The service list (see figure 6.1 Services) includes the following information:
Service — includes protocol name and an icon informing whether the service is running or stopped.
Status (running/stopped) — this item shows whether the service is running or stopped.
Startup (Manual/Automatic) — information whether Kerio MailServer is started automatically or it must be run manually upon its restart.
IP addresses — this item shows all IP addresses and ports used for traffic by the particular Kerio MailServer's service.
Limit Access — Kerio MailServer allows narrowing access rights to a certain group of IP addresses which will be allowed to use the particular service (usually, unsecured services are accessible from the local network only).
The parameters of a selected service can be changed. To do this, use the Service dialog (see figure 6.2 Service Parameters). The dialog consists of the following tabs:
button. The button opens theThis tab allows setting of startup type and of a TCP port for traffic.
Type of service.
Kerio MailServer allows two startup modes:
Automatically — the service will be run automatically upon Kerio MailServer's startup.
Manually — when the server is started, the service is stopped and it must be run by the administrator if desirable.
By default, Kerio MailServer listens at all default ports at all IP addresses of the its host. The Ports dialog enables to assign particular IP address to the port where the service is running.
Assignment of an IP address to a standard port of a service running in Kerio MailServer may be helpful in the case that Kerio MailServer and another application using the same services (e.g. another LDAP server, webserver or mail server) are installed at the same host. In such a case, it is possible to reserve only one IP address for each service of Kerio MailServer so that port collisions are avoided.
This means that two different web servers may use port 80 at two different IP addresses.[2]
Assignment of IP addresses to ports is not recommended if IP addresses are reserved dynamically, e.g. using DHCP.
Click Add to bind the IP address to the port.
Most services use standard ports and it is not recommended to change them unless necessary (e.g. in case of conflict with another application of the same type). Click
to restore the default settings.The Access tab allows setting limits for access to the particular service. The following parameters can be set:
Allows access to a selected service to be limited to certain IP addresses only (defined in the selected group). The IP address group can be defined in the
section or directly in this dialog window by pressing the button.Detailed access policy for the SMTP service can be set in the
section.This option relates only to the NNTP(S) service, therefore it is not contained in other dialog windows of other services. This option allows unauthenticated access to the NNTP server. This means that everyone can register to a mailing list with anonymous access.
This option limits the number of concurrent connections to the selected service. Too many concurrent connections may cause the server overload which can subsequently lead to its failure. This is the principal of so called DoS (Denial of Service) attack. Setting the limit for the number of connections therefore helps to prevent the DoS attacks against your server.
When you plan to limit the number of connections, consider the number of server users.
[2] Indeed, it is necessary to reserve an IP address for the same service in another application, that is not used by Kerio MailServer.