Carbonio Admin Panel

Carbonio Admin Panel is the component that allows access to the administration functionalities of Carbonio and is installed by default from Carbonio CE 22.11.0 onwards. It is not available for previous versions, but can be installed after upgrading to that version, see Carbonio CE Upgrade.

Like for every other component, it can be reached using a supported browser and point it to, replacing with your domain.

To access the Carbonio Admin Panel, the default user is, whose password should be changed after the first installation using the command shown in Create System User.

Carbonio Admin Panel allows to manage the Carbonio CE domains, mailstores, accounts, COS, and privacy settings. The overall organisation of the panel is similar to the others components: a the Top Bar allows quick creation of a new domain or COS by clicking the CREATE button, while navigation items are on the left-hand column.

The landing page is shown in Fig. 2 and Fig. 3.


Fig. 2 The upper part of Admin Panel’s landing page

In the upper part, clicking on either of the boxes will open the Carbonio Admin Panel page for the Accounts and mailing list, respectively.

The list of Notifications follows: click the GO TO NOTIFICATION button to open the dedicated page.


Fig. 3 The lower part of Admin Panel’s landing page

In the lower part are shown the versions of Carbonio and of Carbonio Core for all the servers defined within the Carbonio infrastructure. The button GO TO MAILSTORES SERVERS LIST allows to open the Mailstores ‣ Global Servers ‣ Server List page (see Servers).


The Domain page allows the management of domains and of related settings, including individual accounts, user quota and authentication, mailing lists, and more.

The following sections are available in the page: global settings, domain details, and domain management.

Create New Domain

To create a new domain, fill in the form that opens upon clicking the CREATE button.

Options for Domain acme.example

Two types of options are available during the creation of a new domain:

  • General information

    The only mandatory data to supply it the domain name, which is its FQDN. All other data are optional and can be set at a later point.

    Important options that can be configured during the domain creation are the total number of accounts that can be managed for the domain and the e-mail quota. Also a description can be added.

  • GAL settings

    Except for the GAL mode, currently only Internal, it is possible to define the account used to synchronise GAL information, the mail server used, which must be on the same domain (or in a compatible one, i.e., in a valid alias URL, see Virtual Hosts below).

The image below shows how a sample domain is created.


Further configuration option for the domain, including how to configure authentication and accounts in the domain, can be found in the Domain Details section.



Global settings concern the appearance of Carbonio CE and allow to customise various option that will influence how the Carbonio CE web interface appears to the web clients.

Light/Dark mode

The light mode features a white-based colour combination for the Carbonio CE login page and GUI, while the dark mode has a black-based colour combination.

Title & Copyrights Information

The title is the string that will appear on the client’s tab, while the copyrights information will appear at the bottom of the panel in the login page.


The logo can be defined for different parts of the GUI: the login page and the main page. You can select a different logo for the login page and for the main GUI, for both the light and dark mode.


Each logo must adhere to the following maximum requirements.

  • The dimension must be 240x120 pixel

  • The format must be PNG or SVG

  • The logo must have a transparent background

  • The logo must be saved on a public URL, i.e., it must be publicly accessible


The favicon will be displayed next to the tab’s name.


The favicon must adhere to the following maximum requirements.

  • The dimension must be 16x16 pixel

  • The format must be ICO

  • The favicon must be saved on a public URL, i.e., it must be publicly accessible

Background for the Login Page

The background image for the login page is displayed behind the login panel during the login phase, You can choose one image for the light mode and one for the dark mode.


The images used for the background must adhere to the following maximum requirements.

  • The dimension must be 2560x1440 pixel

  • The size must be 800 Kb

  • The format must be JPG

  • The image must be saved on a public URL, i.e., it must be publicly accessible

All customisations can be removed at once by clicking the RESET button.

Domain Details

In the various subsection present in Domain Details, it is possible to refine the configuration of the domain. Values for most of the options (for example the Time Zone), if not specified for a given domain, are inherited from the main domain defined.

General Settings

General setting influence the basic domain configuration; most of them appear during the creation of the domain. Additional options allow to define the time zone, the use of HTTP or HTTPS protocol (we suggest using always the latter), and a mail server used for spam-relay purposes.

Moreover, a default COS and its status can be attached to the domain.

COS statuses

A COS can be defined for a whole domain or an account and determines its status, that is, its ability to log in to the domain and access the e-mail. If the domain COS and a user’s COS differ, the resulting status of the account is shown. Each COS can be defined with one of the following five values.

  1. Active. The COS is enabled, therefore the domain and its accounts can be used for everyday operations.

  2. Closed. The domain is shut down, no access is granted, and all incoming e-mails are rejected.


    This status overrides the individual accounts COS status.

  3. Locked. In this state, user access is not possible, unless individual accounts are marked as Active. Incoming e-mails are regularly delivered to the accounts.

  4. Maintenance. Users can not log in, their incoming e-mails are not delivered but are kept in a queue by the MTA. If the account’s status is closed, it overrides the domain status setting, that is, the user’s incoming e-mails are rejected.

  5. Suspended. A status similar to maintenance, with the difference that no accounts or distribution lists can be changed. If the account’s status is closed, it overrides the domain status setting, that is, the user’s incoming e-mails are rejected.

We build on the domain created in previous section and attach some property.

Additional settings for acme.example

We assign now the following properties to our sample domain.

  1. Public Service Protocol. Force clients to connect only using https.

  2. Public Service Hostname. It is the FQDN (mail.acme.example) used by clients to connect to the domain. It must be defined as an A record in the domain’s DNS.

  3. The Time Zone is set to Hawaii’s time

  4. Inbound SMTP Host Name. Set to smtp.acme.example, its the URL of an SMTP server that is used for spam training.

  5. Default Class of Service. The COS used by the domain, which is left to the default one.


Virtual Hosts & Certificate

A Virtual Host is an alternative name given to a domain that can be used to access the same domain. To be able to use the virtual host, the name must be registered on the domain’s DNS with an A record. Users can then log in to the domain using only their usernames, without the domain.

To each virtual host you can associate an SSL certificate. Carbonio CE supports the upload of multiple SSL domain certificates from the Carbonio Admin Panel and associate them to different domains, a procedure that requires only a few steps.


The generation of server-side certificates directly on Carbonio CE and the management of wildcard certificate are tasks that can be carried out from the CLI only: check out section Deploy an SSL Certificate if you need to use either of them.

Select the virtual host, then click LOAD AND VERIFY CERTIFICATE. In the dialog, you can choose whether to enter the three files of the authorisation chain (i.e., the Domain Certificate, the Certificate CA Chain, and the Private Key) in the first or copy the content of the individual files in the appropriate fields. Click VERIFY to verify the certificates: if everything is correct, notification The certificate is valid will appear. To use the certificate, click the I WANT TO USE THIS CERTIFICATE button to upload and use the certificate. Again, a notification will be shown (The certificates have been saved). To complete the procedure: if you are on a Single-Node, restart it otherwise you need to restart the node on which the Proxy is installed;

You can REMOVE or DOWNLOAD the certificates by clicking the appropriate button above the certificates themselves.

Mailbox Quota

These settings allow to define a maximum limit (in bytes, with 0 meaning no limit) for the space used by each account and by the entire domain. It is also possible to set a value that, when reached, will send a warning by e-mail to a given address. The values configured here are inherited by all accounts that will be created, but can be overridden on a per-user basis.

To ease monitoring user’s quota, the bottom of the page contains a list of accounts and of their used quota.


These setting are the same that appear in the Global Theme section, but are domain-specific: if not defined, the global theme settings will be applied.

Manage Domains

The Manage Domains page contains options to configure accounts, mailing, and generic resources.


The list of all account in the domain is present here, along with information on their type and status.

The list can be filtered using the text field above the list, while a new account can be created using the + button.

A click on any account will open a new panel that contains a number of information and options, including the name and aliases, if present, its status (see below), and creation date. The aliases can be easily managed by clicking the MANAGE ALIAS button: in the opening dialog window, select a domain and a new alias, then click + to add the alias to the user.

On the panel’s top right corner, buttons allow to edit or delete the user, and also to redirect to the user’s mailbox.

When editing a user’s account, most of the option are the same that can be found in the Create New Account section and are organised in four tabs:

This tab contains all the options provided during the account creation in the Details and Create steps, plus other options, including the ability to prevent the user from changing the password.

This tab also shown of which Mailing list the user is member.

The listed here allows to specify forwarding addresses, to prevent e-mail messages to be saved locally, and to enable ActiveSync, if these operations are allowed by the administrator.

The preferences in this tab concern how a user sees or interacts with the e-mails (receive, sending, composing, adding a signature) and are mostly inherited from the COS.

Options present here allow to manage the account security: OTP and policies for password and failed login. New OTP tokens can be created to allow the user to login by using a QR Code; a policy can set to force the user to select a secure password and the type of characters to be chosen. The Failed login policy determines how the system behaves when a user fails too many consecutive logins.

At the bottom of the panel, a list of the active sessions appears: for example, if a user has logged in from three different devices and never logged out, three sessions will appear. When selecting one of them, clicking the END SESSION button will close that session.

Create New Account

In order to create a new account, click the + button. You will enter a three-step procedure that guides you in the initial account configuration.

Step 1: Create New Account John Smith

We create the first account for the CEO of ACME Corporation and provide the following data.

  • Name, Middle Name Initials, and Surname will be used to define the user name. We use only Name (John) and Surname (Smith), which result in the JohnSmith username.


    You can change the automatically generated username at will, for example to match company policies.

  • Password is the one used by John for the first login only

  • Must change password on the next login requires that John, after the first log in (and before accessing his mailbox) must change the password.

We also explicitly configure the Account Status (see the list of possible values).

Step 2: Confirm Account John Smith

This dialog window recaps the values entered in the previous step. Go back to change

(Optional) Step 3: Send OTP to John Smith

The last step is optional: here you can create an OTP code for John Smith, that he can use to access his account.

Account statuses

A user account can be in one of the following statuses.

  1. Active. The account is enabled and ready for everyday operations: the user can log in and send and receive e-mails.

  2. Under Maintenance. This state occurs during maintenance operations on the domain or account: backup, import, export, restore. The user can not login, e-mails are queued on the MTA.

  3. Locked. The account can not be accessed by the user, but incoming e-mails are still delivered. This status can be set for example if the user violates the terms of service or if the account has been cracked

  4. Closed. The user is not allowed to log in, incoming e-mails are rejected.

  5. Pending. This status is usually seen during the account creation, when it is not yet active. User can not log in, incoming e-mails are rejected.

  6. LockOut. This is the only status that can not be set. It is applied automatically when the log in attempts fail for a given number of times. It is a preventive measure to avoid unauthorised access of brute force attacks. The account will not be accessible for a given interval (“lockout period”)


    Both the number of failed attempts and the lockout period can be configured.

Mailing List

Mailing list can be simply created by clicking the + button to open a tabbed modal dialog in which to configure the mailing list.

In the first tab you can give a name, an address, and a description to the mailing list; in the second add Members by simply writing the e-mail addresses in the test field.


E-mail addresses are auto-completed while typing.

In the third tab, advanced settings can be configured, including to limit the members that are allowed to send e-mails to the list.

The last tab recaps the settings: now you can wither go back to any of the previous tabs and change some of the settings, or proceed to create the mailing list.


A Resource is a generic object that can be assigned an e-mail address. A typical example of a Resource is a meeting room: to reserve the room, send an e-mail to the room’s e-mail address.

A policy can be assigned to Resource, to determine how to react to the booking request, either a manual or automatic acceptance or rejection.

Additional e-mail addresses can be added to the resource, for example to notify the company’s facility manager which meeting rooms are reserved and which are free.

Restore Account

The Restore Account procedure allows you to restore the contents and preferences of a mailbox in the exact status when it was deleted.

When a Restore Account starts, a new account is created (the Destination Account), and all the items existing in the source account at the moment of the deletion are recreated in the destination account, including the folder structure and all the user’s data. All restored items will be created in the current primary store unless the Apply HSM Policy after the restore box is checked.


When restoring data on a new account, shared items consistency is not preserved. This is because the original share rules refer to the original account’s UUID, not to the Destination Account, which has a completely different UUID.

To start the procedure, type an e-mail address in the text-field or select an account from the list.

Then, click on the CONFIG tab and select the options to apply for the Restore:

  • To which date and time to restore the account

  • Whether to use the last available status of the account

  • If External Data Sources should be restored

  • Select an e-mail to which send a notification of the successful restore.


    This could be the alternate e-mail of the user whose account is being restored.


This section is used to configure the Global e-mail server.

Global Servers

The lists of all configured server and buckets are shown here.

Server Details

In the Server Details section it is possible to select a server, check its currently used volumes and assign new ones, and finally configure HSM policies.

Data Volumes

After you selected the server, the volumes it currently uses are shown, along with a few configured options. To add a new Volume, click on the NEW VOLUME button.

In the dialog window, provide the basic information of the new volume in the first tab: The allocation type, name, and path.

The second tab depends on the allocation:

  • Local: decide whether this is a primary, secondary, or index volume, select a compression threshold if necessary, and finally if this will become the new current volume.

  • External, Sproxy, Centralized: primary, secondary, or index volume, select the type of Object Storage and a prefix to identify the volume. You can set this volume as Centralized, which proves useful in case it will be shared by multiple servers.

HSM Settings

HSM settings are policies for automatically processing objects in the mailstore: e-mails, documents, contacts, and events.

HSM Policies can be scheduled to be run automatically at given times and days; after this operation, deduplication can be enabled to save space in case of duplicated items, by keeping only one copy of an item.

Create a New Policy

The dialog that opens after clicking the NEW VOLUME button allows to create a new HSM policy in a few steps.

Step 1. Policy settings

In this step, first select to which items the policy will be applied.


A click on the All checkbox toggles all items at once.

The policy can be applied on the size of the items or on a time interval. in our example, we remove all messages older than 7 days whose size is larger than 20Mb.

Step 2. Select Volumes

We now chose the volumes to which the policy is applied. By default, all the primary volumes are selected. While it is possible to manually specify the volumes from the list, we do not change this.

Step 3. Create Policy

The last stop shows the settings for review. You can go back to change any options or create the policy.


Class of Services (COS)

A COS determines which items can be accessed by a web client and how, setting default for a number of options. A users that belongs to that COS may later change some of these options from the Settings page on the web client.

To create a COS, click the CREATE NEW COS button and enter a name. You can then configure all the options from the left-hand side menu.


Features are settings that allow the user to access the most used functionalities of Carbonio CE.


Preferences consist of generic options for the various components (Mails, Calendar, Contacts).

The first is the default language to be used by the members of the COS, which includes also the locale, The remaining options concern the appearance of Carbonio CE in web clients (for example, if e-mails are displayed as conversations, or the calendar shows a month or a work week) and governs the behaviour of some tasks carried out by the user, whether new e-mail contacts are added automatically to Contacts, or how often to check for new e-mails.

Server Pools

In this page it is possible to select on which servers new users can be added to the COS.


If only one server has been defined, no choice is possible.


The Advanced Option allow to configure the user quota, data sources, proxy settings, passwords, and more.

The user quota, is a set of options that limit how much space a user can occupy on the server, or how many contacts he can have. It also encompasses the option to send periodic notifications when the user space raises over a given threshold.

The Data sources, also called polling intervals, allows to define of often to contact the Carbonio CE infrastructure to update e-mails and calendar. One option allows also to define the shortest interval for polling, that will be used if no other one is configured.

Proxy settings are used to allow domains to be proxyed.

The Password settings permit to tune the length, characters, and duration of the user passwords. It is also possible to reject common passwords.

The Failed Login Policy allows to define the behaviour of Carbonio CE when a user fails a log in. A typical policy can lock out the user for one hour when three consecutive login attempts fail within 30 minutes.

The Timeout Policy concern the duration of the token’s validity.

The Email Retention Policy define how long e-mail will be stored before being automatically deleted.


A few options about the involvement of customers with Zextras and how they can help evolve and shape Carbonio CE’s functionalities. It is important to highlight how all information sent to Zextras are anonymous and only contain technical data that help the development teams improve the product. These options are available:

  • Send full error data. This option will create a detailed report of a bug or software failure which includes the actual configuration and log files that will help developers to better identify the problem

  • Allow data analytics. Usage data are collected and sent to the Zextras developers to help them understand which are the most used Carbonio CE features and improve them.

  • Allow surveys for feedback. When active, the user is invited to participate to surveys that will help Zextras understand which are the user needs and address them.


The Notification tab allows to see all notifications that have been sent by Carbonio about its status. By default, all notifications are shown; clicking the tabs above the top-right of the list will show only notification marked as Information, Warning, and Errors, in increasing order of severity.

When a notification is selected, its status (read or unread) can be toggled and its whole content can be copied as a text message.