IMAP Settings

How to get here

Note: At the top of each Services page, the name of the Service, its Status (Running or Stopped), and a Start/Stop button appears. This allows you to Start or Stop individual Services from their respective web pages, as well as from the Service Administration page.

You can use the IMAP Settings page to configure the IMAP Server. IMAP4 lets users access remote messages stored on the mail server as if they were local. Users can read, move, delete mail, and create mailboxes on the server system. Since messages reside on the server, users can access their mailboxes from multiple machines.

Important: After making changes, click Save. Stop the service, wait 5-10 seconds and restart the service.

IMAP Logging

• Save Logs To. Choose one of the following from the list box.
  • No Log. (Set by Default) Select this option to turn off event logging.
  • SYSMMDD.TXT. Select to send event information to a file of this name, where MM is the month and DD is the day the log was written. This file is stored in the Spool directory.
  • Log Server. Select to send event information to the Log file indicated on the Logging tab.
• Debug Messages.  Select the check box to enable writing debug messages to the log file.

General Options

• Force Subscribe to Private Mailboxes. Select the check box to require the IMAP4 client to subscribe to use a private mailbox. A user who is not a subscriber is refused access. Do not enable this option if you wish to use web messaging.  Choose this option if users are using Outlook or another client.
• Force Subscribe to Public Mailboxes. Select the check box to require the IMAP4 client to subscribe to use a public mailbox. A user who is not a subscriber is refused access.
• Disable Plain Text Authentication. Select the check box to not allow users to authenticate using Plain Text or Base64 Encoded text authentication mechanisms. When this option is selected the authentication mechanisms listed below will not be advertised or supported before TLS Negotiation has occurred or the user connects on the services' SSL Port.

Plain Text Authentication Commands	Base64 Encoded Authentication Commands
LOGIN	AUTH PLAIN AUTH LOGIN

• Enable IDLE Command. (Set by Default) This command allows the IMail Server to send new messages to the client as the message arrives.

  A configurable registry key can be added to modify the sleep idle command when enabled. The default setting is 10000 milliseconds (10 seconds), if the registry key is not found.

  Registry path: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IMAP4D32\Parameters"

Name	Type	Data
IdleSleepInterval	REG_DWORD	0x00002710 (10000)

• Hello Message. When logging on to IMAP4, the service returns a welcome message that identifies the mail server version and vendor. For example, to hide the mail server version and vendor information, enter the text you want displayed in the IMAP service welcome message.

  The text is limited to 400 characters or less. If over 400 characters is entered, the system will use the default message. To intentionally revert back to the default message, clear this field.

Account Harvesting Prevention

The Account Harvesting feature allows the IMail Administrator to control user authentication to prevent attempts by a client to continuously try and gain access and attain user names and passwords.

• Enable Harvesting Prevention. (Turned on by default) Configurable user authentication options for the IMail Administrator are as follows:
  • Max Failed Logins Per Session. (Default set to 3) Once this setting has been reached by failed authentication attempts, the client will be disconnected.
  • Max Failed Sessions Per IP. (Default set to 9) After this setting has been met by disconnections from the failed authentication attempts, the client will be terminated and blacklisted.
  • Blacklist Duration (in Minutes). (Default set to 60) Length of time that the offending IP will not be able to access the login page.

    Tip: The Blacklist Duration is the length of time the IP address will be blocked and will remain in the Control Access list.

Note: POP3 and IMAP share the same registry settings for all Account Harvesting Prevention options. Changing an IMAP setting will also affect the POP3 setting.

SSL Settings

Note: IMail Server uses OpenSSL Command Line Tool (v0.9.8e) which supports up to 4096-bit RSA and 2048-bit DSA. OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them.

• Enable SSL. Select the check box to enable a dedicated port that accepts only SSL- encrypted connections from the IMAP4 service. You can change the default port used by the SSL Listener in the SSL port box.
  • SSL Port. Enter the port used by the dedicated SSL Listener to accept connections. The default IMAP4 SSL port is 993; the valid range is from 1 - 32,000.
• Enable TLS. Select the check box to enable the IMAP4 service to accept SSL/TLS connections over the IMAP4 port through use of the STARTTLS command.

Save. Click to save your settings.

Related Topic

Managing Mailboxes

Creating Public Mailboxes

POP3 / IMAP - Control Access