The Base-DN of the LDAP directory
|}

==== User Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
|rowspan = 2 | Filter (optional)
|<tt>(objectClass=posixAccount)</tt>
|All objects of type ''posixAccount'', usually all users
|-
|<tt>(&(objectClass=posixAccount)(mail=*))</tt>
|All users with configured email address
|-
|rowspan = 2 |User Name
|<tt>uid</tt>
| Use the value of LDAP attribute ''UID'' as MailStore user name
|-
|<tt>cn</tt>
| Use the value of LDAP attribute ''CN'' as MailStore user name
|-
|rowspan = 2 |Local Part Only (E-mail Addresses / UPN)
|''Enabled''
| Only use the local part from a user name in UPN format
|-
|''Disabled''
| Use the full user name in UPN format
|-
|Full Name (optional)
|<tt>displayName</tt>
| Use the value of LDAP attribute ''displayName'' as MailStore user name
|-
|E-mail Addresses (opt.)
|<tt>mail</tt>
| Use the values of LDAP attribute ''mail'' for the email addresses of MailStore users
|}

==== Group Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Filter
| <tt>(objectClass=posixGroup)</tt>
| All objects of category ''posixGroup'', usually all groups
|-
| Name
| <tt>cn</tt>
| Use the value of the LDAP attribute ''CN'' as group name
|-
| Description (optional)
| <tt>description</tt>
| Use the value of the LDAP attribute ''description'' as group name
|-
| Members
| <tt>member</tt>
| Use the value LDAP attribute ''member'' to determine group members
|-
| rowspan=2 | Search Filter for Members
| ''emtpy''
| Group members are returned as Distinguished Names
|-
| <tt><nowiki>(|(&(objectClass=posixAccount)(uid={member}))(&(objectClass=posixGroup)(cn={member})))</nowiki></tt>
| members in ''memberUid'' are only given as plain user or group names
|-
| Group
| <tt>MailStore Users</tt>
| Synchronize only users from the ''MailStore Users'' group
|}

{{Directory Services Run Synchronization}}
[[File:mads_sync_02.png|center|450px]]

{{Directory Services Test Authentication}}
{{Directory Services Login with Directory Services Credentials|LDAP server}}

[[de:Generische_LDAP-Integration]]
[[en:Generic LDAP Integration]]

Template:Option Accept all certificates

2020-12-08T14:21:19Z

Dweuthen:

If the certificate provided by the remote host cannot be verified (e.g. self-signed or signed by an unknown certificate authority), enable the option ''Accept all certificates'' to allow MailStore to establish a connection. As this option leads to an insecure configuration, warnings may appear in the summary and/or the dashboard.<noinclude>
[[en:Template:Option Accept all certificates]]
[[de:Vorlage:Option Alle Zertifikate akzeptieren]]
</noinclude>

Template:Option Accept all certificates

2020-12-08T14:20:43Z

Dweuthen:

If the certificate provided by the remote host cannot be verified (e.g. self-signed or signed by an unknown certificate authority), enable the option ''Accept all certificates'' to allow MailStore to establish a connection. As this option leads to an insecure configuration, warnings will appear in the summary.<noinclude>
[[en:Template:Option Accept all certificates]]
[[de:Vorlage:Option Alle Zertifikate akzeptieren]]
</noinclude>

Template:Option Accept all certificates

2020-12-08T13:33:17Z

Dweuthen:

If the certificate provided by the remote host cannot be verified (e.g. self-signed or signed by an unknown certificate authority), enable the option ''Accept all certificates'' to allow MailStore to establish a connection. As this option leads to an insecure configuration, warnings will appear in the summary.
<noinclude>
[[en:Template:Option Accept all certificates]]
[[de:Vorlage:Option Alle Zertifikate akzeptieren]]
</noinclude>

Template:Option Accept all certificates

2020-12-08T13:32:27Z

Dweuthen:

If the certificate provided by the remote host cannot be verified (e.g. self-signed or signed by an unknown certificate authority), enable the option ''Accept all certificates'' to allow MailStore to establish a connection. As this option leads to an insecure configuration, warnings will appear in the summary.

[en:Template:Option Accept all certificates]
[de:Vorlage:Option Alle Zertifikate akzeptieren]

Application Integration

2020-12-07T16:29:21Z

Dweuthen: /* Connection to Application Integration Server */

{{Directory Services Preamble|Application Integration Server}}

== Accessing the Directory Service Configuration ==
{{Directory Services Accessing Configuration|Application Integration|ApplicationIntegration_sync_01.png}}

== Connection to Application Integration Server ==
For synchronization MailStore Server requires information on how to connect to the the Application Integration server.

*'''URL''' The URL where the Application Integration server is serving requests. {{Option_Accept_all_certificates}} If accessing the Application Integration server requires authentication , enable the ''Server requires authentication'' and enter the credential in the following fields:
*'''User Name''' Name of user who has access to the Application Integration server
*'''Password''' Password of the user who has access to Application Integration server

{{Directory Services Options|Application Integration Server}}
{{Directory Services Assign Default Privileges|Application Integration Server}}
{{Directory Services Run Synchronization|Application Integration Server}}
[[File:ApplicationIntegration_sync_02.png|center|450px]]

{{Directory Services Test Authentication}}
{{Directory Services Login with Directory Services Credentials|Application Integration Server}}

== Application Integration Support in MDaemon Email Server ==

The MDaemon Email Server does support the Application Integration protocol.
A guide on how to set up the MDaemon Email Server can be found here [https://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=1134].

[[de:Application Integration]]
[[en:Application Integration]]

Archiving Emails from IceWarp Server

2020-12-07T16:26:31Z

Dweuthen: /* Archiving Multiple Mailboxes in One Step */

{{Implementation_Guide_Preamble|IceWarp Server}}

== Synchronizing Users ==
MailStore Server offers special support for synchronizing users with an IceWarp Server. Information about setup is available in chapter [[IceWarp Server Integration]] of the manual.

== Archiving Individual Mailboxes ==
{{Archiving Single Mailbox Preamble|IceWarp Server}}
{{Archiving Single Mailbox|IceWarp Mail Server|IceWarp_mailbox_00.png|IceWarp_mailbox_01.png|IceWarp_mailbox_02.png|IceWarp_mailbox_03.png}}

== Archiving Multiple Mailboxes in One Step ==
Starting with version 10.4, IceWarp Server allows users with the appropriate user privileges to access the mailboxes of other users via IMAP. Once a new user has been created or an existing user has been provided with the corresponding privileges, please proceed as follows:

; <div class="msnote">'''Please note:''' The archiving user needs administrative privileges on the IceWarp server to access the mailboxes of the other users. Without these administrative privileges the the archiving user's mailbox will be archived to all MailStore Server user archives.</div>

* Log on to MailStore Client as MailStore Server administrator.
* Click on ''Archive Email''.
* From the list ''E-Mail-Server'' under ''Create Profile'' select ''IceWarp Mail Server'' to create a new archiving profile.
* A wizard opens to help specify the archiving settings.
*:[[File:IceWarp_mailboxes_00.png|center|350px]]
* Select ''Multiple Mailboxes''.
*: {{Archiving_Multiple_or_Multidrop_Note|multiple mailboxes|[[#Synchronizing_Users|directory synchronization]]}}
*:[[File:IceWarp_mailboxes_01.png|center|350px]]
* Under ''Host'' enter the name of your IceWarp Server.
* Under ''Access via'' select the protocol to be used to access the IceWarp Server. Wherever possible, you should always choose ''IMAP-TLS'' or ''IMAP-SSL''.
*: '''Please note:''' {{Option_Accept_all_certificates}}
* Under ''User Name'' and ''Password'' enter the access data of a user who has access to all IceWarp mailboxes to be archived. With IceWarp Mail this is a user with administrative privileges.
* Click on ''Next'' to continue.
*:[[File:IceWarp_mailboxes_02.png|center|350px]]
* Customize the [[Email_Archiving_with_MailStore_Basics#Selecting_Folders_for_Archiving|list of folders to be archived]], the [[Email_Archiving_with_MailStore_Basics#Specifying_Filter_Criteria_for_Archiving|filter]] and the [[Email_Archiving_with_MailStore_Basics#Deleting_Emails_after_Archiving|deletion rules]]. By default, no emails will be deleted from the mailbox. The timeout value only has to be adjusted as needed (e.g. with very slow servers). Please keep in mind that these settings apply to all mailboxes to be archived.
* Click on ''Next'' to continue.
{{Archiving_Multiple_Mailboxes_Centrally_Options|IceWarp_mailboxes_03.png|IceWarp}}

== Archiving All Incoming and Outgoing Emails Directly ==
IceWarp Server allows you to deliver all emails to a separate IceWarp Server archiving mailbox. From this IceWarp Server archiving mailbox and using the respective archiving profile, the archiving process can be executed with MailStore Server. The emails are distributed among the archives of the corresponding MailStore Server users.

=== Step 1: Setup of the IceWarp Server Archiving Feature ===
To create a central multidrop mailbox to which copies of all incoming and outgoing emails are delivered, IceWarp Server's archiving feature must first be activated and configured. Please proceed as follows:

* Log on to IceWarp Server Administrator or IceWarp WebAdmim as administrator.
* Change to ''Advanced'' view.
* Click on ''Mail'' and then on ''Archive''.
*:[[File:IceWarp_user_01.png|480px|center|]]
* Under ''General'', activate the archiving feature of your IceWarp Server.
* Enter an ''Archive to Directory'' e.g. ''C:\Archive\'' and optionally a ''Directory trailer path''. IceWarp Server creates a folder structure below the archive directory in the format ''Domain\Mailbox\Directory trailer path''.
* Under ''Options'' enable ''Do not archive RSS'' and ''Do not archive spam'' if applicable.
* Click on ''Apply'' to save these settings.

=== Step 2: Setup of an IceWarp Mailbox to Access the IceWarp Archive ===
Once the archiving feature has been set up, an IceWarp user with access to the IceWarp archive has to be created. This user is later used by MailStore Server to retrieve the messages.

* Log on to IceWarp Server Administrator or IceWarp WebAdmim as administrator.
* Click on ''Domains & Accounts'' > ''Management''.
* Click on the domain in which you would like to create the new user.
* Create the new IceWarp user.
*:[[File:IceWarp_user_02.png|480px|center|]]
* In the ''Options'' tab under ''Mailbox'' enter the full path of the archive directory specified in step 1 into the field ''Mailbox path''.
* Click on ''Apply'' to finish.

=== Step 3: Configuration of MailStore Server ===
{{Archiving Multidrop_Mailbox|IceWarp Mail Server|IceWarp_catchall_00.png|IceWarp_catchall_01.png|[[#Synchronizing_Users|directory synchronization]]}}
== Weblinks ==
* [http://www.icewarp.com IceWarp Homepage]

[[de:E-Mail-Archivierung von IceWarp Server]]
[[en:Archiving Emails from IceWarp Server]]

IceWarp Server Integration

2020-12-07T16:25:14Z

Dweuthen: /* Connection to the IceWarp Server */

{{DISPLAYTITLE:Synchronizing User Accounts with an IceWarp Server}}
{{Directory Services Preamble|IceWarp Server}}

''Please note:'' For using this feature, IceWarp Server API 10.4 or newer is required.

== Accessing the Directory Service Integration ==
{{Directory Services Accessing Configuration|IceWarp Server|Icewarp_sync_01.png}}

== Connection to the IceWarp Server ==
For synchronization MailStore Server requires information on how to connect to the IceWarp Server.

*'''Server Name''' DNS name of the IceWarp server. {{Option_Accept_all_certificates}}
*'''User Name''' Name of a user with administrative privileges on the IceWarp server.
*'''Password''' Password of that user.
*'''Timout''' The timout value for IceWarp API requests. For large IceWarp Server user databases it may be necessary to increase this value.

=== Synchronize ===
After configuring the connection settings as described above, you can specify filter criteria for the IceWarp Server user database synchronization in this section.

*'''Domains and Groups''' Choose one or more domains or groups to let only their members be created as MailStore Server Users. If no domains or groups are selected, all users will be synchronized.

{{Directory Services Options|IceWarp Server }}
{{Directory Services Assign Default Privileges|an IceWarp Server }}
{{Directory Services Run Synchronization|IceWarp Server }}
[[File:ApplicationIntegration_sync_02.png|450px|center]]

{{Directory Services Test Authentication}}
'''Important Notice:''' For authentication with the IceWarp Server to work, the respective MailStore Client has to be in a network that is trusted by the IceWarp Server.
{{Directory Services Login with Directory Services Credentials|IceWarp Server}}

[[de:IceWarp_Server-Integration]]
[[en:IceWarp_Server_Integration]]

Using External Archive Stores

2020-12-07T16:23:42Z

Dweuthen: /* External Archive Store Type: External PostgreSQL Database */

In MailStore there are two types of archive stores: ''Internal Archive Stores'' and ''External Archive Stores''.

While, with interal archive stores, folder information, meta data, email headers and contents as well as the full text index are stored in the file system, external archive stores allow you to store some of these components in SQL databases.

Database servers where external archive stores reside on must not be turned off or put into standby mode at any time, as long as there is a MailStore Server service accessing them. Otherwise, database corruption may occur, which can lead to data loss. If database servers must be turned off or rebooted, for example due to maintenance, please set the corresponding external archive stores to ''disabled'' first.

For most environments, using internal archive stores is recommended; these are described in detail in chapter [[Storage Locations]].

== Structure of an Archive Store ==
In MailStore, both internal and external archive stores always consist of the following three components:
{{Archive_Stores_Structure|Contains all data needed for searching through emails and attachments. The full text index can be reconstructed at any time. MailStore always uses its own high-performance full text index and not the index of the SQL database, therefore the full text index always has to be stored in the file system. Additional information on full text indexes is available in chapter [[Search Indexes]].}}
'''Important Notice: '''Please note that the recommended limit of 5,000,000 emails per archive store also applies to external archive stores.

== Creating an External Archive Store ==
Under ''Administrative Tools > Storage > Storage Locations'' you can create new archive stores and manage the archive's existing archive stores. To create an external archive store, please proceed as follows:

* Below the list of archive stores, click on the ''Create...'' button.
* [[File:Tech_storageloc_adv_01.png|right|350px]]The ''Create New Archive Store'' wizard opens.
* Select the database type:
** '''External Microsoft SQL Server Database''' The archive store is stored in an external Microsoft SQL Server Database. Emails can be stored in the database or in the file system.
** '''External PostgreSQL Database''' The archive store is stored in an external PostgreSQL Database. E-Mails can be stored in the database or in the file system.
* Click on ''Next''. 
Based on the database type additional parameters need to be configured in the next step.

=== External Archive Store Type: External Microsoft SQL Server Database ===
Before you can set up the database connection in MailStore, an empty database has to be created on the database server. The MailStore user who is used for the connection should be the owner of the database. Please see the documentation of the database server for details.

''Folder information and meta data'' are always stored in the SQL database, while storing ''email headers and contents'' therein is optional.

'''Please note:''' MailStore supports all editions of Microsoft SQL Server Version 2008, 2012, 2014 and 2016. Please keep their respective size limits in mind and verify their suitability for managing the expected volume of data in your environment.

Once you have created an empty database, please proceed as follows:

* Enter a name for the new external archive store in the ''Name'' field, e.g. ''2016-12''.
* If you don't want MailStore to archive new emails in the new archive store, deselect the option ''Archive new messages here''.
* Specify the connection parameters for the ''Microsoft SQL Server Database Connection'':
** [[File:Tech_storageloc_adv_mssql_01.png|right|350px]]'''Server Name:''' Enter the server name or the IP address of the SQL server on which a database has been created for MailStore. If you click on the arrow to the right of the input field, MailStore will return a list of all Microsoft SQL servers located on the network.
** '''User Name:''' Name of the user with access to the database.
** '''Password:''' Password of the user listed under ''User Name''.
** '''Database:''' Name of the database to be used by MailStore. Click on the arrow to the right of the input field to obtain a list of all available databases on the server.
* Under ''email headers and contents'' select the appropriate storage location. ''Microsoft SQL Server Database'' is the default suggestion. When choosing ''Directory (File System)'', the input field ''Directory'' is activated. MailStore derives a directory based on the name entered and the path of the master database. To choose a different directory, click on the button next to the ''Directory'' field or enter a path manually. The specified directory is created automatically. If it already exists, it must not contain any files or subfolders.
* A directory for the full text index is also derived based on the name entered and the path of the master database.
* Click on ''Finish''.

Please note that distributing the individual components of an external archive store among different local drives or network shares significantly increases the complexity of [[Backup and Restore]].

=== External Archive Store Type: External PostgreSQL Database ===
Before you can set up the database connection in MailStore, an empty database has to be created on the database server. The MailStore user who is used for the connection should be the owner of the database. Please see the documentation of the database server for details.

''Folder information and meta data'' are always stored in the SQL database, while storing ''email headers and contents'' therein is optional.

'''Please note:''' MailStore supports PostgreSQL version 8.4.8 or newer.

Once an empty database has been created, please proceed as follows:

* Enter a name for the new external archive store in the ''Name'' field, e.g. ''2016-12''.
* If you don't want MailStore to archive new emails in the new archive store, deselect the option ''Archive new messages here''.
* Specify the connection parameters for the ''PostgresSQL Database Connection'':
** [[File:Tech_storageloc_adv_pgsql_01.png|right|350px]]'''Server Name:''' Enter the server name or the IP address of the SQL server on which a database has been created for MailStore.
** '''Encrypted Connection:''' Enable encryption of connection to the database server.
** '''Accept all certificates:''' {{Option_Accept_all_certificates}}
** '''User Name:''' Name of a user with access to the database.
** '''Password:''' Password of the user specified under ''User Name''.
** '''Database:''' Name of the database to be used by MailStore. To obtain a list of all available databases on the server, click on the arrow to the right of the input field.
* Under ''Email Headers and Contents'' select the appropriate storage location. ''PostgresSQL Database'' is the default suggestion. Selecting ''Directory (File System)'' activates the input field ''Directory''. MailStore derives a directory based on the name entered and the path of the master database. To choose a different directory, click on the button next to the ''Directory'' field or enter a path manually. The specified directory is created automatically. If it already exists, it must not contain any files or subfolders.
* A directory for the full text index is also derived based on the name entered and the path of the master database.
* Click on ''Finish''.

Please note that distributing the individual components of an advanced archive store among different local drives or network shares significantly increases the complexity of [[Backup and Restore]].

[[de:Verwendung_externer_Archivspeicher]]
[[en:Using_External_Archive_Stores]]

SMTP Settings

2020-12-07T16:22:22Z

Dweuthen:

To be able to send emails, MailStore Server requires SMTP access data. MailStore sends notifications by email if [[Product Updates|product updates]] are available or if the automatic creation of a new [[Storage_Locations|archive store]] failed. Furthermore, email copies for the [[Accessing_the_Archive_with_MailStore_Web_Access#Restoring_Email|restore from MailStore Web Access]] can be sent via SMTP.

[[File:tech_smtpsettings_01.png|center|550px]]

Under ''Administrative Tools > Miscellaneous > SMTP Settings'' you can specify the SMTP settings.

* Start MailStore Client and log on as MailStore administrator (''admin'').
* Click on ''Administrative Tools'' > ''Miscellaneous'' and then on ''SMTP Settings''.
* Under ''Server'', enter the host name of the SMTP server or its IP address.
* By default, MailStore uses port 587. If you want to use a different port, enter port number in the ''Port'' field.
* In the field ''Protocol'', select ''SMTP'' for an unencrypted connection to the SMTP server. For an encrypted connection, select ''SMTP-TLS'' or ''SMTP-SSL''. {{Option_Accept_all_certificates}}
* Especially SMTP servers which are accessible through the internet require a login (SMTP authentication). Check the corresponding checkbox and enter the appropriate access data. In most cases, the POP3 access data of any user on the email server can be used.
* Under ''Sender'', enter the ''Display Name'' and the ''Email Address'' of the email sender. Many SMTP servers require an existing email address to be entered. The display name can be chosen freely; ideally the name indicates that the email was sent by MailStore Server.
* Under ''Recipient for Notifications'', enter the email address of the recipient for administrative notifications of MailStore Server. To specify multiple recipients, enter them comma-separated.
* Once all settings have been specified, MailStore Server can be instructed to send a test email to the email address entered for notifications; simply click on ''Apply and Test''. If an error message appears or the recipient specified does not receive the email, the following hints for troubleshooting may be helpful.

== Troubleshooting ==
* If no error occurs upon sending but the email does not arrive, please check the spam or junk mail folder of the mailbox. Perhaps the email was filtered out.
* If an error message appears because of an invalid certificate ("Server's certificate was rejected by the verifier because of an unknown certificate authority."), check ''Accept all certificates'' and try again.
* If an error message appears indicating that ''"One or more recipients rejected"'', the SMTP server probably requires authentication. Enter the appropriate access data as described above.
* If an error message appears because of invalid access data (''"Incorrect authentication data"''or ''"Authentication failed"''), verify the data entered. In most cases, the access data match those of the corresponding POP3 server.
* If further error messages appear or other problems arise, please check your entries for possible mistakes.

[[de:SMTP-Einstellungen]]
[[en:SMTP Settings]]

Batch-archiving IMAP Mailboxes

2020-12-07T16:21:10Z

Dweuthen: /* Setting Up the Archiving Process */

This chapter describes how multiple IMAP mailboxes can be archived in one step.

{{:Implementation Note}}

== Multiple IMAP Mailboxes (Master Password) ==
MailStore supports archiving multiple IMAP mailboxes by means of a privileged user and the procedure to log in to an IMAP server as specified in ''RFC 4616 - The PLAIN SASL Mechanism''. In addition to the privileged user's user name and password, the primary email address (as mailbox name) of the user whose emails are to be archived is passed on in the process as well.

You can learn from your email server's manufacturer if your email server supports this type of login and what the prerequisites are.

=== Setting up the Archiving Process ===
Archiving processes for IMAP or POP3 mailboxes are set up using archiving profiles. General information about archiving profiles is available in chapter [[Email_Archiving_with_MailStore_Basics#Working_with_Archiving_Profiles|Working with Archiving Profiles]].

Please proceed as follows:

* Log on as MailStore administrator using MailStore Client.
* In MailStore, click on ''Archive Email''.
* From the list of email servers under ''Create Profile'', select ''Other Server via IMAP/POP3''.
* A wizard opens to assist in specifying the archiving settings.
*: [[File:arch_imap_multi_mp_01.png|center|550px]]
*: '''Hint:''' The ''Online Help'' gives you direct access to the respective [[Implementation Guides]].
* Select ''Multiple IMAP Mailboxes (Master Password)'' and click on ''OK''.
*:[[File:arch_imap_multi_mp_02.png|center|350px]]
* Fill out the fields ''Host'' and ''Access via'' and enter the login data of the privileged user under ''User Name'' and ''Password''.
*: '''Only with IMAP-TLS and IMAP-SSL:''' {{Option_Accept_all_certificates}}
* Click on ''Next''.
*:[[File:arch_imap_multi_mp_03.png|center|350px]]
* If needed, customize the list of folders to be archived, the deletion rules, the filters, the timeout value in seconds and the maximum number of archiving jobs to be executed simultaneously. The timeout value only has to be adjusted if needed (e.g. when using a very slow server).
* Click on ''Next''.
{{Archiving_Multiple_Mailboxes_Centrally_Options|arch_imap_multi_mp_04.png|IMAP}}

== Multiple IMAP Mailboxes (CSV File) ==

Archiving multiple IMAP mailboxes based on a CSV file is described below. Use this procedure if your IMAP server does not support any of the authentication methods described under ''Multiple IMAP Mailboxes (Master Password)''. This feature is not available in the SPE.

=== Preparation: Creating a CSV File ===

In order to set up batch archiving of multiple IMAP mailboxes, first, a CSV file needs to be created. For this, a Microsoft Excel spreadsheet or Notepad can be used, for example:

[[File:arch_impbatch_01.png|center|600px]]
[[File:arch_impbatch_02.png|center|600px]]

Set up the columns as shown above. Please keep in mind that the headings (e.g."IMAP user name") must be in place but their notation may differ. The columns can be separated by semicolons (;), commas (,), vertical bars (|) or tabulator characters. Quoting fields with double (") or single quotes (') is supported. The quoting character may appear inside of quotes but then it must be entered twice as "" or <nowiki>''</nowiki>. The separating characters (;,| and tabulator) must only appear within quotes when used in a field. Beneath the headings, enter a row for each mailbox to be archived:

'''IMAP user name and IMAP password''' 
These entries are mandatory for MailStore to be able to access the mailbox.
Please note that these passwords are only used to archive the IMAP mailboxes and cannot be used by the users to access their MailStore archives. The admin has to [[Users,_Folders_and_Settings#Editing_an_Existing_User_Account|set a user password manually]].

'''Email address (optional)''' 
If entered, MailStore will label the folder for the respective mailbox in the tree structure of the archive with the email address specified.

'''MailStore user name (optional)''' 
If entered, MailStore will archive the respective mailbox for each MailStore user specified (store the emails in the appropriate user archive). If the user does not yet exist, a user will be created automatically. If this field is left blank, a new MailStore user is created automatically and labeled with the IMAP user name specified.

This way, any number of mailboxes of an email server may be entered. When finished, save the file in .csv format (if Microsoft Excel is used via the ''Save As'' function).

== Setting Up the Archiving Process ==

Setting up archiving processes for IMAP or POP3 mailboxes is done using archiving profiles. General information about archiving profiles is available in chapter [[Email_Archiving_with_MailStore_Basics#Working_with_Archiving_Profiles|Working with Archiving Profiles]].

Please proceed as follows:

* Log on as MailStore administrator using MailStore Client.
* In MailStore, click on ''Archive Email''.
* To create a new archiving profile, select ''Other Server via IMAP/POP3'' from the ''Email Servers'' list in ''Create Profile'' area of the application window.
* A wizard opens guiding you through the setup process.
*: [[File:arch_imap_multi_01.png|center|550px]]
* Select ''Multiple Mailboxes (CSV File)'' and click on ''OK''.
* Fill out the fields ''Host'' and ''Access via'', and under ''CSV File'' enter the path of the new CSV file (created as described above). This file contains the access information for the mailboxes to be archived.
*: '''Only with IMAP-TLS and IMAP-SSL:''' {{Option_Accept_all_certificates}}
*: [[File:arch_imap_multi_02.png|center|350px]]
*Click on ''Next''.
*If needed, adjust the list of folders to be archived, the deletion rules, the filter, the timeout value in seconds and the maximum number of archiving jobs to be executed simultaneously. The timeout value only has to be adjusted if needed (e.g. when using a very slow server).
*:[[File:arch_imap_multi_03.png|center|350px]]
*Click on ''Next''.
*At the last step, a name for the new archiving profile can be specified. After clicking on ''Finish'', the archiving profile will be listed under ''Saved Settings (Profiles)'' and can be run immediately, if desired.

{{Starting the Archiving Process}}

[[de:Stapelarchivierung_von_IMAP-Postfächern]]
[[en:Batch-archiving IMAP Mailboxes]]

Batch-archiving IMAP Mailboxes

2020-12-07T16:20:39Z

Dweuthen: /* Setting up the Archiving Process */

This chapter describes how multiple IMAP mailboxes can be archived in one step.

{{:Implementation Note}}

== Multiple IMAP Mailboxes (Master Password) ==
MailStore supports archiving multiple IMAP mailboxes by means of a privileged user and the procedure to log in to an IMAP server as specified in ''RFC 4616 - The PLAIN SASL Mechanism''. In addition to the privileged user's user name and password, the primary email address (as mailbox name) of the user whose emails are to be archived is passed on in the process as well.

You can learn from your email server's manufacturer if your email server supports this type of login and what the prerequisites are.

=== Setting up the Archiving Process ===
Archiving processes for IMAP or POP3 mailboxes are set up using archiving profiles. General information about archiving profiles is available in chapter [[Email_Archiving_with_MailStore_Basics#Working_with_Archiving_Profiles|Working with Archiving Profiles]].

Please proceed as follows:

* Log on as MailStore administrator using MailStore Client.
* In MailStore, click on ''Archive Email''.
* From the list of email servers under ''Create Profile'', select ''Other Server via IMAP/POP3''.
* A wizard opens to assist in specifying the archiving settings.
*: [[File:arch_imap_multi_mp_01.png|center|550px]]
*: '''Hint:''' The ''Online Help'' gives you direct access to the respective [[Implementation Guides]].
* Select ''Multiple IMAP Mailboxes (Master Password)'' and click on ''OK''.
*:[[File:arch_imap_multi_mp_02.png|center|350px]]
* Fill out the fields ''Host'' and ''Access via'' and enter the login data of the privileged user under ''User Name'' and ''Password''.
*: '''Only with IMAP-TLS and IMAP-SSL:''' {{Option_Accept_all_certificates}}
* Click on ''Next''.
*:[[File:arch_imap_multi_mp_03.png|center|350px]]
* If needed, customize the list of folders to be archived, the deletion rules, the filters, the timeout value in seconds and the maximum number of archiving jobs to be executed simultaneously. The timeout value only has to be adjusted if needed (e.g. when using a very slow server).
* Click on ''Next''.
{{Archiving_Multiple_Mailboxes_Centrally_Options|arch_imap_multi_mp_04.png|IMAP}}

== Multiple IMAP Mailboxes (CSV File) ==

Archiving multiple IMAP mailboxes based on a CSV file is described below. Use this procedure if your IMAP server does not support any of the authentication methods described under ''Multiple IMAP Mailboxes (Master Password)''. This feature is not available in the SPE.

=== Preparation: Creating a CSV File ===

In order to set up batch archiving of multiple IMAP mailboxes, first, a CSV file needs to be created. For this, a Microsoft Excel spreadsheet or Notepad can be used, for example:

[[File:arch_impbatch_01.png|center|600px]]
[[File:arch_impbatch_02.png|center|600px]]

Set up the columns as shown above. Please keep in mind that the headings (e.g."IMAP user name") must be in place but their notation may differ. The columns can be separated by semicolons (;), commas (,), vertical bars (|) or tabulator characters. Quoting fields with double (") or single quotes (') is supported. The quoting character may appear inside of quotes but then it must be entered twice as "" or <nowiki>''</nowiki>. The separating characters (;,| and tabulator) must only appear within quotes when used in a field. Beneath the headings, enter a row for each mailbox to be archived:

'''IMAP user name and IMAP password''' 
These entries are mandatory for MailStore to be able to access the mailbox.
Please note that these passwords are only used to archive the IMAP mailboxes and cannot be used by the users to access their MailStore archives. The admin has to [[Users,_Folders_and_Settings#Editing_an_Existing_User_Account|set a user password manually]].

'''Email address (optional)''' 
If entered, MailStore will label the folder for the respective mailbox in the tree structure of the archive with the email address specified.

'''MailStore user name (optional)''' 
If entered, MailStore will archive the respective mailbox for each MailStore user specified (store the emails in the appropriate user archive). If the user does not yet exist, a user will be created automatically. If this field is left blank, a new MailStore user is created automatically and labeled with the IMAP user name specified.

This way, any number of mailboxes of an email server may be entered. When finished, save the file in .csv format (if Microsoft Excel is used via the ''Save As'' function).

== Setting Up the Archiving Process ==

Setting up archiving processes for IMAP or POP3 mailboxes is done using archiving profiles. General information about archiving profiles is available in chapter [[Email_Archiving_with_MailStore_Basics#Working_with_Archiving_Profiles|Working with Archiving Profiles]].

Please proceed as follows:

* Log on as MailStore administrator using MailStore Client.
* In MailStore, click on ''Archive Email''.
* To create a new archiving profile, select ''Other Server via IMAP/POP3'' from the ''Email Servers'' list in ''Create Profile'' area of the application window.
* A wizard opens guiding you through the setup process.
*: [[File:arch_imap_multi_01.png|center|550px]]
* Select ''Multiple Mailboxes (CSV File)'' and click on ''OK''.
* Fill out the fields ''Host'' and ''Access via'', and under ''CSV File'' enter the path of the new CSV file (created as described above). This file contains the access information for the mailboxes to be archived.
*: '''Only with IMAP-TLS and IMAP-SSL:''' If you are using an unofficial certificate on the email server, select the option to ''Accept all certificates''.
*: [[File:arch_imap_multi_02.png|center|350px]]
*Click on ''Next''.
*If needed, adjust the list of folders to be archived, the deletion rules, the filter, the timeout value in seconds and the maximum number of archiving jobs to be executed simultaneously. The timeout value only has to be adjusted if needed (e.g. when using a very slow server).
*:[[File:arch_imap_multi_03.png|center|350px]]
*Click on ''Next''.
*At the last step, a name for the new archiving profile can be specified. After clicking on ''Finish'', the archiving profile will be listed under ''Saved Settings (Profiles)'' and can be run immediately, if desired.

{{Starting the Archiving Process}}

[[de:Stapelarchivierung_von_IMAP-Postfächern]]
[[en:Batch-archiving IMAP Mailboxes]]

Generic LDAP Integration

2020-12-07T16:19:51Z

Dweuthen: /* LDAP Connection */

{{Directory Services Preamble|LDAP server}}

== Accessing Directory Service Integration ==
{{Directory Services Accessing Configuration|LDAP server|Mldap_sync_01.png}}

== Connection to the LDAP Directory Service ==
For synchronization MailStore Server requires information on how to connect to the LDAP directory service and how to obtain the required data from it.

=== LDAP Connection ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Server Name
| DNS name or IP address of your LDAP server
|-
| Protocol
| Configure whether the connection to the LDAP server is to be unencrypted on port 389, LDAP-TLS on port 389, or LDAP-SSL on port 636
|-
| Accept all certificates (only when using LDAP-TLS or LDAP-SSL)
| {{Option_Accept_all_certificates}}
|-
| Administrative DN
| Distinguished Name (DN) or user name of a user with appropriate privileges on the LDAP server
|-
| Password
| Password of the user specified in Administrative DN
|-
| Base DN
| LDAP base DN, if needed
|}

=== User Filter and Attributes ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Filter (optional)
| Filter LDAP objects to return only user objects with email addresses
|-
| User Name
| The LDAP attribute containing the username that you wish MailStore to use
|-
| Local Part Only (E-mail Addresses / UPN)
| If unchecked, MailStore will use the full username including domain portion, e.g. ''username@example.com''. If checked, MailStore will only use the local part of the User Name specified, e.g. the ''username''
|-
| Full Name (optional)
| The full name of the user, for display purposes within MailStore
|-
| E-mail Addresses (opt.)
| The LDAP attribute containing the user's email address. This can contain multiple, comma separated, e-mail addresses
|}

=== Group Filter and Attributes ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Filter
| LDAP filter to return only group objects
|-
| Name
| The LDAP attribute that contains the common name of a group
|-
| Description (optional)
| The LDAP attribute that contains a human readable description for each group
|-
| Members
| The LDAP attribute that contains the common name of group members
|-
| Search Filter for Members
| LDAP filter to resolve group members when members are not specified as a DN string as part of the group results. MailStore will fill in the <tt>{member}</tt> variable with values from the ''Members'' attribute
|-
| Group
| The actual group(s) containing users that MailStore Server will synchronize
|}

=== Options ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Automatically delete users in MailStore Server
| If enabled, MailStore will delete users from the local MailStore database when the user is deleted, removed from the filtered group, or falls out of scope based on the above LDAP filter settings
|}

{{Directory Services Assign Default Privileges}}

== Configuration Samples ==

=== Active Directory ===
It is possible to connect LDAP Generic to Active Directory, allowing for more flexibility and control than MailStore's built-in Active Directory support. For example, LDAP Generic will allow you to accept invalid or self-signed certificates, use custom filters or change which attributes are used by MailStore.

It is assumed that the Active Directory LDAP service is reachable by the MailStore instance on TCP port 389 or 636, including opening ports in the firewall, where applicable.

As most Active Directory configurations are quite similar, it will be possible to copy/paste most of the examples below, making only minor modifications based on your environment.

==== LDAP Connection ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Server Name
| <tt>dc001.example.com</tt>
| DNS name or IP address of an Active Directory domain controller.
|-
| rowspan=3 | Protocol
| <tt>LDAP</tt>
| Do not use transport encryption
|-
| <tt>LDAP-TLS</tt>
| Use TLS as transport encryption
|-
| <tt>LDAP-SSL</tt>
| Use SSL as transport encryption
|-
| rowspan=2| Accept all certificates
| ''Enabled''
| Establish a TLS/SSL encrypted connection, even if the certificate validation failed.
|-
| ''Disabled''
| Do not establish a TLS/SSL encrypted connection, if the certificate validation failed.
|-
| Administrative DN
| <tt>mailstore@example.com</tt>
| Active Directory account for MailStore's use
|-
| Password
| <tt>MySecretPassword</tt>
| Password of the user specified in ''Administrative DN'' above
|-
| Base DN
| ''Empty''
| LDAP base DN will be detected automatically in Active Directory environments
|}

==== User Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
|rowspan = 4 | Filter (optional)
|<tt>(objectCategory=User)</tt>
|All users
|-
|<tt>(&(objectCategory=User)(mail=*))''</tt>
|All users with Active Directory e-mail addresses
|-
|<tt>(&(objectCategory=User)(proxyAddresses=*))</tt>
|All users with Exchange e-mail addresses
|-
|<tt>(&(objectCategory=User)(proxyAddresses=*)(mail=*))</tt>
|All users with Exchange e-mail addresses who are also listed in the global address book
|-
|rowspan = 2 |User Name
|<tt>userPrincipalName</tt>
| Use Active Directory user name as MailStore user name
|-
|<tt>sAMAccountName</tt>
| Use pre-Windows 2000 user name as MailStore user name
|-
|rowspan = 2 |Local Part Only (E-mail Addresses / UPN)
|''Enabled''
| Only use the local part from the Active Directory user name in UPN format
|-
|''Disabled''
| Use the full Active Directory user name in UPN format
|-
|Full Name (optional)
|<tt>displayName</tt>
|The user's visible name in Active Directory
|-
|rowspan = 2 |E-mail Addresses (opt.)
|<tt>proxyAddresses</tt>
|Exchange environments
|-
|<tt>mail</tt>
|Non-Exchange environments
|}

==== Group Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Filter
| <tt>(objectCategory=Group)</tt>
| All objects of category ''Group'', usually all groups
|-
| Name
| <tt>cn</tt>
| Use the value of the LDAP attribute ''CN'' as group name
|-
| Description (optional)
| <tt>description</tt>
| Use the value of the LDAP attribute ''description'' as group name
|-
| Members
| <tt>member</tt>
| Use the value LDAP attribute ''member'' to determine group members
|-
| Search Filter for Members
| ''emtpy''
| Group members are returned as Distinguished Names
|-
| Group
| <tt>MailStore Users</tt>
| Synchronize only users from the ''MailStore Users'' group
|}

=== OpenLDAP ===
OpenLDAP is a commonly used LDAP server, configuration will require some knowledge of your LDAP environment.

It is assumed that the LDAP service is reachable by the MailStore instance on TCP port 389 or 636, including opening ports in the firewall, where applicable.

As OpenLDAP is very flexible, configuration options vary from server to server and you may need to make significant modifications to the examples below to fit the schema used in your environment.

==== LDAP Connection ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Server Name
| <tt>directory.example.com</tt>
| DNS name or IP address of the OpenLDAP server.
|-
| rowspan=3 | Protocol
| <tt>LDAP</tt>
| Do not use transport encryption
|-
| <tt>LDAP-TLS</tt>
| Use TLS as transport encryption
|-
| <tt>LDAP-SSL</tt>
| Use SSL as transport encryption
|-
| rowspan=2| Accept all certificates
| ''Enabled''
| Establish a TLS/SSL encrypted connection, even if the certificate validation failed.
|-
| ''Disabled''
| Do not establish a TLS/SSL encrypted connection, if the certificate validation failed.
|-
| Administrative DN
| <tt>cn=admin,dc=example,dc=com</tt>
| LDAP username that MailStore should use for accessing the OpenLDAP server
|-
| Password
| <tt>MySecretPassword</tt>
| Password of the user specified in ''Administrative DN'' above
|-
| Base DN
| <tt>dc=example,dc=com</tt>
| The Base-DN of the LDAP directory
|}

==== User Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
|rowspan = 2 | Filter (optional)
|<tt>(objectClass=posixAccount)</tt>
|All objects of type ''posixAccount'', usually all users
|-
|<tt>(&(objectClass=posixAccount)(mail=*))</tt>
|All users with configured email address
|-
|rowspan = 2 |User Name
|<tt>uid</tt>
| Use the value of LDAP attribute ''UID'' as MailStore user name
|-
|<tt>cn</tt>
| Use the value of LDAP attribute ''CN'' as MailStore user name
|-
|rowspan = 2 |Local Part Only (E-mail Addresses / UPN)
|''Enabled''
| Only use the local part from a user name in UPN format
|-
|''Disabled''
| Use the full user name in UPN format
|-
|Full Name (optional)
|<tt>displayName</tt>
| Use the value of LDAP attribute ''displayName'' as MailStore user name
|-
|E-mail Addresses (opt.)
|<tt>mail</tt>
| Use the values of LDAP attribute ''mail'' for the email addresses of MailStore users
|}

==== Group Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Filter
| <tt>(objectClass=posixGroup)</tt>
| All objects of category ''posixGroup'', usually all groups
|-
| Name
| <tt>cn</tt>
| Use the value of the LDAP attribute ''CN'' as group name
|-
| Description (optional)
| <tt>description</tt>
| Use the value of the LDAP attribute ''description'' as group name
|-
| Members
| <tt>member</tt>
| Use the value LDAP attribute ''member'' to determine group members
|-
| rowspan=2 | Search Filter for Members
| ''emtpy''
| Group members are returned as Distinguished Names
|-
| <tt><nowiki>(|(&(objectClass=posixAccount)(uid={member}))(&(objectClass=posixGroup)(cn={member})))</nowiki></tt>
| members in ''memberUid'' are only given as plain user or group names
|-
| Group
| <tt>MailStore Users</tt>
| Synchronize only users from the ''MailStore Users'' group
|}

{{Directory Services Run Synchronization}}
[[File:mads_sync_02.png|center|450px]]

{{Directory Services Test Authentication}}
{{Directory Services Login with Directory Services Credentials|LDAP server}}

[[de:Generische_LDAP-Integration]]
[[en:Generic LDAP Integration]]

Generic LDAP Integration

2020-12-07T16:19:18Z

Dweuthen: /* LDAP Connection */

{{Directory Services Preamble|LDAP server}}

== Accessing Directory Service Integration ==
{{Directory Services Accessing Configuration|LDAP server|Mldap_sync_01.png}}

== Connection to the LDAP Directory Service ==
For synchronization MailStore Server requires information on how to connect to the LDAP directory service and how to obtain the required data from it.

=== LDAP Connection ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Server Name
| DNS name or IP address of your LDAP server
|-
| Protocol
| Configure whether the connection to the LDAP server is to be unencrypted on port 389, LDAP-TLS on port 389, or LDAP-SSL on port 636
|-
| Accept all certificates (only when using LDAP-TLS or LDAP-SSL)
| {{Option_Accept_all_certificates}}
|-
| Administrative DN
| Distinguished Name (DN) or user name of a user with appropriate privileges on the LDAP server
|-
| Password
| Password of the user specified in Administrative DN
|-
| Base DN
| LDAP base DN, if needed
|}

=== User Filter and Attributes ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Filter (optional)
| Filter LDAP objects to return only user objects with email addresses
|-
| User Name
| The LDAP attribute containing the username that you wish MailStore to use
|-
| Local Part Only (E-mail Addresses / UPN)
| If unchecked, MailStore will use the full username including domain portion, e.g. ''username@example.com''. If checked, MailStore will only use the local part of the User Name specified, e.g. the ''username''
|-
| Full Name (optional)
| The full name of the user, for display purposes within MailStore
|-
| E-mail Addresses (opt.)
| The LDAP attribute containing the user's email address. This can contain multiple, comma separated, e-mail addresses
|}

=== Group Filter and Attributes ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Filter
| LDAP filter to return only group objects
|-
| Name
| The LDAP attribute that contains the common name of a group
|-
| Description (optional)
| The LDAP attribute that contains a human readable description for each group
|-
| Members
| The LDAP attribute that contains the common name of group members
|-
| Search Filter for Members
| LDAP filter to resolve group members when members are not specified as a DN string as part of the group results. MailStore will fill in the <tt>{member}</tt> variable with values from the ''Members'' attribute
|-
| Group
| The actual group(s) containing users that MailStore Server will synchronize
|}

=== Options ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Automatically delete users in MailStore Server
| If enabled, MailStore will delete users from the local MailStore database when the user is deleted, removed from the filtered group, or falls out of scope based on the above LDAP filter settings
|}

{{Directory Services Assign Default Privileges}}

== Configuration Samples ==

=== Active Directory ===
It is possible to connect LDAP Generic to Active Directory, allowing for more flexibility and control than MailStore's built-in Active Directory support. For example, LDAP Generic will allow you to accept invalid or self-signed certificates, use custom filters or change which attributes are used by MailStore.

It is assumed that the Active Directory LDAP service is reachable by the MailStore instance on TCP port 389 or 636, including opening ports in the firewall, where applicable.

As most Active Directory configurations are quite similar, it will be possible to copy/paste most of the examples below, making only minor modifications based on your environment.

==== LDAP Connection ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Server Name
| <tt>dc001.example.com</tt>
| DNS name or IP address of an Active Directory domain controller.
|-
| rowspan=3 | Protocol
| <tt>LDAP</tt>
| Do not use transport encryption
|-
| <tt>LDAP-TLS</tt>
| Use TLS as transport encryption
|-
| <tt>LDAP-SSL</tt>
| Use SSL as transport encryption
|-
| rowspan=2| Accept all certificates
| ''Enabled''
| Establish a TLS/SSL encrypted connection, even if the certificate validation failed.
|-
| ''Disabled''
| Do not establish a TLS/SSL encrypted connection, if the certificate validation failed.
|-
| Administrative DN
| <tt>mailstore@example.com</tt>
| Active Directory account for MailStore's use
|-
| Password
| <tt>MySecretPassword</tt>
| Password of the user specified in ''Administrative DN'' above
|-
| Base DN
| ''Empty''
| LDAP base DN will be detected automatically in Active Directory environments
|}

==== User Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
|rowspan = 4 | Filter (optional)
|<tt>(objectCategory=User)</tt>
|All users
|-
|<tt>(&(objectCategory=User)(mail=*))''</tt>
|All users with Active Directory e-mail addresses
|-
|<tt>(&(objectCategory=User)(proxyAddresses=*))</tt>
|All users with Exchange e-mail addresses
|-
|<tt>(&(objectCategory=User)(proxyAddresses=*)(mail=*))</tt>
|All users with Exchange e-mail addresses who are also listed in the global address book
|-
|rowspan = 2 |User Name
|<tt>userPrincipalName</tt>
| Use Active Directory user name as MailStore user name
|-
|<tt>sAMAccountName</tt>
| Use pre-Windows 2000 user name as MailStore user name
|-
|rowspan = 2 |Local Part Only (E-mail Addresses / UPN)
|''Enabled''
| Only use the local part from the Active Directory user name in UPN format
|-
|''Disabled''
| Use the full Active Directory user name in UPN format
|-
|Full Name (optional)
|<tt>displayName</tt>
|The user's visible name in Active Directory
|-
|rowspan = 2 |E-mail Addresses (opt.)
|<tt>proxyAddresses</tt>
|Exchange environments
|-
|<tt>mail</tt>
|Non-Exchange environments
|}

==== Group Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Filter
| <tt>(objectCategory=Group)</tt>
| All objects of category ''Group'', usually all groups
|-
| Name
| <tt>cn</tt>
| Use the value of the LDAP attribute ''CN'' as group name
|-
| Description (optional)
| <tt>description</tt>
| Use the value of the LDAP attribute ''description'' as group name
|-
| Members
| <tt>member</tt>
| Use the value LDAP attribute ''member'' to determine group members
|-
| Search Filter for Members
| ''emtpy''
| Group members are returned as Distinguished Names
|-
| Group
| <tt>MailStore Users</tt>
| Synchronize only users from the ''MailStore Users'' group
|}

=== OpenLDAP ===
OpenLDAP is a commonly used LDAP server, configuration will require some knowledge of your LDAP environment.

It is assumed that the LDAP service is reachable by the MailStore instance on TCP port 389 or 636, including opening ports in the firewall, where applicable.

As OpenLDAP is very flexible, configuration options vary from server to server and you may need to make significant modifications to the examples below to fit the schema used in your environment.

==== LDAP Connection ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Server Name
| <tt>directory.example.com</tt>
| DNS name or IP address of the OpenLDAP server.
|-
| rowspan=3 | Protocol
| <tt>LDAP</tt>
| Do not use transport encryption
|-
| <tt>LDAP-TLS</tt>
| Use TLS as transport encryption
|-
| <tt>LDAP-SSL</tt>
| Use SSL as transport encryption
|-
| rowspan=2| Ignore SSL Security Warnings
| ''Enabled''
| Establish a TLS/SSL encrypted connection, even if the certificate validation failed.
|-
| ''Disabled''
| Do not establish a TLS/SSL encrypted connection, if the certificate validation failed.
|-
| Administrative DN
| <tt>cn=admin,dc=example,dc=com</tt>
| LDAP username that MailStore should use for accessing the OpenLDAP server
|-
| Password
| <tt>MySecretPassword</tt>
| Password of the user specified in ''Administrative DN'' above
|-
| Base DN
| <tt>dc=example,dc=com</tt>
| The Base-DN of the LDAP directory
|}

==== User Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
|rowspan = 2 | Filter (optional)
|<tt>(objectClass=posixAccount)</tt>
|All objects of type ''posixAccount'', usually all users
|-
|<tt>(&(objectClass=posixAccount)(mail=*))</tt>
|All users with configured email address
|-
|rowspan = 2 |User Name
|<tt>uid</tt>
| Use the value of LDAP attribute ''UID'' as MailStore user name
|-
|<tt>cn</tt>
| Use the value of LDAP attribute ''CN'' as MailStore user name
|-
|rowspan = 2 |Local Part Only (E-mail Addresses / UPN)
|''Enabled''
| Only use the local part from a user name in UPN format
|-
|''Disabled''
| Use the full user name in UPN format
|-
|Full Name (optional)
|<tt>displayName</tt>
| Use the value of LDAP attribute ''displayName'' as MailStore user name
|-
|E-mail Addresses (opt.)
|<tt>mail</tt>
| Use the values of LDAP attribute ''mail'' for the email addresses of MailStore users
|}

==== Group Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Filter
| <tt>(objectClass=posixGroup)</tt>
| All objects of category ''posixGroup'', usually all groups
|-
| Name
| <tt>cn</tt>
| Use the value of the LDAP attribute ''CN'' as group name
|-
| Description (optional)
| <tt>description</tt>
| Use the value of the LDAP attribute ''description'' as group name
|-
| Members
| <tt>member</tt>
| Use the value LDAP attribute ''member'' to determine group members
|-
| rowspan=2 | Search Filter for Members
| ''emtpy''
| Group members are returned as Distinguished Names
|-
| <tt><nowiki>(|(&(objectClass=posixAccount)(uid={member}))(&(objectClass=posixGroup)(cn={member})))</nowiki></tt>
| members in ''memberUid'' are only given as plain user or group names
|-
| Group
| <tt>MailStore Users</tt>
| Synchronize only users from the ''MailStore Users'' group
|}

{{Directory Services Run Synchronization}}
[[File:mads_sync_02.png|center|450px]]

{{Directory Services Test Authentication}}
{{Directory Services Login with Directory Services Credentials|LDAP server}}

[[de:Generische_LDAP-Integration]]
[[en:Generic LDAP Integration]]

Generic LDAP Integration

2020-12-07T16:18:53Z

Dweuthen: /* Connection to the LDAP Directory Service */

{{Directory Services Preamble|LDAP server}}

== Accessing Directory Service Integration ==
{{Directory Services Accessing Configuration|LDAP server|Mldap_sync_01.png}}

== Connection to the LDAP Directory Service ==
For synchronization MailStore Server requires information on how to connect to the LDAP directory service and how to obtain the required data from it.

=== LDAP Connection ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Server Name
| DNS name or IP address of your LDAP server
|-
| Protocol
| Configure whether the connection to the LDAP server is to be unencrypted on port 389, LDAP-TLS on port 389, or LDAP-SSL on port 636
|-
| Accept all certificates (only when using LDAP-TLS or LDAP-SSL)
| {{Option_Accept_all_certificates}}
|-
| Administrative DN
| Distinguished Name (DN) or user name of a user with appropriate privileges on the LDAP server
|-
| Password
| Password of the user specified in Administrative DN
|-
| Base DN
| LDAP base DN, if needed
|}

=== User Filter and Attributes ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Filter (optional)
| Filter LDAP objects to return only user objects with email addresses
|-
| User Name
| The LDAP attribute containing the username that you wish MailStore to use
|-
| Local Part Only (E-mail Addresses / UPN)
| If unchecked, MailStore will use the full username including domain portion, e.g. ''username@example.com''. If checked, MailStore will only use the local part of the User Name specified, e.g. the ''username''
|-
| Full Name (optional)
| The full name of the user, for display purposes within MailStore
|-
| E-mail Addresses (opt.)
| The LDAP attribute containing the user's email address. This can contain multiple, comma separated, e-mail addresses
|}

=== Group Filter and Attributes ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Filter
| LDAP filter to return only group objects
|-
| Name
| The LDAP attribute that contains the common name of a group
|-
| Description (optional)
| The LDAP attribute that contains a human readable description for each group
|-
| Members
| The LDAP attribute that contains the common name of group members
|-
| Search Filter for Members
| LDAP filter to resolve group members when members are not specified as a DN string as part of the group results. MailStore will fill in the <tt>{member}</tt> variable with values from the ''Members'' attribute
|-
| Group
| The actual group(s) containing users that MailStore Server will synchronize
|}

=== Options ===
{| class="wikitable"
! width=250px | Name
! Description
|-
| Automatically delete users in MailStore Server
| If enabled, MailStore will delete users from the local MailStore database when the user is deleted, removed from the filtered group, or falls out of scope based on the above LDAP filter settings
|}

{{Directory Services Assign Default Privileges}}

== Configuration Samples ==

=== Active Directory ===
It is possible to connect LDAP Generic to Active Directory, allowing for more flexibility and control than MailStore's built-in Active Directory support. For example, LDAP Generic will allow you to accept invalid or self-signed certificates, use custom filters or change which attributes are used by MailStore.

It is assumed that the Active Directory LDAP service is reachable by the MailStore instance on TCP port 389 or 636, including opening ports in the firewall, where applicable.

As most Active Directory configurations are quite similar, it will be possible to copy/paste most of the examples below, making only minor modifications based on your environment.

==== LDAP Connection ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Server Name
| <tt>dc001.example.com</tt>
| DNS name or IP address of an Active Directory domain controller.
|-
| rowspan=3 | Protocol
| <tt>LDAP</tt>
| Do not use transport encryption
|-
| <tt>LDAP-TLS</tt>
| Use TLS as transport encryption
|-
| <tt>LDAP-SSL</tt>
| Use SSL as transport encryption
|-
| rowspan=2| Ignore SSL Security Warnings
| ''Enabled''
| Establish a TLS/SSL encrypted connection, even if the certificate validation failed.
|-
| ''Disabled''
| Do not establish a TLS/SSL encrypted connection, if the certificate validation failed.
|-
| Administrative DN
| <tt>mailstore@example.com</tt>
| Active Directory account for MailStore's use
|-
| Password
| <tt>MySecretPassword</tt>
| Password of the user specified in ''Administrative DN'' above
|-
| Base DN
| ''Empty''
| LDAP base DN will be detected automatically in Active Directory environments
|}

==== User Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
|rowspan = 4 | Filter (optional)
|<tt>(objectCategory=User)</tt>
|All users
|-
|<tt>(&(objectCategory=User)(mail=*))''</tt>
|All users with Active Directory e-mail addresses
|-
|<tt>(&(objectCategory=User)(proxyAddresses=*))</tt>
|All users with Exchange e-mail addresses
|-
|<tt>(&(objectCategory=User)(proxyAddresses=*)(mail=*))</tt>
|All users with Exchange e-mail addresses who are also listed in the global address book
|-
|rowspan = 2 |User Name
|<tt>userPrincipalName</tt>
| Use Active Directory user name as MailStore user name
|-
|<tt>sAMAccountName</tt>
| Use pre-Windows 2000 user name as MailStore user name
|-
|rowspan = 2 |Local Part Only (E-mail Addresses / UPN)
|''Enabled''
| Only use the local part from the Active Directory user name in UPN format
|-
|''Disabled''
| Use the full Active Directory user name in UPN format
|-
|Full Name (optional)
|<tt>displayName</tt>
|The user's visible name in Active Directory
|-
|rowspan = 2 |E-mail Addresses (opt.)
|<tt>proxyAddresses</tt>
|Exchange environments
|-
|<tt>mail</tt>
|Non-Exchange environments
|}

==== Group Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Filter
| <tt>(objectCategory=Group)</tt>
| All objects of category ''Group'', usually all groups
|-
| Name
| <tt>cn</tt>
| Use the value of the LDAP attribute ''CN'' as group name
|-
| Description (optional)
| <tt>description</tt>
| Use the value of the LDAP attribute ''description'' as group name
|-
| Members
| <tt>member</tt>
| Use the value LDAP attribute ''member'' to determine group members
|-
| Search Filter for Members
| ''emtpy''
| Group members are returned as Distinguished Names
|-
| Group
| <tt>MailStore Users</tt>
| Synchronize only users from the ''MailStore Users'' group
|}

=== OpenLDAP ===
OpenLDAP is a commonly used LDAP server, configuration will require some knowledge of your LDAP environment.

It is assumed that the LDAP service is reachable by the MailStore instance on TCP port 389 or 636, including opening ports in the firewall, where applicable.

As OpenLDAP is very flexible, configuration options vary from server to server and you may need to make significant modifications to the examples below to fit the schema used in your environment.

==== LDAP Connection ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Server Name
| <tt>directory.example.com</tt>
| DNS name or IP address of the OpenLDAP server.
|-
| rowspan=3 | Protocol
| <tt>LDAP</tt>
| Do not use transport encryption
|-
| <tt>LDAP-TLS</tt>
| Use TLS as transport encryption
|-
| <tt>LDAP-SSL</tt>
| Use SSL as transport encryption
|-
| rowspan=2| Ignore SSL Security Warnings
| ''Enabled''
| Establish a TLS/SSL encrypted connection, even if the certificate validation failed.
|-
| ''Disabled''
| Do not establish a TLS/SSL encrypted connection, if the certificate validation failed.
|-
| Administrative DN
| <tt>cn=admin,dc=example,dc=com</tt>
| LDAP username that MailStore should use for accessing the OpenLDAP server
|-
| Password
| <tt>MySecretPassword</tt>
| Password of the user specified in ''Administrative DN'' above
|-
| Base DN
| <tt>dc=example,dc=com</tt>
| The Base-DN of the LDAP directory
|}

==== User Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
|rowspan = 2 | Filter (optional)
|<tt>(objectClass=posixAccount)</tt>
|All objects of type ''posixAccount'', usually all users
|-
|<tt>(&(objectClass=posixAccount)(mail=*))</tt>
|All users with configured email address
|-
|rowspan = 2 |User Name
|<tt>uid</tt>
| Use the value of LDAP attribute ''UID'' as MailStore user name
|-
|<tt>cn</tt>
| Use the value of LDAP attribute ''CN'' as MailStore user name
|-
|rowspan = 2 |Local Part Only (E-mail Addresses / UPN)
|''Enabled''
| Only use the local part from a user name in UPN format
|-
|''Disabled''
| Use the full user name in UPN format
|-
|Full Name (optional)
|<tt>displayName</tt>
| Use the value of LDAP attribute ''displayName'' as MailStore user name
|-
|E-mail Addresses (opt.)
|<tt>mail</tt>
| Use the values of LDAP attribute ''mail'' for the email addresses of MailStore users
|}

==== Group Filter and Attributes ====
{| class="wikitable"
! width=250px | Name
! Value
! Description
|-
| Filter
| <tt>(objectClass=posixGroup)</tt>
| All objects of category ''posixGroup'', usually all groups
|-
| Name
| <tt>cn</tt>
| Use the value of the LDAP attribute ''CN'' as group name
|-
| Description (optional)
| <tt>description</tt>
| Use the value of the LDAP attribute ''description'' as group name
|-
| Members
| <tt>member</tt>
| Use the value LDAP attribute ''member'' to determine group members
|-
| rowspan=2 | Search Filter for Members
| ''emtpy''
| Group members are returned as Distinguished Names
|-
| <tt><nowiki>(|(&(objectClass=posixAccount)(uid={member}))(&(objectClass=posixGroup)(cn={member})))</nowiki></tt>
| members in ''memberUid'' are only given as plain user or group names
|-
| Group
| <tt>MailStore Users</tt>
| Synchronize only users from the ''MailStore Users'' group
|}

{{Directory Services Run Synchronization}}
[[File:mads_sync_02.png|center|450px]]

{{Directory Services Test Authentication}}
{{Directory Services Login with Directory Services Credentials|LDAP server}}

[[de:Generische_LDAP-Integration]]
[[en:Generic LDAP Integration]]

Archiving Emails from Kerio Connect

2020-12-07T16:17:26Z

Dweuthen: /* Step 2: Configuration of MailStore Server */

{{Implementation_Guide_Preamble|Kerio Connect Server}}

== Synchronizing Users ==
MailStore Server offers special support for synchronizing users with an Kerio Connect server. Information about setup is available in chapter [[Kerio Connect Integration]] of the manual.

== Archiving Individual Mailboxes ==
{{Archiving Single Mailbox Preamble|Kerio Connect Server}}
{{Archiving Single Mailbox|Kerio Connect|Kerio_mailbox_00.png|Kerio_mailbox_01.png|Kerio_mailbox_02.png|Kerio_mailbox_03.png}}

'''Hint:''' If MailStore Server is configured to automatically delete successfully archived emails from the mailboxes and you do not want these emails moved to the "Deleted Items" folder by Kerio Connect, follow the instructions under [[Archiving_Emails_from_Kerio_Connect#Step_2:_Permanently_Deleting_Successfully_Archived_Emails|Permanently Deleting Successfully Archived Emails]] in the [[Archiving_Emails_from_Kerio_Connect#Archiving_Incoming_and_Outgoing_Emails_Directly|Archiving Incoming and Outgoing Emails Directly]] section of this document.

== Archiving Multiple Mailboxes in One Step ==
Kerio Connect allows to access the mailboxes of other users via IMAP by using a master password.

=== Step 1: Defining a Master Password ===
* Log on to Kerio Connect Administration with an administrative user.
* Click on ''Configuration'' > ''Advanced Options'' and open the ''Master Authentication'' tab.
*:[[File:Kerio_masterauth_00.png|center|550px]]
* Set the ''Enable master authentication on this server'' option.
* Adjust the ''Allow master authentication only from IP address group'' to your needs.
* Enter a complex password in the field ''Master password'' and confirm the password by entering it again in the ''Confirm password'' field.
* Click on ''Apply'' to save changes.

=== Step 2: Configuration of MailStore Server ===
* Log on to MailStore Client as MailStore administrator.
* Click on ''Archive Email''.
* From the list ''E-Mail-Server'' under ''Create Profile'' select ''Kerio Connect'' to create a new archiving profile.
* A wizard opens to help specify the archiving settings.
*:[[File:Keio_mailboxes_00.png|center|350px]]
* Select ''Multiple Mailboxes''.
*: {{Archiving_Multiple_or_Multidrop_Note|multiple mailboxes|[[#Synchronizing_Users|directory synchronization]]}}
*:[[File:Kerio_mailboxes_01.png|center|350px]]
* Under ''Server Name'' enter the name of your Kerio Connect server.
* Under ''Access via'' select the protocol to be used to access the Kerio Connect server. Wherever possible, you should always choose ''IMAP-TLS'' or ''IMAP-SSL''.
*: '''Please note:''' {{Option_Accept_all_certificates}}
* Under ''Password'' enter the master password defined in step one.
* Click on ''Next'' to continue.
*:[[File:Kerio_mailboxes_02.png|center|350px]]
* Customize the [[Email_Archiving_with_MailStore_Basics#Selecting_Folders_for_Archiving|list of folders to be archived]], the filter and the [[Email_Archiving_with_MailStore_Basics#Deleting_Emails_after_Archiving|deletion rules]] as needed. By default, no emails will be deleted from the mailbox. The timeout value only has to be adjusted if necessary (e.g. with very slow servers). Please keep in mind that these settings apply to all mailboxes to be archived.
* Click on ''Next'' to continue.
{{Archiving_Multiple_Mailboxes_Centrally_Options|Kerio_mailboxes_03.png|Kerio}}

'''Hint:''' If MailStore Server is configured to automatically delete successfully archived emails from the mailboxes and you do not want these emails moved to the "Deleted Items" folder by Kerio Connect, follow the instructions under [[Archiving_Emails_from_Kerio_Connect#Step_2:_Permanently_Deleting_Successfully_Archived_Emails|Permanently Deleting Successfully Archived Emails]] in the [[Archiving_Emails_from_Kerio_Connect#Archiving_Incoming_and_Outgoing_Emails_Directly|Archiving Incoming and Outgoing Emails Directly]] section of this document.

== Archiving Incoming and Outgoing Emails Directly ==
The Kerio Connect server offers an easy way to deliver all emails to a Kerio Connect specific archiving mailbox. MailStore Server archives this mailbox by means of an archiving task of type [[Archiving IMAP and POP3 Multidrop Mailboxes]].

=== Step 1: Setting up a Kerio Connect Archiving Mailbox ===
* Click on ''Accounts'' and then on ''Users''.
* Click on ''Add...'' and create a new mailbox that is used for archiving.
* Click on ''Configuration'' and then on ''Archiving and Backup''.
* Open the ''Archiving'' tab.
*:[[File:Kerio_multidrop_01.png|center|550px]]
* Select the checkbox ''Enable email archiving''.
* Select the checkbox ''Archive to the remote email address'' and enter the email address of the archive mailbox (e.g. ''journal@mydomain.tld'') that has been created previously into the text field. Please note, that this email address must not be assigned to any MailStore user.
* Select all four options under ''Archive'':
** ''Local messages''
** ''Incoming messages ''
** ''Outgoing messages''
** ''Relayed messages''

=== Step 2: Permanently Deleting Successfully Archived Emails ===
By default, Kerio Connect moves emails marked as deleted via IMAP to the ''Deleted Items'' folder. As a result, the next time that the same mailbox is archived, MailStore will detect this move of messages in the mailbox, and then move those messages to the ''Deleted Items'' folder in the archive as well. The previously existing folder structure in the archive is lost.

This behavior may be undesirable.

There are two options to prevent this behavior. First, the ''Deleted Items'' folder could be completely excluded from archiving. Then MailStore will no longer detect moving messages to this folder and will be unable to move the messages in the archive. As a result, however, messages that were not visible in folders other than ''Deleted Items'' during archiving that was previously in progress are no longer archived at all.

Second, the behavior of the Kerio Connect Server can be customized. The Kerio Connect Server can be configured so that messages marked as deleted are no longer moved to the ''Deleted Items'' folder, but only marked as deleted as intended by the IMAP standard.

To enforce the IMAP default behavior, you must modify the ''mailserver.cfg'' file as described below. The changes affect all IMAP clients:

* Stop the Kerio Connect Service
* Navigate to the install directory and locate the ''mailserver.cfg'' file
* Open the file in a text editor and search for the string ''AutoExpungeOnDelete''
* Change the value from ''1'' to ''0''
* Once Kerio Connect is completely stopped, save your changes to the file
* Start the Kerio Connect Service

=== Step 3: Configuration of MailStore Server ===
{{Archiving Multidrop_Mailbox|Kerio Connect|Kerio_catchall_00.png|Kerio_catchall_01.png|[[#Synchronizing_Users|directory synchronization]]}}

== Weblinks ==
* {{MailStore Support}}
* [http://www.kerio.com Kerio Homepage]

[[de:E-Mail-Archivierung von Kerio Connect]]
[[en:Archiving Emails from Kerio Connect]]

Template:Archiving Multidrop Mailbox

2020-12-07T16:09:32Z

Dweuthen:

Setting up archiving processes for multidrop mailboxes is done using archiving profiles. General information about archiving profiles is available in chapter [[Email_Archiving_with_MailStore_Basics#Working_with_Archiving_Profiles|Working with Archiving Profiles]].

Please proceed as follows:

* Log on as MailStore administrator using MailStore Client.
* In MailStore, click on ''Archive Email''.
* To create a new archiving profile, select ''{{{1|Other Server via IMAP/POP3}}}'' from the ''Email Server'' list in the ''Create Profile'' area of the application window.
* A wizard opens guiding you through the setup process.
*:[[File:{{{2|arch_imap_catch_01.png}}}|center|350px]]
* Select ''Multidrop Mailbox'' and click ''OK''.
*: {{#if:{{{4|}}}|{{Archiving_Multiple_or_Multidrop_Note|a multidrop mailbox|{{{4}}}}}|{{Archiving_Multiple_or_Multidrop_Note|a multidrop mailbox}}}}
* Fill out the fields ''Access via'', ''Host'', ''Username'' and ''Password''. Click on ''Test'' to verify the data entered. 
*:'''For the TLS and SSL protocols only:''' {{Option_Accept_all_certificates}}
*:[[File:{{{3|Arch_imap_catch_02.png}}}|350px|center]]
* Adjust any further settings such as how to handle emails with unknown addresses or asking MailStore to delete emails after they have been archived. The latter option is especially sensible when dealing with mailboxes that are exclusively used for archiving. 
*; <div class="msnote">'''Notice:''' If you are additionally archiving messages from the users mailboxes, you have to set the target folder names here to the folder names that match the names that were created by the user mailbox archiving profiles. Otherwise, additional or similar folders could be created in the users' archives. The folder names are case-sensitive.</div>
* If the option ''Synchronize with Directory Services before archiving'' is enabled, the MailStore user list will be synchronized with configured directory service before the archiving process actually runs. This has the advantage that, for example, new employees will be created as MailStore users before archiving which enables MailStore to sort their emails into the correct archives.
* Click on ''Next''.
* The timeout value only has to be adjusted on a case-by-case basis (e.g. with very slow servers).
* Click on ''Next''.
* At the last step, select a name for the new archiving profile. After clicking on ''Finish'', the archiving profile will be listed under ''Saved Profiles'' and can be run immediately or automatically, if desired.
<noinclude>
[[de:Vorlage:Archivierung Sammelpostfach archivieren]]
[[en:Template:Archiving Multidrop Mailbox]]
</noinclude>

Template:Archiving Multidrop Mailbox

2020-12-07T16:09:04Z

Dweuthen:

Setting up archiving processes for multidrop mailboxes is done using archiving profiles. General information about archiving profiles is available in chapter [[Email_Archiving_with_MailStore_Basics#Working_with_Archiving_Profiles|Working with Archiving Profiles]].

Please proceed as follows:

* Log on as MailStore administrator using MailStore Client.
* In MailStore, click on ''Archive Email''.
* To create a new archiving profile, select ''{{{1|Other Server via IMAP/POP3}}}'' from the ''Email Server'' list in the ''Create Profile'' area of the application window.
* A wizard opens guiding you through the setup process.
*:[[File:{{{2|arch_imap_catch_01.png}}}|center|350px]]
* Select ''Multidrop Mailbox'' and click ''OK''.
*: {{#if:{{{4|}}}|{{Archiving_Multiple_or_Multidrop_Note|a multidrop mailbox|{{{4}}}}}|{{Archiving_Multiple_or_Multidrop_Note|a multidrop mailbox}}}}
* Fill out the fields ''Access via'', ''Host'', ''Username'' and ''Password''. Click on ''Test'' to verify the data entered. 
*;'''For the TLS and SSL protocols only:''' {{Option_Accept_all_certificates}}
*:[[File:{{{3|Arch_imap_catch_02.png}}}|350px|center]]
* Adjust any further settings such as how to handle emails with unknown addresses or asking MailStore to delete emails after they have been archived. The latter option is especially sensible when dealing with mailboxes that are exclusively used for archiving. 
*; <div class="msnote">'''Notice:''' If you are additionally archiving messages from the users mailboxes, you have to set the target folder names here to the folder names that match the names that were created by the user mailbox archiving profiles. Otherwise, additional or similar folders could be created in the users' archives. The folder names are case-sensitive.</div>
* If the option ''Synchronize with Directory Services before archiving'' is enabled, the MailStore user list will be synchronized with configured directory service before the archiving process actually runs. This has the advantage that, for example, new employees will be created as MailStore users before archiving which enables MailStore to sort their emails into the correct archives.
* Click on ''Next''.
* The timeout value only has to be adjusted on a case-by-case basis (e.g. with very slow servers).
* Click on ''Next''.
* At the last step, select a name for the new archiving profile. After clicking on ''Finish'', the archiving profile will be listed under ''Saved Profiles'' and can be run immediately or automatically, if desired.
<noinclude>
[[de:Vorlage:Archivierung Sammelpostfach archivieren]]
[[en:Template:Archiving Multidrop Mailbox]]
</noinclude>

Archiving Emails from MDaemon

2020-12-07T16:06:00Z

Dweuthen: /* Archiving Multiple Mailboxes in One Step */

{{Implementation_Guide_Preamble|MDaemon Email Server}}

== Synchronizing Users ==
In addition to the internal user databases, MDaemon may also use SQL databases or LDAP directory services such as Active Directory or OpenLDAP to manage and authenticate users. It is recommended to set up directory service synchronization in MailStore as well. Additional information on synchronizing users can be found in the corresponding chapters of the MailStore Server manual:

* [[MDaemon Integration]] (recommended)
* [[Active Directory Integration]]
* [[Generic LDAP Integration]]
* [[Application Integration]] (SPE)

== Archiving Individual Mailboxes ==
{{Archiving Single Mailbox Preamble|MDaemon}}
{{Archiving Single Mailbox|MDaemon Email Server|Mdaemon_mailbox_00.png|Mdaemon_mailbox_01.png|Mdaemon_mailbox_02.png|Mdaemon_mailbox_03.png}}

== Archiving Multiple Mailboxes in One Step ==
* Log on to MailStore Client as administrator.
* Click on ''Archive Email''.
* From the ''Email Servers'' list under ''Create Profile'' select ''MDaemon Email Server'' to create a new archiving profile.
* A wizard opens to assist in specifying the archiving settings.
*:[[File:Mdaemon_mailboxes_00.png|center|350px]]
* Select ''Multiple Mailboxes''.
*: {{Archiving_Multiple_or_Multidrop_Note|multiple mailboxes|[[#Synchronizing_Users|directory synchronization]]}}
*:[[File:Mdaemon_mailboxes_01.png|center|350px]]
* Under ''Host'' enter the name or IP address of your MDaemon Email Server.
* From ''Access via'' select the protocol used to access the MDaemon Email Server. It is recommended to select either ''IMAP-TLS'' or ''IMAP-SSL''.
*: '''Please Note:''' {{Option_Accept_all_certificates}}
* Under ''User Name'' and ''Password'', enter the access data of a user who has access to all the MDaemon mailboxes to be archived. This is usually a MDaemon administrator.
* Under ''Special Folder (optional)'' you may enter the name of the IMAP folder containing sent messages.
* Click on ''Next'' to continue.
* Customize the [[Email_Archiving_with_MailStore_Basics#Selecting_Folders_for_Archiving|list of folders to be archived]], the [[Email_Archiving_with_MailStore_Basics#Specifying_Filter_Criteria_for_Archiving|filter]] and the [[Email_Archiving_with_MailStore_Basics#Deleting_Emails_after_Archiving|deletion rules]]. By default, no emails will be deleted from a mailbox. The ''Timeout'' value only has to be adjusted in specific cases (e.g. with very slow servers). Please keep in mind that these settings apply to all mailboxes to be archived.
*: [[File:Mdaemon_mailboxes_02.png|center|350px]]
*: '''Please note:''' ''Public Folders'' and ''Shared Folders'' to which a user has access, will be archived into the user's own archive by default. Please refer to the [[Archiving_Emails_from_MDaemon#Public_Folders|public folders section]] on how to prevent this.
* Click ''Next'' to continue.
{{Archiving_Multiple_Mailboxes_Centrally_Options|Mdaemon_mailboxes_03.png|MDaemon}}

== Archiving Incoming and Outgoing Emails Directly ==
The MDaemon Email Server offers an easy way to deliver all emails to an MDaemon specific multidrop mailbox. MailStore Server archives this mailbox by means of an archiving task of type [[Archiving IMAP and POP3 Multidrop Mailboxes]].

=== Step 1: Create a new account to be used as multidrop mailbox for archiving ===
* Add a new account by selecting ''Accounts'' and then ''New Account''.
* Name the account ''mailstore'' and assign a strong password.
* In the following screenshot you can see the sample configuration for the mailbox ''mailstore@example.com''
*: [[File:Md_user_01.png|480px|center]]

=== Step 2: Create a new content filter rule for archiving ===
* Open the content filter editor by selecting ''Security'' an then ''Content Filter''.
* If not yet enabled, enable the rules processing engine.
* Click on ''New rule''.
* Choose a name for the new rule, e.g. "MailStore Archiving".
* Under ''Conditions...'' select the checkbox ''If ALL MESSAGES'' and under ''Actions...'' select the checkbox ''COPY the message to FOLDER...''.
*:[[File:Md_cf_01.png|center|480px]]
* In the text area on the bottom of the window, click on the link ''specify information''.
* In the window ''Copy message to folder...'' click on ''Browse''.
* Select the directory of the account you created in step 1.
*:[[File:Md_cf_02.png|center]]
* Click on ''OK'' to confirm the path specified.
* The configuration is now complete.
*:[[File:Md_cf_03.png|center|480px]]
*Click on ''OK'' to save the new content filter rule.

=== Step 3: Configuration of MailStore Server ===
{{Archiving Multidrop Mailbox|MDaemon Email Server|Mdaemon_catchall_00.png|Mdaemon_catchall_01.png|[[#Synchronizing_Users|directory synchronization]]}}

== Public Folders ==
Public folders in MDaemon are shown inside the users' mailboxes in a folder that can be specified by an MDaemon administrator in the ''Server Settings''.

[[File:Mdaemon-public-folders-shared-folders-en.png|center|480px]]

With MailStore's default settings, the archiving profiles ''Single Mailbox'' and ''Multiple Mailboxes'' will archive public folders into the user's own archive. If that behavior is not desired, Public Folders can be excluded from being archived by the regular archiving profiles of the users' mailboxes and instead archived into a separate archive, for the costs of one additional user license. The following describes how this can be accomplished.

=== Exclude Public Folders from regular archiving profiles ===
* Log on to MailStore Client as MailStore administrator .
* Click on ''Archive E-Mail''.
* Right click on an existing MDaemon archiving profile and click on ''Properties''.
* Click on ''Next'' to get to ''Advanced Settings''.
* In the ''Folders'' section click on the button with the three dots.
* Add the name of MDaemon's public folders into the ''Exclude Folders and Subfolders'' text area. By default the name is ''Public Folders''.
*: [[File:Mdaemon-public-folders-filter-en.png|center|480px]]
*: '''Please note:''' ''Shared Folders'' can also be excluded by adding the name of MDaemon's shared folders to the exclude list. This prevents archiving "foreign" messages into a user's archive. Refer to [[Users,_Folders_and_Settings#Specifying_Privileges|Specifying Privileges]] to find out how to give users access on other archives.
* Save the changes made to the archiving profile.

=== Creating a dedicated archiving profile for Public Folders ===
* Log on to MailStore Client as MailStore administrator .
* Create a [[Users,_Folders_and_Settings#Creating_a_New_User|new user]] into whose archive the public folders should be archived. This user requires one additional license.
* Create a new archiving profile of the type ''MDaemon'' > ''[[Archiving_Emails_from_MDaemon#Archiving_Individual_Mailboxes|Single Mailbox]]''.
* Use the credentials of a user that has at least read permissions on the public folders.
* Click on ''Next'' to get to ''Advanced Settings''.
* In the ''Folders'' section click on the button with the three dots.
* Add the name of MDaemon's public folders to the ''Include Folders and Subfolders'' text area. By default the name is ''Public Folders''.
*: [[File:Mdaemon-public-folders-filter-include-en.png|center|480px]]
* This profile will ignore all user messages in other folders and will archive public folders only.
* Close the dialog and click on ''Next''.
* Select the previously created user as ''Target Archive''.
*: [[File:Mdaemon-public-folders-user-en.png|center|480px]]
* Finish the creation of this archiving profile.
* Refer to [[Users,_Folders_and_Settings#Specifying_Privileges|Specifying Privileges]] to find out how to give users access to the Public Folder archive.

== Weblinks ==
* {{MailStore Support}}
* [http://www.mdaemon.com MDaemon Homepage]

[[de:E-Mail-Archivierung von MDaemon]]
[[en:Archiving_Emails_from_MDaemon]]

Template:Directory Services Kerio Connect Authentication

2020-12-07T16:03:42Z

Dweuthen: /* Authentication */

=== Authentication ===
As the Kerio Connect API only support synchronization, but not authentication of users, MailStore allows authenticate users via an IMAP login. To achieve this, you have to configure the following settings in the ''Authentication'' section:

*'''Kerio IMAP Server''' Enter the IP address or the DNS name of the Kerio Connect server against which authentication should be performed.
*'''IMAP Server Access''' Configure the connection protocol. Be aware that IMAP servers often expect the connection to be encrypted (IMAP-TLS, IMAP-SSL). {{Template:Option_Accept_all_certificates}}

'''Important Notice:''' If your Kerio Connect users authenticate against an Active Directory or if you store the passwords as SHA hashes, you must disable ''CRAM-MD5'' and ''DIGEST-MD5'' under ''Configuration'' > ''Advanced Options'' > ''Security Policy'' in your Kerio Connect Server. Otherwise users will not be able to log on to MailStore.
<noinclude>[[de:Includes:Anmeldung_mit_Verzeichnisdienst-Zugangsdaten_Kerio_Optionen]]</noinclude>

Kerio Connect Integration

2020-12-07T15:59:05Z

Dweuthen: /* Connection to the Kerio Connect */

{{DISPLAYTITLE:Synchronizing User Accounts with Kerio Connect}}
{{Directory Services Preamble|Kerio Connect}}

== Accessing the Directory Service Integration ==
{{Directory Services Accessing Configuration|Kerio Connect|Kerio_sync_01.png}}

== Connection to the Kerio Connect ==
For synchronization MailStore Server requires information on how to connect to the Kerio Connect.

*'''Server Name''' DNS name of the Kerio Connect. In case the Kerio Server is reachable over a non-default port (the default port is 4040), the port can be appended to the server name with a colon. {{Option Accept all certificates}}
*'''User Name''' Name of a user with administrative privileges on the Kerio Connect.
*'''Password''' Password of that user.

=== Synchronize ===
After configuring the connection settings as described above, you can specify filter criteria for the Kerio Connect user database synchronization in this section.

*'''Domains and Groups''' Choose one or more domains or groups to let only their members be created as MailStore Server Users. If no domains or groups are selected, all users will be synchronized.

{{Directory Services Options|Kerio Connect}}
{{Directory Services Kerio Connect Authentication|Kerio Connect}}
{{Directory Services Assign Default Privileges|an Kerio Connect Server}}
{{Directory Services Run Synchronization|Kerio Connect}}
[[File:ApplicationIntegration_sync_02.png|450px|center]]

{{Directory Services Test Authentication}}
{{Directory Services Login with Directory Services Credentials|Kerio Connect}}

[[de:Kerio_Connect-Integration]]
[[en:Kerio_Connect_Integration]]

Template:Archiving Single Mailbox

2020-12-07T15:55:50Z

Dweuthen:

* Users can only archive their own mailboxes to their personal user archive. To archive the emails of other users, you have to be logged on to MailStore Client as MailStore administrator. Only MailStore administrators can archive the emails of other users.
* In MailStore, click on ''Archive Email''.
* To create a new archiving profile, select ''{{{1|Other Server via IMAP/POP3}}}'' from the ''Email Servers'' list in the ''Create Profile'' area of the application window.
* A wizard opens guiding you through the setup process.
*:[[File:{{{2|Arch_mailboxes_00.png}}}|center|350px]]
* Select ''Single Mailbox'' and click on ''OK''.
* Fill out the fields ''Email Address'', ''Host'', ''Access via'', ''User Name'' and ''Password''. Click on ''Test'' to verify the data entered.
*: '''For the IMAP-TLS and IMAP-SSL protocols only:''' {{Option Accept all certificates}}
*: [[File:{{{3|arch_mailboxes_01.png}}}|center|350px]]
* Click on ''Next''.
{{#switch: {{{1}}}| MDaemon Email Server | Kerio Connect | IceWarp Mail Server = * Customize the [[Email_Archiving_with_MailStore_Basics#Selecting_Folders_for_Archiving|list of folders to be archived]], the [[Email_Archiving_with_MailStore_Basics#Specifying_Filter_Criteria_for_Archiving|filter]] and the [[Email_Archiving_with_MailStore_Basics#Deleting_Emails_after_Archiving|deletion rules]].|* Customize the [[Email_Archiving_with_MailStore_Basics#Selecting_Folders_for_Archiving|list of folders to be archived]] (IMAP only), the [[Email_Archiving_with_MailStore_Basics#Specifying_Filter_Criteria_for_Archiving|filter]] (IMAP only) and the [[Email_Archiving_with_MailStore_Basics#Deleting_Emails_after_Archiving|deletion rules]].}} By default, no emails will be deleted from a mailbox. The timeout value only has to be adjusted as needed (e.g. with very slow servers).
*: [[File:{{{4|arch_mailboxes_02.png}}}|center|350px]]
{{#ifeq: {{{1}}}|MDaemon Email Server|*: '''Please note:''' ''Public Folders'' and ''Shared Folders'' to which a user has access, will be archived into the user's own archive by default. Please refer to the [[Archiving_Emails_from_MDaemon#Public_Folders|public folders section]] on how to prevent this.}}
* Click on ''Next''.
* If logged on to MailStore Server as administrator, the target archive can be specified at the next step. Select the archive of the user for whom the mailbox is to be archived.
*: [[File:{{{5|arch_mailboxes_03.png}}}|center|350px]]
* At the last step, a name for the new archiving profile can be specified. After clicking on ''Finish'', the archiving profile will be listed under ''Saved Profiles'' and can be run immediately, if desired.
<noinclude>
[[de:Vorlage:Archivierung_Einzelnes_Postfach_archivieren]]
[[en:Template:Archiving_Single_Mailbox]]
</noinclude>

Template:Option Accept all certificates

2020-12-07T15:21:57Z

Dweuthen:

Template:Option Accept all certificates

2020-12-07T15:21:25Z

Dweuthen: Created page with "If the certificate provided by the remote host cannot be verified (e.g. self-signed or signed by an unknown certificate authority), enable the option '''Accept all certificate..."

If the certificate provided by the remote host cannot be verified (e.g. self-signed or signed by an unknown certificate authority), enable the option '''Accept all certificates''' to allow MailStore to establish a connection. As this option leads to an insecure configuration, warnings will appear in the summary.

File:ApplicationIntegration sync 02.png

2020-12-07T15:05:16Z

Dweuthen: Dweuthen uploaded a new version of File:ApplicationIntegration sync 02.png

Batch-archiving IMAP Mailboxes

2020-12-07T14:20:19Z

Dweuthen:

This chapter describes how multiple IMAP mailboxes can be archived in one step.

{{:Implementation Note}}

== Multiple IMAP Mailboxes (Master Password) ==
MailStore supports archiving multiple IMAP mailboxes by means of a privileged user and the procedure to log in to an IMAP server as specified in ''RFC 4616 - The PLAIN SASL Mechanism''. In addition to the privileged user's user name and password, the primary email address (as mailbox name) of the user whose emails are to be archived is passed on in the process as well.

You can learn from your email server's manufacturer if your email server supports this type of login and what the prerequisites are.

=== Setting up the Archiving Process ===
Archiving processes for IMAP or POP3 mailboxes are set up using archiving profiles. General information about archiving profiles is available in chapter [[Email_Archiving_with_MailStore_Basics#Working_with_Archiving_Profiles|Working with Archiving Profiles]].

Please proceed as follows:

* Log on as MailStore administrator using MailStore Client.
* In MailStore, click on ''Archive Email''.
* From the list of email servers under ''Create Profile'', select ''Other Server via IMAP/POP3''.
* A wizard opens to assist in specifying the archiving settings.
*: [[File:arch_imap_multi_mp_01.png|center|550px]]
*: '''Hint:''' The ''Online Help'' gives you direct access to the respective [[Implementation Guides]].
* Select ''Multiple IMAP Mailboxes (Master Password)'' and click on ''OK''.
*:[[File:arch_imap_multi_mp_02.png|center|350px]]
* Fill out the fields ''Host'' and ''Access via'' and enter the login data of the privileged user under ''User Name'' and ''Password''.
*: '''Only with IMAP-TLS and IMAP-SSL:''' If you are using an unofficial certificate on the email server, select the option to ''Accept all certificates''.
* Click on ''Next''.
*:[[File:arch_imap_multi_mp_03.png|center|350px]]
* If needed, customize the list of folders to be archived, the deletion rules, the filters, the timeout value in seconds and the maximum number of archiving jobs to be executed simultaneously. The timeout value only has to be adjusted if needed (e.g. when using a very slow server).
* Click on ''Next''.
{{Archiving_Multiple_Mailboxes_Centrally_Options|arch_imap_multi_mp_04.png|IMAP}}

== Multiple IMAP Mailboxes (CSV File) ==

Archiving multiple IMAP mailboxes based on a CSV file is described below. Use this procedure if your IMAP server does not support any of the authentication methods described under ''Multiple IMAP Mailboxes (Master Password)''. This feature is not available in the SPE.

=== Preparation: Creating a CSV File ===

In order to set up batch archiving of multiple IMAP mailboxes, first, a CSV file needs to be created. For this, a Microsoft Excel spreadsheet or Notepad can be used, for example:

[[File:arch_impbatch_01.png|center|600px]]
[[File:arch_impbatch_02.png|center|600px]]

Set up the columns as shown above. Please keep in mind that the headings (e.g."IMAP user name") must be in place but their notation may differ. The columns can be separated by semicolons (;), commas (,), vertical bars (|) or tabulator characters. Quoting fields with double (") or single quotes (') is supported. The quoting character may appear inside of quotes but then it must be entered twice as "" or <nowiki>''</nowiki>. The separating characters (;,| and tabulator) must only appear within quotes when used in a field. Beneath the headings, enter a row for each mailbox to be archived:

'''IMAP user name and IMAP password''' 
These entries are mandatory for MailStore to be able to access the mailbox.
Please note that these passwords are only used to archive the IMAP mailboxes and cannot be used by the users to access their MailStore archives. The admin has to [[Users,_Folders_and_Settings#Editing_an_Existing_User_Account|set a user password manually]].

'''Email address (optional)''' 
If entered, MailStore will label the folder for the respective mailbox in the tree structure of the archive with the email address specified.

'''MailStore user name (optional)''' 
If entered, MailStore will archive the respective mailbox for each MailStore user specified (store the emails in the appropriate user archive). If the user does not yet exist, a user will be created automatically. If this field is left blank, a new MailStore user is created automatically and labeled with the IMAP user name specified.

This way, any number of mailboxes of an email server may be entered. When finished, save the file in .csv format (if Microsoft Excel is used via the ''Save As'' function).

== Setting Up the Archiving Process ==

Setting up archiving processes for IMAP or POP3 mailboxes is done using archiving profiles. General information about archiving profiles is available in chapter [[Email_Archiving_with_MailStore_Basics#Working_with_Archiving_Profiles|Working with Archiving Profiles]].

Please proceed as follows:

* Log on as MailStore administrator using MailStore Client.
* In MailStore, click on ''Archive Email''.
* To create a new archiving profile, select ''Other Server via IMAP/POP3'' from the ''Email Servers'' list in ''Create Profile'' area of the application window.
* A wizard opens guiding you through the setup process.
*: [[File:arch_imap_multi_01.png|center|550px]]
* Select ''Multiple Mailboxes (CSV File)'' and click on ''OK''.
* Fill out the fields ''Host'' and ''Access via'', and under ''CSV File'' enter the path of the new CSV file (created as described above). This file contains the access information for the mailboxes to be archived.
*: '''Only with IMAP-TLS and IMAP-SSL:''' If you are using an unofficial certificate on the email server, select the option to ''Accept all certificates''.
*: [[File:arch_imap_multi_02.png|center|350px]]
*Click on ''Next''.
*If needed, adjust the list of folders to be archived, the deletion rules, the filter, the timeout value in seconds and the maximum number of archiving jobs to be executed simultaneously. The timeout value only has to be adjusted if needed (e.g. when using a very slow server).
*:[[File:arch_imap_multi_03.png|center|350px]]
*Click on ''Next''.
*At the last step, a name for the new archiving profile can be specified. After clicking on ''Finish'', the archiving profile will be listed under ''Saved Settings (Profiles)'' and can be run immediately, if desired.

{{Starting the Archiving Process}}

[[de:Stapelarchivierung_von_IMAP-Postfächern]]
[[en:Batch-archiving IMAP Mailboxes]]

File:Arch imap multi mp 01.png

2020-12-07T14:17:58Z

Dweuthen: Dweuthen uploaded a new version of File:Arch imap multi mp 01.png

File:Arch imap multi mp 02.png

2020-12-07T14:17:49Z

Dweuthen: Dweuthen uploaded a new version of File:Arch imap multi mp 02.png

File:Arch imap multi mp 03.png

2020-12-07T14:17:38Z

Dweuthen: Dweuthen uploaded a new version of File:Arch imap multi mp 03.png

File:Arch imap multi mp 04.png

2020-12-07T14:17:30Z

Dweuthen: Dweuthen uploaded a new version of File:Arch imap multi mp 04.png

File:Arch imap multi mp 04.png

2020-12-07T14:17:20Z

Dweuthen: Dweuthen uploaded a new version of File:Arch imap multi mp 04.png

File:Arch imap multi 01.png

2020-12-07T14:17:10Z

Dweuthen: Dweuthen uploaded a new version of File:Arch imap multi 01.png

File:Arch imap multi 02.png

2020-12-07T14:16:57Z

Dweuthen: Dweuthen uploaded a new version of File:Arch imap multi 02.png

File:Arch imap multi 03.png

2020-12-07T14:16:48Z

Dweuthen: Dweuthen uploaded a new version of File:Arch imap multi 03.png

File:IceWarp mailbox 00.png

2020-12-07T14:07:13Z

Dweuthen: Dweuthen uploaded a new version of File:IceWarp mailbox 00.png

File:IceWarp mailbox 01.png

2020-12-07T14:07:04Z

Dweuthen: Dweuthen uploaded a new version of File:IceWarp mailbox 01.png

File:IceWarp mailbox 02.png

2020-12-07T14:06:55Z

Dweuthen: Dweuthen uploaded a new version of File:IceWarp mailbox 02.png

File:IceWarp mailbox 03.png

2020-12-07T14:06:44Z

Dweuthen: Dweuthen uploaded a new version of File:IceWarp mailbox 03.png

File:IceWarp mailboxes 00.png

2020-12-07T14:06:36Z

Dweuthen: Dweuthen uploaded a new version of File:IceWarp mailboxes 00.png

File:IceWarp mailboxes 01.png

2020-12-07T14:06:27Z

Dweuthen: Dweuthen uploaded a new version of File:IceWarp mailboxes 01.png

File:IceWarp mailboxes 02.png

2020-12-07T14:06:16Z

Dweuthen: Dweuthen uploaded a new version of File:IceWarp mailboxes 02.png

File:IceWarp mailboxes 03.png

2020-12-07T14:06:07Z

Dweuthen: Dweuthen uploaded a new version of File:IceWarp mailboxes 03.png

File:IceWarp catchall 00.png

2020-12-07T14:05:56Z

Dweuthen: Dweuthen uploaded a new version of File:IceWarp catchall 00.png

File:IceWarp catchall 01.png

2020-12-07T14:05:45Z

Dweuthen: Dweuthen uploaded a new version of File:IceWarp catchall 01.png

IceWarp Server Integration

2020-12-07T13:59:00Z

Dweuthen: /* Connection to the IceWarp Server */

{{DISPLAYTITLE:Synchronizing User Accounts with an IceWarp Server}}
{{Directory Services Preamble|IceWarp Server}}

''Please note:'' For using this feature, IceWarp Server API 10.4 or newer is required.

== Accessing the Directory Service Integration ==
{{Directory Services Accessing Configuration|IceWarp Server|Icewarp_sync_01.png}}

== Connection to the IceWarp Server ==
For synchronization MailStore Server requires information on how to connect to the IceWarp Server.

*'''Server Name''' DNS name of the IceWarp server. If you use a self-signed or non-public SSL certificate on the IceWarp server, the option '''Accept all certificates''' may has to be enabled.
*'''User Name''' Name of a user with administrative privileges on the IceWarp server.
*'''Password''' Password of that user.
*'''Timout''' The timout value for IceWarp API requests. For large IceWarp Server user databases it may be necessary to increase this value.

=== Synchronize ===
After configuring the connection settings as described above, you can specify filter criteria for the IceWarp Server user database synchronization in this section.

*'''Domains and Groups''' Choose one or more domains or groups to let only their members be created as MailStore Server Users. If no domains or groups are selected, all users will be synchronized.

{{Directory Services Options|IceWarp Server }}
{{Directory Services Assign Default Privileges|an IceWarp Server }}
{{Directory Services Run Synchronization|IceWarp Server }}
[[File:ApplicationIntegration_sync_02.png|450px|center]]

{{Directory Services Test Authentication}}
'''Important Notice:''' For authentication with the IceWarp Server to work, the respective MailStore Client has to be in a network that is trusted by the IceWarp Server.
{{Directory Services Login with Directory Services Credentials|IceWarp Server}}

[[de:IceWarp_Server-Integration]]
[[en:IceWarp_Server_Integration]]