Chapter 6  Services

Table of Contents

6.1  Service Parameter Settings
6.2  Important Notes
6.3  Troubleshooting

In Configuration → Services the user can set which Kerio MailServer services will be run and with which parameters. Use the Start, Stop and Restart buttons below the table to run, stop or restart appropriate service. The following services are available:

Services

Figure 6.1. Services


SMTP

SMTP protocol server (Simple Mail Transfer Protocol), handling open (non-encrypted) or SSL secured connections. The SMTP server is used for sending outgoing mail messages, for receiving incoming mail (if it is the primary or backup domain mail server) and for messages delivered via mailing lists created in Kerio MailServer.

Secure SMTP is an SMTP server whose communication is encrypted by SSL. Port 465 is used as default for the traffic.

Two methods can be used for encryption of SMTP traffic. The traffic can be encrypted either via SMTPS on port 465 or via SMTP on port 25 (STARTTLS, if TLS encryption[1] is supported). The differences between the two methods are as follows:

  • SMTP on port 25 with STARTTLS — traffic on port 25 is started as unencrypted. If both sides support TLS, TLS is started via STARTTLS. Otherwise, the traffic is held unencrypted.

  • SMTP with SSL/TLS on port 465 — the traffic is encrypted right from the start.

Warning

If traffic between Kerio MailServer and mail client is running on port 25, a problem might occur with email sending. Since public WiFi networks often do not support traffic on unencrypted protocols, SMTP on port 25 can be blocked. In such case users cannot send email out of the network. However, SMTPS on port 465 is usually allowed. Therefore, it is recommended to keep SMTPS connection enabled so that notebook and Apple iPhone users can use this port to connect to the server. It is also necessary that users' email clients (SMTPS encryption and traffic port) are set correctly.

POP3

POP3 protocol server (Post Office Protocol). This server allows users — clients to retrieve messages from their accounts. It is also often referred to as the incoming mail server.

Secure POP3 is a POP3 server whose communication is encrypted by SSL. The encryption prevents the communication from being tapped.

IMAP

IMAP protocol server (Internet Message Access Protocol). This server also allows users to access their messages. With this protocol, messages stay in folders and can be accessed from multiple locations at any given time.

Secure IMAP is an IMAP server whose communication is encrypted by SSL.

NNTP

NNTP protocol (News Network Transfer Protocol) — transfer protocol for newsgroups over the Internet. The service allows users use messages of the news type and use the protocol to view public folders.

Public folders cannot be viewed via NNTP protocol if its name include a blank space or the . sign (dot).

Secure NNTP is the NNTP server version whose communication is encrypted by SSL.

LDAP

Simple LDAP server that enables users to access centrally managed contacts. The LDAP server provides read-only access to the information; you are not allowed to create nor edit the existing ones.

Secure LDAP is an LDAP server whose communication is encrypted by SSL.

If Kerio MailServer is installed on a server which is used as a domain controller (in Active Directory), it is necessary to run LDAP and LDAPS services on a non-standard port or to disable them.

HTTP

The HTTP protocol is used for:

  • accessing user mailboxes via Kerio WebMail,

  • accessing the user administration via the KMS Web Administration interface (see chapter 32  KMS Web Administration),

  • accessing mail using Microsoft Entourage mail client (see chapter 38  MS Entourage support),

  • accessing the Free/Busy server,

  • automatic upgrades of new versions of the Kerio Outlook Connector and the Kerio Outlook Connector (Offline Edition).

  • for synchronization via the ActiveSync protocol.

  • for BlackBerry synchronization via NotifyLink.

  • for publishing of calendars as iCal

Secure HTTP is an encrypted version of this protocol (HTTPS — SSL or TLS encrypted).

Upon the first startup of Kerio MailServer, all the services listed above are running on their default (standard) ports.

Note: If you know that services will not be used, it is recommended to disable them (for security reasons).

If any service provided also by Kerio MailServer is already running on the server, it is necessary to change traffic port for one of the services. To change a port of a Kerio MailServer's service, follow the instructions in section 6.1  Service Parameter Settings.



[1] TLS is follower of the SSL protocol, it is actually SSL version 3.1