Domain Defaults
The job of the system administrator is to make sure that the SmarterMail server runs as efficiently as possible. Part of that responsibility is putting measures in place to limit the potential for system abuses and "user error" that could cause problems.
SmarterMail gives system administrators the ability to create a default template that's used as a starting point for all domains that are added to the mail server. This includes the ability to set disk space limits for the domain, set the number of domain aliases that can be created, the number of users and user aliases, the features available for users and more. These defaults can be set at any time and any new domains that are added will have the new settings. However, the new settings can also be propagated to all domains on the server if need be. From here, domain administrators can further lock down user accounts and set their own user limits.
You can make whatever changes you want to the settings on the Domain Defaults page, and any NEW domains that are added to the server from that moment on will have these defaults applied for their users. However, it's also possible to change these settings, then push those settings to all domains, changing their settings to match what you've set as the defaults for new domains. To do this, you use the Propagate button.
System administrators who have the ability to manage domains will see the information below as well, when viewing the Options tab for a specific domain. However, some of the information will be filled out with customer information. Fields such as Domain Name, Hostname, Primary Domain Administrator, etc. will have information specific to the domain being managed.
Domain Actions (⋮)
When viewing the Options for a specific domain on a SmarterMail server, a system administrator has a few different actions they can perform on that domain:
- Rename Domain - This allows for the domain's name to change. For example, changing from a .com to a .net version. Renaming the domain makes all of the necessary changes to files and folder structures.
- Change Domain Path - This allows the system administrator to update the path for a domain if it's been moved. For example, if it's been moved to another location on the same server. When the path is changed, the domain will be temporarily unloaded while its files are moved to the new location.
- Reload Domain - Reloading a domain is essentially "rebooting" the domain: it clears all webmail sessions, reloads the domain's settings, all user settings and files for the domain. If you see odd behavior with users or other odd behavior, reloading the domain may clear things up.
- Detach Domain - Detaching a domain essentially prepares the domain for a move to another server, or even just moving the domain to another drive. Detaching removes the domain from the domains.json file, then, once you've made whatever changes are necessary, you simply attach the domain again. It also logs out any users who are logged in and, more importantly, will remove any Domain Aliases that are set up for the domain. These would have to be re-added once the domain is attached in its new location.
Default Domain Configuration
Domains have a number of configuration settings the govern the features available, various limits for the domain, security features implemented, and much more. The Domain Defaults area is separated into multiple "cards" that contain these various settings. These cards are also mirrored on each domain's "Configuration" tab when it's selected from the Domains page. These cards, and their associated settings, include:
- Options
- Limits
- Features
- EAS (Enterprise Only)
- MAPI & EWS (Enterprise Only)
- Mailing Lists
- OnlyOffice Integration
- Security
- Miscellaneous
- Online Meeting Video / WebRTC (Enterprise Only)
- Priority and Throttling
- Autodiscover
- Propagating Domain Defaults
Options
- Domain Name - When viewing a specific domain, the name of that domain. (When setting up Domain Defaults, this filed is not shown.) For example, example.com. To change the name of a domain in SmarterMail, use the Actions (⋮) button to click on Rename Domain. NOTE: If you rename a domain, users will have to adjust any desktop or mobile clients to use the new domain name. While SmarterMail changes the domain name internally, it can not push the name change to email clients directly. Those have to be updated manually.
- Status - The current status of the domain: Enabled or Disabled. Disabled domains cannot send email and users cannot log in to the Web interface. However, the domain will still receive email to prevent email loss. This option is a good way to temporarily shut off a domain without deleting it.
- Hostname - The URL of the mail server (e.g., mail.domain.com) to be returned for an Autodiscover query by a user of that domain. Instructions on how to Set up Autodiscover for SmarterMail can be found in the SmarterTools Knowledge Base. Note: On the Domain Defaults template, the Hostname field has a default value of "mail.%domain%". This variable allows the Hostname to match the name of the domain, though this setting can be adjusted manually, if desired. This Domain Default setting will be applied to new domains and can be propagated to existing domains on the server.
- Root Mail Path / Folder - The directory in which all information (JSON files, mail statistics, alias information, etc.) pertaining to a domain is saved. To modify a specific domain's folder path, use the Actions (⋮) button and select Change Domain Path.
- Primary Domain Administrator - When viewing a specific domain, the primary domain administrator is the user that has control over all aspects of the domain. Domain administrators are set up when a new domain is added to SmarterMail. If you want to change the primary domain administrator for the domain, start typing the username you want to assign to the role, then select it from the autocomplete options. Only existing users on the domain can be selected as the new primary administrator.
- Outbound IPv4 - The IPv4 address used to connect to external SMTP servers when a message is sent by the domain. If multiple IPv4 IPs are on the server, they will be listed in the dropdown. Selecting "Automatic" will use the primary IP address assigned to the Network Interface Card (NIC). (NOTE: If a different IPv4 address is set for SMTP Out on the Protocols page, that IPv4 address will take precedence over what is set up for the domain.)
- Outbound IPv6 - The IPv6 address used to connect to external SMTP servers when a message is sent by the domain. If multiple IPv4 IPs are on the server, they will be listed in the dropdown. Selecting "Automatic" will use the primary IP address assigned to the Network Interface Card (NIC). If there is none, this setting is ignored. (NOTE: If a different IPv6 address is set for SMTP Out on the Protocols page, that IPv6 address will take precedence over what is set up for the domain.)
- Outbound Gateway - Outbound gateways can reduce the load on the server by using a secondary server to process outgoing mail. Specify an outbound gateway to use for messages sent from this domain. If no options are available, an outbound gateway has not been configured. Instructions on how to Configure SmarterMail as a Free Gateway Server can be found in the SmarterTools Knowledge Base.
- Use primary IP if selections are unavailable - This will use the IP address that's assigned to the Network Interface Card (NIC) on the SmarterMail server.
Limits
- Disk Space MB (0 = Unlimited) - The maximum number of megabytes allocated for the domain. By default, the domain is allocated 500 MB of disk space. This disk space limit also includes file storage and online meetings for users. Note: When this limit is reached, SmarterMail will send a warning to the domain administrator and mailboxes on the domain will not be able to receive new mail.
- Domain Aliases (0 = Unlimited) - The maximum number of domain aliases allowed for the domain. A domain alias is basically an alternate domain name for one that already exists in SmarterMail. For example, imagine you have a domain, 'example.com', in SmarterMail with a user, 'user@example.com'. By adding a domain alias for 'example.net', emails sent to 'user@example.net' will be delivered to 'user@example.com'. That means that emails sent to either domain will end up in the same mailbox. By default, domains are limited to two domain aliases.
- Users (0 = Unlimited) - The maximum number of mailboxes allowed for the domain. By default, domains are limited to 100 users. Note: If your SmarterMail license limits the number of mailboxes allowed on the domain, your license level will override this setting.
- User Aliases (0 = Unlimited) - The maximum number of alias email accounts allowed for the domain. An email alias is essentially a forwarding email address that can be used to forward messages to a single address or multiple email addresses. By default, domains are limited to 1,000 user aliases.
- Max Message Size (KB) - The maximum size email a user can send. By default, the max message size is 512000 KB. This number includes text, HTML, images and attachments. Note: Base64 encoding of attachments increases their size by approximately 35%. Knowing this, and in order to provide a better user experience, SmarterMail allows messages to be sent that are technically over the limit set for Max Message Size. For example, a 10MB message with a 490MB attachment will still be sent even though the actual message size, after base64 encoding, would far exceed the 500MB max limit.
- Max Attached File Size (KB) - The maximum size of attachments, regardless of type, to NON-email related areas such as calendars, tasks, notes, signatures, etc. This is because the Max Message Size limit already calculates attachment size for email messages.
- Recipients per Message (0 = Unlimited) - The maximum number of recipients a message can have. By default, users can send messages to 200 email addresses.
Features
- Active Directory Integration (Enterprise Only) - Select this option to enable active directory authentication. By enabling this, domain administrators will be able to add in the necessary LDAP binding string to import LDAP users.
- Automated Forwarding - Select this option to allow users to enter one or more forwarding addresses that automatically forwards any email that reaches their mailbox. When this feature is enabled, domain administrators can enable or disable Automated Forwarding on a per-user basis. Note: Messages routed to other email folders via content filters or plus addressing will also be forwarded to this address. Messages routed to the Junk Email folder will not be forwarded by default. However, these can be included if the domain's "Forwarding Exclusion" is set to "No exclusion - Forward all mail." In addition, even if disabled messages may still be forwarded to alternative addresses via Events, content filtering or using rules created within email clients.
- Catch-All Alias - Select this option to allow domain administrators to create catch-all email addresses. A catch-all alias is an email address that receives all incoming email that goes to invalid email addresses within the domain. NOTE: This simply enables the ability to set a catch-all alias -- an actual alias will need to be created, or an existing alias edited, and assigned as a catch-all.
- Chat (XMPP) (Enterprise Only) - Select this option to allow users on the domain to chat with each other via the Web interface or any XMPP-compatible chat client. Note: This feature is only available when licensed with SmarterMail Enterprise.
- Cloud Storage Connections - Select this option to allow users to connect different services, like OneDrive and Dropbox, to their SmarterMail accounts to facilitate actions like attaching links to shared files.
- Disposable Address - Select this option to allow users to create a temporary, disposable address independent of their email address. Disposable addresses are generally short-lived and are great for use when signing up for newsletters, getting free downloads, etc. as it means a user doens't have to use they're actual email account when signing up to receive things that could end up putting the user on a mailing list.
- Domain Chat History View - Select this option to allow domain administrators to be able to search through all chat history for any and all users of a domain.
- eM Client - Select this option to allow domain administrators to be able to take advantage of the partnership between SmarterTools and eM Client so that they can receive, distribute, and manage a FREE eM Client Pro license with 3 device activations for their users. For more information, see eM Client Licenses.
- File Storage - Select this option to allow users to access the File Storage section, where users can upload files to the mail server and then share them by sending out links to those files.
- Global Address List - Select this option to provide a listing of all users who have accounts for the particular domain in the Contacts menu icon. If the Global Address List is disabled for a domain, collaboration items, like calendars or notes, will not use autocomplete when adding shared users. Note: This feature is only available when licensed with SmarterMail Enterprise. In addition, MAPI requires use of the Global Address List (GAL) in order to work properly. Therefore, regardless of whether the domain's Global Address List feature is disabled, or a user/alias has Show in GAL disabled, Outlook MAPI will always show the GAL directory and be available via autocomplete when typing in a recipient's email address.
- Webmail Login Customization - Select this option to allow domain administrators to customize the login screen to add a company logo, provide additional branding text, or adjust the default “Login to SmarterMail” text. Note: If you enable this feature to allow the domain to override the custom login display, and the domain administrator does not enable customization for their domain, users will see the default SmarterMail login screen, regardless of whether the login display is customized in the system administrator-level general settings.
- Folder Sharing - Enabled by default, disabling this removes the ability to share items, for users and for the domain as a whole. This includes users sharing folders, calendars, contacts, etc. In addition, it disables the ability for domain administrators to create shared resources such as conference rooms, equipment, domain shared calendars and contacts, etc. NOTE: If sharing was previously enabled, and customers have shared items with others, these shared items will essentially disappear. However, once Enable Sharing is toggled on again, these shares will reappear as long as they have not been removed/unshared by users or domain administrators.
EAS (Enterprise Only)
EAS is the industry standard for synchronizing email clients and mobile devices with email servers like SmarterMail. Using EAS, users can synchronize email, contacts and calendars (and tasks and notes, on supported devices) with email clients, like Windows Mail, and with smartphones and tablets from Apple, Samsung and others. When trialing the add-on or using a paid subscription, the following options will be available:
- Remote Wipe - When enabled, this allows domain administrators to initiate a remote wipe of a device connected via EAS. For example, if a person leaves an organization, administrators can wipe their mobile device(s) to ensure SmarterMail accounts are removed.
- Allow Domain Administrators to manage EAS for users - Enable this setting to allow domain administrators to assign EAS to the number of accounts allocated for the domain.
- Accounts - The maximum number of EAS accounts that can be assigned for the domain.
MAPI & EWS (Enterprise Only)
MAPI/EWS are both protocols used for connecting desktop email clients to SmarterMail to give them Microsoft Exchange-level functionality. MAPI is used by Microsoft Outlook 2016 and above for Windows machines while EWS is used by Apple Mail on MacOS and eM Client on both Windows and MacOS.
- Allow Domain Administrators to manage MAPI/EWS for users - Enable this setting to allow domain administrators to assign MAPI/EWS to the number of accounts allocated for the domain.
- Accounts - The maximum number of MAPI/EWS accounts that can be assigned for the domain.
- Autoresponder Exclusions - To prevent SmarterMail from sending automated messages, such as out-of-office replies, to addresses based on the spam level of the original message, select the appropriate option from the list.
- Forwarding Exclusions - To prevent the system from forwarding messages based on the spam level of the message, select the appropriate option from the list.
- Enable Greylisting - Greylisting is a spam prevention method that temporarily rejects any email from an unrecognized sender. The idea is that a valid message will be re-tried and, therefore, accepted on its subsequent delivery attempt. Though effective, greylisting can lead to a delay in email delivery for a domain. Enable this option to activate greylisting for the domain.
- Enable Sender Verification Shield - Administrators can choose to enable the Sender Verification Shield for users. This is a way to help a user understand whether the sender is truly the sender or not by performing checks on DMARC, DKIM, and SPF, the trusted sender status, etc.
- Inbound Message Delivery - Administrators can specify the domain location for incoming email delivery. This allows you to specify whether the domain is hosted locally or partially/entirely on an external server. The following options are available:
- Local - Select this option if the mail server is hosted locally.
- External (use MX record) - Select this option if the mail server is hosted partially or entirely externally. Messages will be delivered based on an MX lookup. Select the option "Deliver locally if user exists" to perform a local delivery instead of external if the user exists locally.
- External (use host address) - Select this option if the mail server is hosted partially or entirely externally. Messages will be delivered to the specified host address. The host address can either be entered as an IP address or the Fully Qualified Domain Name (FQDN), such as mail.yourdomain.com. Select the option "Deliver locally if user exists" to perform a local delivery instead of external if the user exists locally.
Mailing Lists
Mailing Lists are a great way to allow users to communicate with a number of different individuals via a single email address. For example, many companies use mailing lists to email newsletters, promotional offers, or information about product updates to subscribers. Unlike an Alias, a mailing list allows people to subscribe or unsubscribe from email communications.
- Mailing Lists - Enable this option to allow domain administrators to create and manage mailing lists for their domain.
- Mailing List Command Address - The address used for responding to mailing list requests. For example, if a request is sent requesting a list of all available commands. By default, this is "listserv", but it can be changed as needed.
- Mailing Lists (0 = Unlimited) - The maximum number of mailing lists allowed for the domain. By default, this setting is set to Unlimited.
- Max Message Size (KB) - The maximum size message that can be sent to a mailing list. By default, the maximum message size is set to 512000 KB.
OnlyOffice Integration
OnlyOffice is a complete office suite that gives users the ability to view, edit, and collaborate on documents, spreadsheets, and presentation decks. When enabled, SmarterMail users can edit files currently stored in File Storage, or even create new files and have them stored automatically in their File Storage area.
It's worth noting that OnlyOffice allows a maximum of 20 connections -- or sessions -- to a single installation. That means a maximum number of 20 files open at any one time. Thereofore, if configuring OnlyOffice for more than one domain, separate OnlyOffice installations are recommended in order to maximize the number of connections for users. Regardless, in order to set up OnlyOffice for a domain, you will need to Enable OnlyOffice Integration for the domain, then configure the following:
- OnlyOffice Server URL - This is the full URL to your OnlyOffice server. It can be a FQDN (e.g., onlyoffice.your-domain.com) or an IP address. NOTE: If you plan on using multiple document servers, it's advisable to use different ports for each and then include the proper port in the URL (when using the IP address).
- OnlyOffice Secret Token - This is the secret key that's used to sign the JSON web token and validate the token upon the request to OnlyOffice documents, so it is what allows SmarterMail to connect to OnlyOffice. (See OnlyOffice Tips for location information.)
- Max Connections (0 = Unlimited) - This is the maximum number of connections the domain can make to the OnlyOffice server. NOTE: There can be a maximum of 20 connections to a single OnlyOffice server. This needs to be taken into consideration if you are configuring multiple domains to connect to a single OnlyOffice installation.
- Max Connections for Each User (0 = Unlimited - This is the maximum number of connections a single user can make to the OnlyOffice server. As such, it works in conjunction with the Max Connections setting.
OnlyOffice Tips
- On Linux, your Secret Token can be found in /etc/onlyoffice/documentserver/local.json. (When using Docker, use the
docker exec -it <ontainterID> bash
command to enter the container.) On windows, the Secret Token can be found in %ProgramFiles%\OnlyOffice\documentServer\config\local.json. - If OnlyOffice is running on a different domain than SmarterMail, you will need to remove the x-frame-src header on the OnlyOffice server.
- If you are using OnlyOffice Community Server, be sure to use to include "/ds-vpath" at the end of your OnlyOffice URL. (If NOT using Community Server, this may not be necessary.)
Security
- Two-Step Authentication - Two-Step Authentication is a method of providing a second verification of ownership before a user can log in or connect to third-party clients and/or devices. For example, when a user has Two-Step Authentication enabled, the SmarterMail login page will require their primary password and a secondary verification of ownership before the user can log into webmail. The second method of verification will be provided to the user through popular authentication apps, like Google or Microsoft Authenticator, or through a recovery email address. When this feature is enabled for a domain, the domain administrator can override the system setting and choose whether to enable or force Two-Step Authentication for their users. Options for Two-Step Authentication include:
- Enable - Simply enables Two-Step Authentication, but users have the option to use it or not. It is not required.
- Forced - This enables Two-Step Authentication and forces/requires users to set it up. However, domain administrators have the ability to disable it for their own users.
- Forced - Prevent Domain Disabling - This makes Two-Step Authentication required and removes the ability for domain administrators to turn it off.
- Enable TLS if supported by the remote server - This enables TLS (SSL encryption) for outgoing mail.
- Enable SRS when forwarding messages - Enable this to allow the mail server to re-email (as opposed to "forward") an email message so that it passes any SPF checks on the recipient's end.
- Require SMTP Authentication - Enable this option to require SMTP authentication when sending email. Note: If this option is enabled, users must provide an email address and password to send email when using an email client. (Webmail is automatically authenticated.) SmarterMail supports cram-md5 and login authentication methods.
- Force all traffic over HTTPS - Select this option to force all SmarterMail traffic over HTTPS. This improves SmarterMail security by allowing all traffic to be encrypted. Note: Prior to enabling this setting, any hostname set up in SmarterMail must have a valid SSL certificate in place. If this is enabled and a user navigates to the IP address, the server will attempt a rDNS lookup and then redirect accordingly.
- Enable HSTS - HTTP Strict Transport Security (HSTS) is a response header that helps protect against main-in-the-middle attacks by informing browsers that the site being accessed should only be accessed using HTTPs, and that any future standard HTTP requests should automatically upgrade to HTTPS. Therefore this setting is used in conjunction with "Force all traffic over HTTPS" and/or if there are web server rules in place to automatically force traffic to HTTPS connections. (E.g, IIS rules)
- Show passwords to domain administrators - Enable this option to allow domain administrators to view a user's password (and app passwords, if the user is protected by Two-Step Authentication). Note that passwords cannot be viewed when the authentication method is set to Active Directory.
Miscellaneous
- Postmaster Mailbox - The system administrator can specify an email address that's used as the postmaster address for a specific domain. If there's no specific postmaster@ user set up for a domain, then the primary domain administrator address is generally entered here. The Postmaster address is essentially an Alias: if someone emails postmaster@, the email is forwarded to the address entered here, just as it is for an Alias. If an Account, Alias or Mailing List already exists with the "postmaster" username/name, then this field is ignored.
- Logout URL - Generally, when users logout of webmail they're presented with the standard webmail login page. However, a system administrator can enter a custom URL to a page that is presented to users when they log out of webmail.
- Allow domain administrators to create domain aliases - Enable this option to allow domain administrators to create domain aliases. A domain alias is basically an alternate domain name for one that already exists in SmarterMail. For example, imagine you have a domain, 'example.com', in SmarterMail with a user, 'user@example.com'. By adding a domain alias for 'example.net', emails sent to 'user@example.net' will be delivered to 'user@example.com'. That means that emails sent to either domain will end up in the same mailbox.
- Allow domain administrators to manage Mailbox Size Limit for users - When this setting is enabled, domain administrators will be able to modify a user's Mailbox Size Limit and propagate the setting to users. When this setting is disabled, domain administrators will be able to see the current Mailbox Size Limit, but they will be unable to edit the value or propagate changes to users. NOTE: A system administrator will always be able to manage a user's Mailbox Size Limit when impersonating a domain administrator and editing a user.
- Allow users to edit their profile - When enabled, this allows users to manually edit their profile information. (I.e., modify their Display Name, contact information, etc.) It also makes the "Allow users to opt out of Global Address List" setting visible. NOTE: For Active Directory administrators, or companies who use Active Directory for user administration, this setting can be disabled for all users in Domain Defaults, which means any profile information is "read only" for users and, instead, managed by Active Directory.
- Exclude IP from received line - Select this option to remove the client's IP address from the received header on messages received through SMTP. Note: Removing the IP address from the received header is not recommended because it violates RFC.
Online Meetings Video / WebRTC (Enterprise Only)
Select this option to allow users to create online meetings, which allow for video chatting and shared documents with users on the domain and guests alike. Technical Note: Video conferencing within online meetings utilizes WebRTC. WebRTC will prefer UDP as the communications protocol, but it will use TCP if it's the only available method through the firewall. For ports, WebRTC will use anything in the 0-65535 range to transfer video and audio. In order to establish the connection, port 3478 should be open. In addition, WebRTC uses VP8 or H.264 for video codecs and Opus for audio, though this can vary depending on device, OS and browser. WebRTC handles this selection automatically.
It's also possible to use a separate STUN/TURN server for online meetings versus using the included STUN/TURN server. This is generally best when multiple domains will be using the Online Meetings feature as it offloads these meetings to a separate server. If no servers are specified, SmarterMail will use the default STUN/TURN settings for online meetings.
Priority and Throttling
Use this card to prioritize the remote delivery of standard messages and configure the throttling options for the domain. By default, all messages for all users are sent at a normal priority with the exception of mailing lists, which default to low priority. Messages that fail the first attempt to deliver get automatically "degraded" in priority to low.
Throttling, on the other hand, allows system administrators to limit the number of messages per hour and/or the amount of bandwidth used per hour to send messages, either at the domain level, the user level, or a mix of both. If the throttling action is set to Reject, SmarterMail will bounce any messages attempting to be sent after the threshold is met, until the next session. If the throttling action is set to Delay, SmarterMail will allow the message into the spool and trickle delivery.
The way throttling works is as follows: Anytime an SMTP session is made to deliver a message to any outside user (i.e., not a local delivery), that session counts against the throttling limits that are set. For example, if a user sends 5000 emails to 5000 Gmail users, that's 5000 messages that count against their "Outbound Messages per Hour" throttling limit, if that user has throttling set up, or their domain's throttling limit. However, if they send 5000 emails but 4000 to Gmail users, and 1000 go to other users on their domain, only 4000 messages count as the other 1000 are delivered locally. So, throttling limits are only counted for messages that are sent to another server; throttling limits do NOT count for local deliveries.
There is also a timing element involved with throttling: things like spool delays, delivery delays, etc. can impact whether or not messages count against whatever throttling limits are set. However, those issues are generally few and far between.
- Delivery Priority - The priority level for messages that don't have another priority affecting it.
- Outbound Messages per Hour - The number of messages sent by the domain per hour. By default, the number of outgoing messages is 5,000.
- Message Throttling Action - The action SmarterMail should take when the message throttling threshold is reached.
- Outbound Bandwidth MB per Hour - The total number of MBs sent by the domain per hour. By default, the outgoing bandwidth is 100.
- Bandwidth Throttling Action - The action SmarterMail should take when the bandwidth throttling threshold is reached.
- Bounces Received per Hour - As bounce messages are received from null senders per RFCs, this setting dictates the number of messages from null senders a domain can receive over SMTP before any further messages from null senders will be rejected. By default, a domain can receive 1,000 bounces per hour.
- Bounces Throttling Action - The action SmarterMail should take when the bounces throttling threshold is reached.
Autodiscover
Autodiscover is a service that allows email clients to automatically determine a user's mail server address and port from that user's email address and password alone. This greatly simplifies a user's setup process when attempting to connect SmarterMail to a desktop client, like Outlook and Apple Mail, as well as mobile clients. Autodiscover settings can be configured per protocol and per domain. Instructions on how to Set up Autodiscover for SmarterMail can be found in the SmarterTools Knowledge Base.
With the appropriate DNS records and IIS configuration in place, you can use this section to enable or disable specific protocols from returning Autodiscover results. When a protocol is enabled for Autodiscover, clicking on that protocol's settings cog will open a window where the encryption type and port can be adjusted. Utilizing Autodiscover with MAPI/EWS or EAS requires encryption over SSL or TLS. Therefore, port 443 MUST be available and not blocked by a firewall. NOTE: If a user has POP disabled for their account, their POP Autodiscover request will not be fulfilled, even if POP is enabled for Autodiscover. This applies to all protocols in their account's Service Access settings.
Overriding the Default Desktop and/or Mobile XML Responses
Administrators with advanced Autodiscover knowledge can override the default XML response that is sent from the domain when Autodiscover is requested. However, please understand that these settings should NOT be modified without advanced knowledge of the XML responses used with Autodiscover. Adjusting the custom XML incorrectly can result in invalid responses returned meaning users will be unable to connect to their email client(s). Furthermore, if you turn on an override but never save any custom XML, SmarterMail will use the default protocol settings. However, if the override is turned on, ANY text you save to the Custom XML area will be used for the Autodiscover response. If you save custom text, then later remove that text and save a blank entry, Autodiscover will send a blank response. Therefore, it is imperative that you only enable the override and enter custom Autodiscover XML if you are absolutely sure what you're using is correct.
There are two types of Autodiscover responses that can be modified: Mobile XML and Desktop XML. The mobile XML response is strictly used with EAS. The desktop XML response is used with everything else, including IMAP, POP, SMTP In, MAPI and EWS.
In the textbox window that appears after enabling the override of the XML, clicking on Generate will show the XML response that SmarterMail would normally send on an Autodiscover request. You can generate this response to make adjustments as needed, or simply enter the XML response you would like to use. When adjusting the XML, don't remove or modify variables such as %EmailAddress%, %Base64EmailAddress%, %DisplayName% or %LegacyDN% since these are used to identify the user making the Autodiscover request. Also note that although changes are not validated by SmarterMail, any changes made to the XML response should be within RFC guidelines.
Propagation
When changes to domain defaults are made, these changes only apply to any new domains that are added AFTER the changes are saved. However, system administrators can make changes to Domain Defaults then propagate those changes to all domains. In order to apply domain settings to all of the existing domains, do the following:
- First, make any changes you want on this page, then click the Save button.
- Next, click on the Propagate button. A modal window opens up.
- Scroll down the list of settings, placing a check mark next to the settings you want to push to your domains. Not all settings need to be propagated, only those settings that have been changed.
- Once you've selected your changes, click the Propagate button.
Changes to Individual Domains
If changes need to be made for individual domains, these can be handled by clicking on the domain from the Domains page, then making modifications using the tabs available to system administrators. For example, if a system administrator wants all domains to have Cloud Storage Connections disabled, but grant Cloud Storage Connections to individual domains, the setting can be disabled on Domain Defaults, but enabled for specific domains on their Options tab.