NAME¶
kopano-server.cfg - The Kopano configuration file
DESCRIPTION¶
The server.cfg is a configuration file for the kopano-server
process. server.cfg contains instructions for the software to set up the
database environment, logging system and user backend.
The file consists of one big section, but parameters can be
grouped by functionality.
The parameters are written in the form:
name = value
The file is line-based. Each newline-terminated line represents
either a comment, nothing, a parameter or a directive. A line beginning with
`#' is considered a comment, and will be ignored by Kopano. Parameter names
are case sensitive. Lines beginning with `!' are directives.
Directives are written in the form:
!directive [argument(s)]
The following directives exist:
include
Include and process
argument
Example: !include common.cfg
EXPLANATION OF THE SERVER SETTINGS PARAMETERS¶
- server_listen
- A space-separated list of address:port specifiers for where the server
should listen for unencrypted connections. IPv6 addresses need to be
enclosed in brackets (as in [2a01:db1::]:236), and the asterisk is
the multi-protocol address wildcard.
- server_bind
- This historic directive specifies a single IPv4/IPv6 address to bind to.
Its use is discouraged in favor of server_listen and
server_listen_tls.
- server_tcp_enabled,
server_tcp_port
- These historic directive specify the single port to bind to for
unencrypted connections. Their use is discouraged in favor of
server_listen. The address is mandated by server_bind.
server_pipe_enabled
Enable Unix pipe connections. Should not be disabled.
Default: yes
server_recv_timeout
TCP and SSL receive timeout in seconds. This is the time
that a TCP connection may be idle (between requests) before the TCP connection
is closed from the server. Settings this high makes it less necessary for
clients to re-connect, but increases the total number of concurrent open
sockets in the server. You normally needn't change the default value.
Default: 5
server_read_timeout
TCP and SSL read timeout in seconds. The read timeout is
the amount of time that the server will wait to read more data from a socket,
after processing of the request has started. This needn't be changed in most
cases.
Default: 60
server_send_timeout
TCP and SSL send timeout in seconds. The send timeout is
the amount of time that the server will wait to write data to a socket,
analogous to server_read_timeout.
Default: 60
server_pipe_name
Unix socket to listen on.
Default: /var/run/kopano/server.sock
server_pipe_priority
Priority unix socket to listen on. This socket should
only be used by prioritized services such as kopano-stats.
Default: /var/run/kopano/prio.sock
server_name
Unique name for identifying the server in a multi-server
environment.
Default: Kopano
server_hostname
DNS name of the server. This is used for the Kerberos
single sign-on environment. If empty (default), the FQDN or hostname will be
used.
Default:
database_engine
The database engine to use. Values can be:
mysql
Use MySQL.
Default: mysql
allow_local_users
Named Unix users which connect through the unix socket
(server_pipe_name) which are added here, those users will become the internal
SYSTEM user in Kopano, and have administrative rights. Normally, this is only
'root', so the unix root user can use the kopano-admin tool. You can add a
generic user to be used by the kopano-dagent here. This user is most likely
called 'vmail'. Note that the field is SPACE separated.
Default: root
system_email_address
This is the e-mail address of the SYSTEM user. When
people receive mail from the quota monitor, or receive fallback deliveries
from the kopano-dagent, the From email address is this field. You might want
to change this field so people can reply to this address.
Default: postmaster@localhost
run_as_user
After correctly starting, the server process will become
this user, dropping root privileges. Note that the log file needs to be
writeable by this user, and the directory too to create new logfiles after
logrotation. This can also be achieved by setting the correct group and
permissions.
Default value is empty, not changing the user after starting.
run_as_group
After correctly starting, the server process will become
this group, dropping root privileges.
Default value is empty, not changing the group after starting.
pid_file
Write the process ID number to this file. This is used by
the init.d script to correctly stop/restart the service.
Default: /var/run/kopano/server.pid
running_path
Change directory to this path when running in daemonize
mode. When using the -F switch to run in the foreground the directory will not
be changed.
Default: /
coredump_enabled
When a crash occurs or an assertion fails, a coredump
file can be generated. This file should be sent along with the crash report.
It is turned on by default in Kopano, but your system may have it disabled.
For details, see the kopano-coredump(5) manpage.
session_timeout
The session timeout specifies how many seconds must
elapse without any activity from a client before the server counts the session
as dead. The client sends keepalive requests every 60 seconds, so the session
timeout can never be below 60. In fact, if you specify a timeout below 300,
300 will be taken as the session timeout instead. This makes sure you can
never timeout your session while the Kopano client is running.
Setting the session timeout low will keep the session count and
therefore the memory usage on the server low, but may also timeout sessions
of client that have lost network connectivity temporarily. For example, some
clients with powersaving modes will disable the ethernet card during the
screensaver. When this happens, you must set the session_timeout to a value
that is higher than the time that it takes for the network connection to
come back. This could be anything ranging up to several hours.
Default: 300
session_ip_check
Normally, a session is linked to an IP-address, so this
check is enabled. You may want to disable this check when you have laptop's
which can get multiple ip-adresses through wired and wireless networks. It is
highly recommended to leave this check enabled, since the session id can be
used by other machines, and thus introduces a large security risc. The session
id is 64 bits.
Default: yes
hide_everyone
If this option is set to 'yes', the internal group
Everyone (which always contains all users) will be hidden from the Global
Addressbook. Thus, users will not be able to send e-mail to this group
anymore, and also will not be able to set access rights on folders for this
group. Administrators will still be able to see and use the group.
Default: no
hide_system
If this option is set to 'yes', the internal user SYSTEM
will be hidden from the Global Addressbook. Thus, users will not be able to
send e-mail to this user anymore. Administrators will still be able to see and
use the user.
Default: yes
allocator_library
This setting allows one to preload a special library
(such as an allocator). On startup, the server will set the LD_PRELOAD
environment variable for itself and then re-execute itself to get it loaded
with high priority. If this option is empty, the default system allocator
(from libc) will be used instead, which is probably a better choice when
debugging with gdb, valgrind or ASAN/UBSAN. The environment variable
KC_ALLOCATOR_DONE may also be set to a non-empty value to disable re-exec.
Default: libtcmalloc_minimal.so.4
EXPLANATION OF THE LOGGING SETTINGS PARAMETERS¶
log_method
The method which should be used for logging. Valid values
are:
syslog
Use the Linux system log. All messages will be written to
the mail facility. See also syslog.conf(5).
file
Log to a file. The filename will be specified in
log_file.
Default: file
log_file
When logging to a file, specify the filename in this
parameter. Use
- (minus sign) for stderr output.
Default: /var/log/kopano/server.log
log_level
The level of output for logging in the range from 0 to 5.
0 means no logging, 5 means full logging.
Default: 2
Extended logging per component is available for development and
can be combined to log multiple components at the same time.
Component |
Value |
SQL |
0x00010000 |
USERPLUGIN |
0x00020000 |
CACHE |
0x00040000 |
USERCACHE |
0x00080000 |
SOAP |
0x00100000 |
ICS |
0x00200000 |
log_timestamp
Specify whether to prefix each log line with a timestamp
in 'file' logging mode.
Default: 1
log_buffer_size
Buffer logging in what sized blocks. The special value 0
selects line buffering.
Default: 0
EXPLANATION OF THE SECURITY LOGGING SETTINGS PARAMETERS¶
audit_log_enabled
Whether the security logging feature should be enabled.
Default: no
audit_log_method
The method which should be used for logging. Valid values
are:
syslog
Use the Linux system log. All messages will be written to
the authpriv facility. See also syslog.conf(5).
file
Log to a file. The filename will be specified in
log_file.
Default: syslog
audit_log_file
When logging to a file, specify the filename in this
parameter. Use
- (minus sign) for stderr output.
Default: -
audit_log_level
The level of output for logging in the range from 0 to 1.
0 means no logging, 1 means full logging.
Default: 1
audit_log_timestamp
Specify whether to prefix each log line with a timestamp
in 'file' logging mode.
Default: 1
EXPLANATION OF THE MYSQL SETTINGS PARAMETERS¶
mysql_host
The hostname of the MySQL server to use.
Default: localhost
mysql_port
The port of the MySQL server to use.
Default: 3306
mysql_user
The user under which we connect with MySQL.
Default: root
mysql_password
The password to use for MySQL. Leave empty for no
password.
Default:
mysql_socket
The socket of the MySQL server to use. This option can be
used to override the default mysql socket. To use the socket, the mysql_host
value must be empty or 'localhost'
Default:
mysql_database
The MySQL database to connect to.
Default: kopano
mysql_group_concat_max_len
The group_concat_max_len used to set for MySQL. If you
have large distribution lists (more than 150 members), it is useful to set
this value higher. On the other hand, some MySQL versions are known to break
with a value higher than 21844.
Default: 21844
attachment_storage
The location where attachments are stored. This can be in
the MySQL database, or as separate files. The drawback of 'database' is that
the large data of attachment will push useful data from the MySQL cache. The
drawback of separate files is that a mysqldump is not enough for a full
disaster recovery.
Default: files
attachment_path
When the attachment_storage option is 'files', this
option sets the location of the attachments on disk. Note that the server runs
as the 'run_as_user' user and 'run_as_group' group, which will require write
access to this directory.
Default: /var/lib/kopano/attachments
attachment_compression
When the attachment_storage option is 'files', this
option controls the compression level for the attachments. Higher compression
levels will compress data better, but at the cost of CPU usage. Lower
compression levels will require less CPU but will compress data less. Setting
the compression level to 0 will effectively disable compression completely.
Changing the compression level, or switching it on or off, will
not affect any existing attachments, and will remain accessible as
normal.
Set to 0 to disable compression completely. The maximum
compression level is 9
Default: 6
EXPLANATION OF THE SSL SETTINGS PARAMETERS¶
- server_listen_tls
- A space-separated list of address:port specifiers for where the server
should listen for TLS connections, similar to the server_listen
directive. The default value is empty, which means no ports will be
listened on for TLS. When this option is used, you must set the SSL key
options correctly, otherwise the server not start.
- server_ssl_enabled,
server_ssl_port
- These historic directive specify the single port to bind to for SSL
connections. Their use is discouraged in favor of
server_listen_tls. The address is mandated by
server_bind.
server_ssl_key_file
The file containing the private key and certificate.
Please read the SSL section in the
kopano-server(8) manual on how to
create this file.
Default: /etc/kopano/ssl/server.pem
server_ssl_key_pass
Enter your password here when your key file contains a
password to be readable.
No default set.
server_ssl_ca_file
The CA file which was used to sign client SSL
certificates. This CA will be trusted. This value must be set for clients to
login with an SSL Key. Their public key must be present in the sslkeys_path
directory.
No default set.
server_ssl_ca_path
When you have multiple CA's to trust, you may use this
option. Set this to a directory which contains all your trusted CA
certificates. The name of the certificate needs to be the hash of the
certificate. You can get the hash value of the certificate with the following
command:
openssl x509 -hash -noout -in cacert.pem
Create a symbolic link to the certificate with the hashname like
this:
ln -s cacert.pem `openssl x509 -hash -noout -in cacert.pem`.0
If you have several certificates which result in the same hash,
use .1, .2, etc. in the end of the filename.
No default set.
sslkeys_path
The path which contains public keys of clients which can
login over SSL using their key. Please read the SSL section in the
kopano-server(8) manual on how to create these files.
Default: /etc/kopano/sslkeys
server_ssl_protocols
Disabled or enabled protocol names. Supported protocol
names are
SSLv3 and
TLSv1. If Kopano was linked against OpenSSL
1.0.1 or later there is additional support for the new protocols
TLSv1.1 and
TLSv1.2. To exclude both SSLv3 and TLSv1, set
server_ssl_protocols to
!SSLv3 !TLSv1.
Default: SSLv2 being disabled
server_ssl_ciphers
SSL ciphers to use, set to
ALL for backward
compatibility.
Default: ALL:!LOW:!SSLv2:!EXP:!aNULL
server_ssl_prefer_server_ciphers
Prefer the server's order of SSL ciphers over client's.
Default: no
EXPLANATION OF THE THREADING PARAMETERS¶
threads
Number of server threads.
Default: 8
watchdog_frequency
Watchdog frequency. The number of watchdog checks per
second.
Default: 1
watchdog_max_age
Watchdog max age. The maximum age in ms of a task before
a new thread is started.
Default: 500
server_recv_timeout
SOAP recv timeout value.
Default: 5
server_send_timeout
SOAP send timeout value.
Default: 60
EXPLANATION OF THE OTHER SETTINGS PARAMETERS¶
softdelete_lifetime
Softdelete clean cycle, in days. 0 means never. Items
older than this setting will be removed from the database.
Default: 0
sync_lifetime
Synchronization clean cycle, in days. 0 means never.
Synchronizations older than this setting will be removed from the database.
Default: 90
enable_sso
When you configured your system for single sign-on, you
can enable this by setting the value to
yes. The server can autodetect
between NTLM and Kerberos. For NTLM authentication you will need the ntlm_auth
program from Samba. Please see the server installation manual on howto enable
your system for single sign-on.
Default: no
enable_gab
Enables viewing of the Global Address Book (GAB) by
users. Disabling the GAB will show an empty list in the GAB, which may be
required for some installations. Resolving addresses is not affected by this
option.
Users with administrator rights are also not affected by this
option and always have access to the GAB.
Default: yes
auth_method
Authentication is normally done in the user plugin. In
case your plugin cannot provide the authentication, you may set this to pam,
and set the pam_service to authenticate through pam. Another choice is
kerberos. The user password will be verified using the kerberos service. Note
that is not a single-signon method, since the server requires the user
password.
Default: plugin
restrict_admin_permissions
Normally, admin users are granted all permissions on all
stores in the server, or for stores in the tenant's company (in multi-tenant
mode). Enabling this option restricts permissions to folder operations: Folder
viewing, folder creation and importantly, folder permissions. This means that
an administrator can grant himself full permissions on a folder. However, in
combination with auditing, it provides an extra level of security protection
against unwanted access.
Note that some applications may require full access to all stores,
which would be restricted by this option. Also, this option cannot be reset
by sending a HUP signal, so a full server restart is required to change the
setting.
Default: no
embedded_attachment_limit
Defines the number of
attachment-in-attachment-in-attachment levels allowed when saving and
replicating a MAPI object. This limit can be made higher if needed, but will
also require you to increase the stack_size in mysql to allow for correct
exporting for replication.
Default: no
pam_service
This is the pam service name. Pam services can be found
in /etc/pam.d/.
Default: passwd
max_deferred_records
The server has a list of deferred writes to the
tproperties table, to improve overall I/O performance. The number of deferred
writes is kept below this value; setting it high will allow writes to be more
efficient by grouping more writes together, but may slow down reading, and
setting it low will force writes to complete directly, but speed up reading of
tables.
Default: 0 (off)
max_deferred_records_folder
Same as the max_deferred_records variable, but per folder
instead of total.
Default: 20
disabled_features
In this list you can disable certain features for users.
Normally all features are enabled for all users, making it possible through
the user plugin to disable specific features for specific users. To set the
default of a feature to disabled, add it here to the list, making it possible
through the user plugin to enable a specific user for specific users.
This list is space separated, and currently may contain the
following features: imap, pop3.
Default: imap pop3
EXPLANATION OF THE CACHE SETTINGS PARAMETERS¶
cache_cell_size
Size in bytes of the cell cache. This is the main cache
used in Kopano. It caches all data that comes into view in tables (ie the view
of your inbox, or any other folder). In an ideal situation, all cells would be
cached, so that the database does not need to be queried for data when
browsing through folders, but this would require around 1.5K per message item
(e-mail, appointment task, etc) in the entire server. If you can afford it,
set this value as high as possible, up to 50% of your total RAM capacity. Make
sure this doesn't lead to swapping though. This value may contain a k, m or g
multiplier.
Default: 256M
cache_object_size
This caches objects and their respective hierarchy of
folders. You can calculate the size with a simple equation:
concurrent users * max items in a folder * 24
This value may contain a k, m or g multiplier.
Default: 5M
cache_indexedobject_size
This cache contains unique IDs of objects. This cache is
used twice, also by the index2 cache, which is the inverse of the index1
cache. This value may contain a k, m or g multiplier.
Default: 16M
cache_quota_size
This cache contains quota values of users. This value may
contain a k, m or g multiplier.
Default: 1M
cache_quota_lifetime
This sets the lifetime for quota details inside the
cache. If quota details weren't queried during this period it is removed from
the cache making room for more often requested quota details. Set to 0 to
never expire, or -1 to disable this cache.
Default: 1 (1 minute)
cache_acl_size
This cache contains Access Control List values. Folders
who are opened in other stores than your own are listed in the ACL table, and
will be cached. This value may contain a k, m or g multiplier.
Default: 1M
cache_store_size
This cache contains store id values. This value may
contain a k, m or g multiplier.
Default: 1M
cache_user_size
This cache contains user id values. This cache is used
twice, also by the externid cache, which is the inverse of this cache. This
value may contain a k, m or g multiplier.
Default: 1M
cache_userdetails_size
This cache contains the details of users. This value may
contain a k, m or g multiplier.
Default: 3M
cache_userdetails_lifetime
This sets the lifetime for user details inside the cache.
If user details weren't queried during this period it is removed from the
cache making room for more often requested user details. Set to 0 to never
expire, or -1 to disable this cache.
Default: 0 (never expire)
cache_server_size
This cache contains server locations. This cache is only
used in multiserver mode. This value may contain a k, m or g multiplier.
Default: 1M
cache_server_lifetime
This sets the lifetime for server location details inside
the cache. If server details weren't queried during this period it is removed
from the cache making room for more often requested server details. Set to 0
to never expire, or -1 to disable this cache.
Default: 30 (30 minutes)
EXPLANATION OF THE QUOTA SETTINGS PARAMETERS¶
quota_warn
Size in Mb of de default quota warning level. Use 0 to
disable this quota level.
Default: 0
quota_soft
Size in Mb of de default quota soft level. Use 0 to
disable this quota level.
Default: 0
quota_hard
Size in Mb of de default quota hard level. Use 0 to
disable this quota level.
Default: 0
companyquota_warn
Size in Mb of de default quota warning level for
multitenant public stores. Use 0 to disable this quota level.
Default: 0
EXPLANATION OF THE USER PLUGIN SETTINGS PARAMETERS¶
user_plugin
The source of the user base. Possible values are:
db
Retrieve the users from the Kopano database. Use the
kopano-admin tool to create users and groups. There are no additional settings
for this plugin.
ldap
Retrieve the users and groups information from an LDAP
server. All additional LDAP settings are set in a separate config file, which
will be defined by the user_plugin_config. See also
kopano-ldap.cfg(5).
unix
Retrieve the users and groups information from the Linux
password files. User information will be read the /etc/passwd file. Passwords
will be checked against /etc/shadow. Group information will read from
/etc/group. Use the
kopano-admin(8) tool to set Kopano specific
attributes on a user.
All additional Unix settings are set in a separate config file,
which will be defined by the user_plugin_config. See also
kopano-unix.cfg(5)
Default: db
createuser_script, deleteuser_script,
creategroup_script, deletegroup_script,
createcompany_script, deletecompany_script
These scripts are called by the server when the external
user source, like LDAP, is different from the users, groups and companies
which are known to Kopano. The script uses a environment variable to see which
user, group or tenant is affected. The following parameter is used for the
script:
createuser_script
KOPANO_USER contains the new username. The script
should at least call
kopano-admin --create-store
"${KOPANO_USER}" to correctly create the store for the new
user.
Default: /etc/kopano/userscripts/createuser
deleteuser_script
KOPANO_STOREID contains the old id of the store of
the removed user.
Default: /etc/kopano/userscripts/deleteuser
creategroup_script
KOPANO_GROUP contains the new groupname. No action
is currently needed by the script.
Default: /etc/kopano/userscripts/creategroup
deletegroup_script
KOPANO_GROUPID contains the old id of the group.
No action is currently needed by the script.
Default: /etc/kopano/userscripts/deletegroup
createcompany_script
KOPANO_COMPANY contains the new companyname. No
action is currently needed by the script.
Default: /etc/kopano/userscripts/createcompany
deletecompany_script
KOPANO_COMPANYID contains the old id of the
company. No action is currently needed by the script.
Default: /etc/kopano/userscripts/deletecompany
user_safe_mode
If enabled, the storage server will only log when create,
delete and move actions are done on an user object. This might be useful when
you are testing changes to your plugin configuration.
Default: no
EXPLANATION OF S3 PARAMETERS¶
attachment_s3_hostname
The hostname of the entry point to the S3 cloud where the
bucket is located.
If you are using minio or another S3 compatible implementation
that is using another port, you can specify the port with hostname:port.
attachment_s3_region
The region where the bucket is located
attachment_s3_protocol
The protocol that should be used to connect to S3,
"http" or "https" (preferred).
attachment_s3_uristyle
The URL style of the bucket, "virtualhost" or
"path".
attachment_s3_accesskeyid
The access key id of your S3 account.
attachment_s3_secretaccesskey
The secret access key of your S3 account.
attachment_s3_bucketname
The bucket name in which the files will be stored.
EXPLANATION OF MISCELLEANIOUS PARAMETERS¶
enable_hosted_kopano
Enable multi-tenancy environment.
When set to true it is possible to create companies within the
kopano instance and assign all users and groups to particular companies.
When set to false, the normal single-tenancy environment is
created.
Default: false
enable_distributed_kopano
Enable multi-server environment.
When set to true it is possible to place users and companies on
specific servers.
When set to false, the normal single-server environment is
created.
Default: false
storename_format
Display format of store name.
Allowed variables:
%u
Username
%f
Fullname
%c
Companyname
Default: %f
loginname_format
Loginname format (for multi-tenancy installations). When
the user does not login through a system-wide unique username (like the email
address) a unique name has created by combining the username and the
tenancyname. With the this configuration option you can set how the loginname
should be build up.
Allowed variables:
%u
Username
%c
Companyname
Default: %u
client_update_enabled
Enable client updates.
You can place the Kopano Outlook Client installer in the
client_update_path directory, and enable this option. Windows clients which
have the automatic updater program installed will be able to download the
latest client from the storage server.
Default: false
client_update_path
This is the path where you will place the Kopano Outlook
Client MSI install program for Windows clients to download. You need the
client_update_enabled option set to
true for clients to actually
download this file through the storage server.
Default: /var/lib/kopano/client
client_update_log_level
Receive the log information from the client auto update
service.
Options: 0 disable, 1 sent only with errors, 2 always sent
Default: 1
client_update_log_path
Log location for the client auto update files
You need the client_update_log_level option set to non-zero
value to receive log files from the client.
Default: /var/log/kopano/autoupdate
search_enabled
Use the kopano-search indexing service for faster
searching. Enabling this option requires the
kopano-search(8) service
to be running.
Default: yes
search_socket
Path to the
kopano-search(8) service, this option
is only required if the server is going to make use of the indexing service.
Default: file:///var/run/kopano/search.sock
search_timeout
Time (in seconds) to wait for a connection to the
kopano-search(8) before terminating the indexed search request.
Default: 10
enable_enhanced_ics
Allow enhanced ICS operations to speedup synchronization
with cached profiles. Only disable this option for debugging purposes.
Default: yes
enable_sql_procedures
SQL Procedures allow for some optimized queries when
streaming with enhanced ICS. This is default disabled because you must set
'thread_stack = 256k' in your MySQL server config under the [mysqld] tag and
restart your MySQL server.
Default: no
folder_max_items
Limits the amount of items (messages or folders) in a
single folder. This makes sure that the server will not attempt to load
folders that are so large that it would require huge amounts of memory just to
show the data. In practice, folders of over 1000000 items are usually created
by runaway processes which are therefore useless anyway.
Default: 1000000
sync_gab_realtime
When set to 'yes', kopano will synchronize the local user
list whenever a list of users is requested (eg during kopano-admin -l or when
opening the addressbook). When setting this value to 'no', synchronization
will only occur during kopano-admin --sync. This is useful for setups which
have large addressbooks (more than 1000 entries in the addressbook).
This option is forced to 'yes' when using the 'db' plugin since
synchronization is implicit in that case.
Default: yes
proxy_header
In normal operation, a cluster of kopano-server nodes is
served by sending redirections back to the clients requesting information. The
redirection URL is built from the server's information in the LDAP database.
However, in some cases it is useful to place the kopano-server instances
behind a reverse HTTP proxy. In this case the redirected URL returned to the
client cannot be the 'normal' hostname, but must be a URL that is handled by
the proxy.
However, internal ('behind' the proxy) redirections must *not* be
redirected to the proxy since this is not necessary. The strategy is that
kopano-server will redirect to the proxy URL if the connection that
initiated the redirect passed through a proxy. The way that this is detected
is by examining an HTTP header. If the header specified by this option is
found, then redirections will be to the proxy. If it is not, then
redirections will be to the internal host. If the special value '*' is
specified for this option, then the proxy URL will always be used.
Specifying an empty value disables proxy detection.
Another effect of this option is that when a proxy connection is
detected, kopano-server attempts to use the 'X-Forwarded-For' header to
determine the originating IP address. This is used for logging and session
binding (a session initiated on a certain IP address may not be accessed
from another IP address).
Default:
shared_reminders
Enable/disable reminders for shared stores.
Default: yes
RELOADING¶
The following options are reloadable by sending the kopano-server
process a HUP signal or reload the process by the initscript
system_email_address, local_admin_users, allow_local_users,
hide_system, hide_everyone, auth_method, pam_service, enable_sso,
enable_gab, sync_gab_realtime
session_timeout, server_recv_timeout, server_read_timeout,
server_send_timeout, sync_lifetime
log_level, audit_log_level
threads, watchdog_max_age, watchdog_frequency,
max_deferred_records, max_deferred_records_folder
user_safe_mode, enable_enhanced_ics, client_update_log_level,
client_update_path, client_update_log_path
search_enabled, search_socket, search_timeout, disabled_features,
mysql_group_concat_max_len, embedded_attachment_limit, proxy_header
quota_warn, quota_soft, quota_hard, companyquota_warn
createuser_script, deleteuser_script, creategroup_script,
deletegroup_script, createcompany_script, deletecompany_script
FILES¶
/etc/kopano/server.cfg
The server configuration file.
/etc/kopano/ldap.cfg
The Kopano LDAP user plugin configuration file.
/etc/kopano/unix.cfg
The Kopano Unix user plugin configuration file.
AUTHOR¶
Written by Kopano.
SEE ALSO¶
kopano-server(8), kopano-ldap.cfg(5),
kopano-unix.cfg(5)