Domains
Intro
Installation
SysAdmin
Objects 
Domains
Mapping 
Accounts 
Groups 
Forwarders 
Mailboxes 
Account Data 
Transfer
Access
Directory
Data Files
Clusters
WebMail
Miscellaneous
Licensing
HowTo

CommuniGate Pro Server can serve accounts in its Main Domain, and, optionally, in multiple Secondary Domains, each with its own set of user accounts (and other objects such as mailing lists, groups, and forwarders).

Every domain can have one or several aliases (alternative names). All domain names and domain aliases should be unique, and they should be registered with the Domain Name System (DNS).

In many cases, a mail domain should not have a separate set of user accounts, but should rather be a domain name alias for an already existing CommuniGate Pro domain. You may also want to serve some mail domains using account mapping and/or Unified Domain-Wide Accounts. In all these cases, you do not have to create a new CommuniGate Pro Secondary domain to serve a mail domain.

See the Mapping section for the details.

When a client application (a mailer) connects to your CommuniGate Pro server, and specifies an account name, the Server has to detect in which domain to look for that account.

You can use Secondary domains if:

oror See the Access section for the details.

Displaying the Domain List

To display the list of all Domains served with your server, use a Web browser and enter the Domains section. You should be connected as the Postmaster or any other user with the Can Modify All Accounts and Domains access rights.

Filter:
2083 Accounts 3 of 3 Domains selected Show Aliases 3 selected
Domain IP Address Accounts Open Hits Last Hit Refs  
client1.com 192.0.0.264524289121:29:17 14Settings
client2.com  785345621:30:32 7Settings
mycompany.com 192.0.0.11380891589021:30:29 35Settings
mail.client1.comclient1.comSettings
mail.client1.comclient2.comSettings
webmail.client1.comclient1.comSettings

To select domains by name, type a string into the Filter field, and click the Display button: only the domains with names containing the specified string will be displayed.

Each entry in the domain list contains that domain name, the assigned network address (if any), and the number of accounts in the domain.

A list entry also displays the number of currently opened domain accounts, the total number of times domain accounts have been opened (since the Server last restart), and the last time any domain account was opened.

Select the Show Aliases option to include domain aliases into the list. Each domain alias list element contains the link to its "real" domain account list and settings pages.

Click a domain name to view the accounts in that domain.

Click the word Settings in the last column to view and update the domain Settings.

Creating a New Domain

Type a new domain name into the field on the right side of the Create Domain button.

Domain created

Click the Create Domain button. When a new domain is created, its name appears in the Domain List.

If a server is a member of a Dynamic Cluster, the additional Create Shared Domain button appears. Click that button to create a domain that will be served by all members of the Cluster. The domain created using the Create Domain button are created as "local" domains and are served by this server only.

Specifying Domain Settings

Main domain and all Secondary Domains have domain-level settings.

To open the Domain Settings page in your browser, either click the Domain Settings link in the Domains List, or click the Domain Settings link on the domain Accounts List page.

Account Log: Mailbox Log:

The Account Log option allows you to specify how the account-level operations (account open/close, password verifications, mailbox creating/removing, size updates, etc.) are recorded. Log records created for account-related events have the ACCOUNT tag.

The Mailbox Log option allows you to specify how the mailbox-level operations (message storing/removing, message status updating, etc.) are recorded. Log records created for mailbox-related events have the MAILBOX tag.

Most of Domain Settigs can be set to the Default value. In this case the actual setting value is taken from the global, Server-wide Default Domain Settings.

When the Domain Settings are modified, click the Update button. The page should appear again, displaying the Updated marker.

You can click the Accounts link to switch to the domain Account List.

Enabling Messaging Services

Main domain and all Secondary Domains have domain-level settings that specify which CommuniGate Pro services can be used with the domain accounts:

Enabled Services
Mail POP IMAP PWD ACAP WebMail WebSite Relay Mobile

Mail
If this option is disabled, incoming mail is not delivered to domain accounts. Incoming message are suspended in the Local Delivery module queue, and they are rejected if this option is not re-enabled within the specified period of time. See the Local Delivery module settings for the details.

POP, IMAP, PWD, ACAP
If a protocol option is disabled, accounts in this domain cannot be opened using that protocol.

WebMail
If this option is disabled, this domain accounts cannot be opened using the WebUser Interface, and the domain mailing lists cannot be browsed.

WebSite
If this option is disabled, the Personal Web Sites in this domain cannot be accessed.

Mobile
If this option is disabled, domain users will not be able to connect to their accounts from Internet Addresses not included into the Client Addresses list. This can be useful if you provide free accounts in this domain and you want domain users to connect to those accounts only from dial-up addresses your own site provides.

Relay
If this option is disabled, domain users will not be able to use the Mobile Users Support features. This can be useful if you provide free WebMail accounts in this domain and you do not want spammers to use these accounts to enable SMTP relaying.

Services can also be disabled for individual domain accounts.

Multihoming and Dedicated IP Addresses

You should read this chapter only if you plan to support multihoming, if your system is behind a firewall, or if you have a non-standard Domain Name System setup.

When the Server starts, it detects its own network address(es). Your Server system is "multihomed" if it has more than one network (IP) address.

If the Server system has several IP addresses, some of them can be assigned (dedicated) to secondary domains. Accounts in such domains can be accessed using any POP and IMAP mailer without explicitly specifying the full account name.

The Assigned IP Addresses option allows you to assign network addresses to the main and secondary domains.

Assigned IP Addresses
[206.40.74.198]

All Available
This option can be selected for the main domain only, and it is the default setting for the main domain.
All Server network addresses not assigned to other domains are assigned to this (main) domain.

Manually Defined
This option is selected by default for all secondary domains.
If you want to assign (dedicate) an IP address to this domain, type the address into the text field on the right of the pop-up menu.
Only the Server computer own addresses are accepted, and all specified addresses should not be already assigned to any other domain.
If you select this option and leave the text field blank, the Domain will not have any IP addressed assigned to it. In this case, to access the domain accounts, users should specify the full account name (account@domain) in their mailer settings. See the Access section for the details.

by DNS A-Record
When this option is selected, the Server sends a request to the Domain Name System and tries to resolve the domain name. If an A-Record for this domain is found in the Domain Name System, the addresses from that record are assigned to the domain. The system checks that all addresses retrieved from the A-record belong to the Server computer and that these addresses have not been already assigned to any other domain.
This setting is useful if you have several secondary domains with dedicated IP addresses and you want to redistribute the Server addresses from time to time. Instead of reconfiguring both DNS and Server settings, you may reconfigure the DNS records only, and the Server will take the updated data from the DNS.

by DNS MX-Record
When this option is selected, the Server retrieves the highest-priority MX record (relay name) for this domain, and then processes addresses in the A-record for that relay name.

For each domain in the Domain List, the assigned network (IP) addresses are displayed. This can be used to check the DNS and Server setup for systems with multihoming.

Because of setup errors or due to a non-standard network and DNS setup, the Server's own IP address(es) may be left unassigned to any of the Server domains. Open the General Settings page to see the list of the Server own IP addresses. The unassigned addresses are marked in red.

When a client mailer connects to the Server via an unassigned address and the full account name is not specified, the Server does not allow the user to log in.

Domain Limits

The System Administrator can specify some limits on the resources available for the domain: the domain administrator is not allowed to create more accounts or more mailing lists than specified with these domain settings.

A Domain Administrator can see, but cannot modify these limits.

ResourcesLimitsUsage
Accounts: 390
Storage: 14M
Mailing Lists: 5
RPOP Accounts: 15

Domain Aliases

Each CommuniGate Pro domain can have aliases (alternative names). If the domain client.dom has the mail.client.dom and www.client.dom aliases, mail directed to user@mail.client.dom and to user@www.client.dom will be routed to the user@client.dom account. Also, to access the user@client.dom account via POP, IMAP, and other mailer applications the account names user@mail.client.dom and user@www.client.dom can be specified in the mailer settings.

This is especially useful for WebUser clients. Users specify the domain name in their browser URLs, and users of the client.dom domain tend to use www.client.dom in the browser URLs. You may want to register the www.client.dom domain with the DNS, assigning it the same IP address as the address assigned to the client.dom domain, and then you should create the www.client.dom alias for the client.dom domain.

Aliases

You can modify existing aliases, add an alias by typing a new name in the empty field, and remove an alias by deleting it from its field. Use the Update button to update the list of domain aliases.

The Domain Aliases are stored in the DomainAliases database located in the Settings directory inside the CommuniGate Pro base directory.

Directory Integration

The System Administrator can specify if the domain accounts should be included into the Central Directory.

Directory Integration
Usage:
  

This panel is not displayed for Directory-Based Domains, since those domains are always completely integrated with the Directory.

See the Directory Integration section for the details.

Processing Mail To Unknown Accounts

When a message comes addressed to the main server domain or to one of the secondary domains and the Local Delivery module cannot find an account or account alias with the specified name, the module processes the message address as specified in the Domain Settings.
Mail to Unknown Accounts
is
Rejected
the address is rejected; if message is being received via SMTP, the address is not accepted, and if it was the only recipient address in the message, the message is not received at all.
Discarded
the address is routed to NULL. The message is considered "delivered" immediately.
Rerouted to:
the address is changed to the E-mail specified in the text field, and the Router restarts trying to route this new address.
Note: you specify an E-mail address, not an account name there. So, if you specify Rerouted To: Postmaster for the client1.com domain, the message will be routed to the Postmaster account in the main domain mycompany.com, not to the Postmaster account in that Secondary Domain. Specify Postmaster@client1.com to direct messages to the postmaster account in the client1.com domain.
Note: you can use the asterisk (*) symbol in the E-mail address field. This symbol will be substituted with the original account name.
Sample:
The domain client1.com Mail to Unknown Accounts option is set to
Rerouted to: Bad-*@support.company.com
A message comes addressed to jjones@client1.com, and the account jjones does not exist in the client1.com domain.
The message is rerouted to bad-jjones@support.company.com

Accepted and Bounced
the same as Rejected, but account existence is not checked at the Router phase. In case of SMTP receiving, it means that any address in this domain is accepted. Then, if the Local Delivery module fails to find the addressed account, the message is rejected and an error report is sent back to the sender.

Sending Mail To All Accounts in the Domain

The administrator can enable the special virtual account (address) "all" to send messages to all accounts registered in the domain.

Mail to <all@client1.com>
is distributed for  

anybody
a message sent to the <all@domainname> is sent to all accounts in the domainname domain (except for the accounts that have the Accept Mail to All option set to disabled).

Clients
a message sent to the <all@domainname> is sent to all accounts in the domainname domain only if the message has been received via SMTP from an address included into the Client IP Addresses list, or if the message was received using one of the trusted methods (Web User Interface, via RPOP, via POP using the XTND XMIT method, etc.).

Authenticated Users
a message sent to the <all@domainname> is sent to all accounts in the domainname domain only if the message has been received from a Server user (account) using one of the trusted methods.

Authenticated Domain Users
a message sent to the <all@domainname> is sent to all accounts in the domainname domain only if the message has been received (using one of the trusted methods) from a Server user in the addressed domain or from any other Server user that has the domain administration rights for this domain.

Authenticated Administrator
a message sent to the <all@domainname> is sent to all accounts in the domainname domain only if the message has been received (using one of the trusted methods) from a Server user that has the domain administration rights for this domain.

nobody
the "all" account is disabled, messages to <all@domainname> are rejected.

Sending Mail To All Accounts in All Domains

If the administrator has enabled mail distribution to all accounts in the main domain, a message can be sent to all accounts in all domains.

To send a message to all accounts in all server domains, it should be sent to the alldomains@main_domain_name address.

For each domain, the message source is checked and the message is distributed to the domain accounts only if it passes that domain "Mail to All" distribution checks.

WebUser Interface Settings

Each domain has several WebUser Interface options:
WebUser Interface
Cache Files:  
Mail Trailer
Text:
Web Banner
Text:

Cache Files
If this option is enabled, the CommuniGate Pro server maintains a memory cache for files (HTML templates, images, etc.) in the domain WebUser directory and its subdirectories. When you upload a modified file to the domain WebUser directory using the CommuniGate Pro uploading methods (HTML PUT command, form uploading, etc.), the Server automatically removes the old version of that file from the Webuser cache.
If you prefer to modify the domain WebUser files directly, you may want to disable the WebUser Caching.

Flush Cache
Click this button to remove all domain WebUser Interface files from the memory cache. It also causes the WebUser module to reload the Strings.data file from the domain WebUser directory (if that file exists).

Mail Trailer Text
The text in this field is automatically appended to all messages the domain users compose via the WebUser Interface.

Web Banner Text
The text in this field is automatically inserted into the beginning of all HTML files retrieved from the domain user Personal Web Sites.

Enabling Auto-Signup

You can allow users to create domain accounts themselves, via the Web User Interface:
Auto Sign-up
Enabled
If the Auto Sign-up option is enabled, the Sign-up link appears on the domain Login Web page. This link allows new users to open the Sign-up page, where they can enter a new account name, the user real name, and the desired password.

The Server checks that an account with the specified name does not exist and creates a new account. The Server uses the Account Template settings for the newly created account, overriding its Password and Real Name settings with the data specified by the new user.

Server OS Integration

CommuniGate Pro accounts may be "mapped" to the accounts (registered users) of the Server OS. When a CommuniGate Pro user is being authenticated using a Server OS password, or when a separate process (program) should be launched on the user behalf, the CommuniGate Pro Server constructs an OS username (OS account name) to be used for that CommuniGate Pro user (account).
Server OS Integration
 OS user name:default (*)
External INBOXlocation:default ()
synchronize using: Locks
OS user name
This setting specifies how to compose the Server OS username. The asterisk (*) sign is substituted with the CommuniGate Pro account name. If this setting contains just one symbol - the asterisk sign, then all accounts in this domain are "mapped" onto the OS accounts with the same name: when the CommuniGate Pro Server checks the OS password for the account jmsith, it checks if the specified password can be used to log into the OS account jsmith.

If the settings contains *.dj, the OS username for the CommuniGate account jsmith is jsmith.dj - and the jsmith.dj name is used for all OS-level operations initiated on behalf of the CommuniGate Pro account jsmith.

Legacy (Unix) Mailer Compatibility

The CommuniGate Pro allows you to create accounts with external INBOX mailboxes. These mailboxes are stored not inside the CommuniGate base directory, but in the system directory known to the legacy mailer applications.

If you have to support Local Mailer compatibility for all or some accounts in a domain, you should specify the External INBOX settings:

location
This setting specifies where the external INBOX files should be located. For each account that has an external INBOX, the system substitutes the asterisk sign with the account name. Consult with your OS manuals to see where your legacy mailers expect to see the user mailboxes: on most systems, the /var/mail/ directory is the correct location, but some systems may use /var/spool/mail/ or some other directory.

synchronize using
This setting specifies the file locking method to use for updates synchronization.

See the Sharing section for the details.

Subdirectories for Large Domains

When a domain contains many accounts (more than 10,000), you may want to place account files in several subdirectories: Domain subdirectories are directories inside the domain directory. A subdirectory name should have the .sub file path extension (suffix).

Subdirectories can be nested.

Note: When the CommuniGate Pro server starts, it scans all domain directories and all their subdirectories, and it collects the names of all domain accounts. This feature allows the system administrator to move accounts between subdirectories at any time when the server is stopped. It also allows to change the foldering method (see below) without stopping the server and without relocating already created accounts.

For each account, the CommuniGate Pro server remembers the name of the subdirectory that contains the account files.

When a new account is being created (or when an account is being renamed), the server composes a name for the subdirectory in which the account files should be created.

Account Storage
Foldering Method:
Generate Index:

Foldering Method
This option allows you to specify the subdirectory name construction method. The following methods are supported:
flat
This is the default method. All new accounts are placed into the domain directory itself.

2 Letters 1 Level
The first two letters of the account name are used to form the name of the subdirectory, the account jsmith will be placed into the domain/js.sub/ subdirectory. If the account name has just one letter, that letter is used as the subdirectory name.

2 Letters 2 Levels
The first two letters of the account name are used to form the name of a nested subdirectory, the account jsmith will be placed into the domain/j.sub/s.sub/ subdirectory. If the account name has just one letter, that letter is used as the subdirectory name.

Hashed 1 Level
A numeric hash function is applied to the account name, the result is used to form a subdirectory name: the account jsmith will be placed into the domain/pf.sub/ subdirectory.

Hashed 2 Levels
A numeric hash function is applied to the account name, the result is used to form a nested subdirectory name: the account jsmith will be placed into the domain/lu.sub/y.sub/ subdirectory.
Note: many other systems serving large domains use domain subdirectories, too. Every time an account is to be opened, those systems form the account subdirectory name using some built-in method. As a result, the built-in method cannot be changed "on the fly", and accounts cannot be moved between subdirectories. The CommuniGate Pro Server uses its subdirectory name forming methods only when a new account is being created, and it always remembers in which subdirectory every account is located. The Server does not have to form the subdirectory name every time an account is to be opened. As a result, the CommuniGate Pro domain "foldering" methods can be changed at any moment, and the accounts can be moved between the subdirectories when the server is not running.

Generate Index
If this option is enabled, the CommuniGate Pro Server creates the Index.data file in the domain directory every time the Server stops. This file contains the names of all domain accounts, the account types, and the location of the account files. When the Server starts and finds the Index.data file in the domain directory, it reads that file instead of scanning the domain file directory tree. On some file systems scanning a directory tree with 100,000 files can take up to 10 minutes.

Note: if you stop the Server and manually move/remove some domain account directories, delete the Index.data file from the domain directory before you start the Server again.

Renaming Domains

If you want to rename a Secondary Domain, open its Domain Settings page with a Web browser, and enter a new account name into the New Domain Name field. Click the Rename Domain button.

If there is no other domain with the same name as the specified new domain name, the domain is renamed and its Domain Settings page should reappear on the screen under the new name.

You cannot rename a domain when any of its accounts are in use.

Removing Domains

If you want to remove a Secondary Domain, open its Domain Settings page with a Web browser, and click the Remove Domain button. The confirmation page should appear. If the Empty Domains Only option is selected, a Secondary Domain is removed only if there are no accounts in it. Otherwise, all Domain Accounts are permanently removed, too.

If you confirm the action, the selected domain, its settings, and all its accounts will be permanently removed from the Server disks.

You cannot remove a domain when any of its accounts is in use.

Specifying Default Domain Settings

A domain setting can have the default value. In this case the actual setting value is taken from the global Default Domain Settings. You can modify these values by clicking the Domain Defaults link on the Domains (Domain List) page.

The Default Domain Settings page resembles a regular Domain Settings page.

Specifying Domain Security Settings

Domains can have security settings (Private Keys and Certificates) that can be used for secure communications with that domain.

Use the Security link on the Domain Settings page to open the Domain Security settings.

See the Security section for more details.

Domain File Directories

Account files for the main domain accounts are stored in the Accounts directory inside the CommuniGate Pro base directory.

For each secondary domain, a directory with the domain name is created inside the Domains directory. The domain directory contains files for all secondary domain accounts.

When a domain contains very many (thousands) accounts, subdirectories inside the domain directory can be used.

CommuniGate® Pro Guide. Copyright © 1998-2000, Stalker Software, Inc.