The Manage Domains page contains options to configure accounts, mailing, and generic resources.


The list of all account in the domain is present here, along with information on their type and status.

The list can be filtered using the text field above the list, while a new account can be created using the + button.

A click on any account will open a new panel that contains a number of information and options, including the name and aliases, if present, its status (see below), and creation date. The aliases can be easily managed by clicking the MANAGE ALIAS button: in the opening dialog window, select a domain and a new alias, then click + to add the alias to the user.

On the panel’s top right corner, buttons allow to edit or delete the user, and also to redirect to the user’s mailbox.

When editing a user’s account, most of the option are the same that can be found in the Create New Account section and are organised in tabs. Options defined in the user’s COS are inherited, but can be modified for any individual user.


The values that have been modified are accompanied by a circular arrow icon. If you hover on that icon, you will see the inherited value, while if you click on it you will restore the COS value.

This tab contains all the options provided during the account creation, plus other options, including:

  • The ability to prevent the user from changing the password


    An Admin can not change the password of a user, only wipe it, so the user is forced to change it on the next login attempt.

  • To remove the user’s password from LDAP

  • The Distribution List memberships

  • To move a user to another domain, which must be defined on the same server, by writing the new one in the Domain Name

At the bottom, it is possible to see all the user’s open sessiona, which can be terminated by selecting one and clicking END SESSION button on the top right of the list.

Data in this tab represent the user’s phones, company, and address. They can be managed by both the user and the Administrators.

The options listed here allows to specify forwarding addresses and to prevent e-mail messages to be saved locally, if these operations are allowed by the administrator. Values for these options can be set from the CLI: please refer to section Setting Features from CLI for more information.

The preferences in this tab concern how a user sees or interacts with the e-mails (receive, sending, composing, adding a signature) and are mostly inherited from the COS.


Signatures can not be assigned to Resources.

Options present here allow to manage the account security: OTP and policies for password and failed login. New application passwords and OTP tokens can be created to allow the user to login by using a QR Code; a policy can set to force the user to select a secure password and the type of characters to be chosen. Forgotten password, if enabled, allows a user to receive a token to temporarily access the webmail, by sending a token to the recovery address specified in the textfield next to the option. The Failed login policy determines how the system behaves when a user fails too many consecutive logins.

By toggling the Global Administration switch you can promote or demote the user to Global Administrator or vice versa.

At the bottom of the panel, a list of the active sessions appears: for example, if a user has logged in from three different devices and never logged out, three sessions will appear. When selecting one of them, clicking the END SESSION button will close that session.

Account statuses

A user account can be in one of the following statuses.

  1. Active. The account is enabled and ready for everyday operations: the user can log in and send and receive e-mails.

  2. Under Maintenance. This state occurs during maintenance operations on the domain or account: backup, import, export, restore. The user can not login, e-mails are queued on the MTA.

  3. Locked. The account can not be accessed by the user, but incoming e-mails are still delivered. This status can be set for example if the user violates the terms of service or if the account has been cracked

  4. Closed. The user is not allowed to log in, incoming e-mails are rejected.

  5. Pending. This status is usually seen during the account creation, when it is not yet active. User can not log in, incoming e-mails are rejected.

  6. LockOut. This is the only status that can not be set. It is applied automatically when the log in attempts fail for a given number of times. It is a preventive measure to avoid unauthorised access of brute force attacks. The account will not be accessible for a given interval (“lockout period”)


    Both the number of failed attempts and the lockout period can be configured.

Create New Account#

In order to create a new account, click the + button: a dialog window opens and allows you to set up the basic configuration of the new account.

Create New Account John Smith

Fig. 5 Account creation interface#

We create the first account for the CEO of ACME Corporation and provide the following data.

  • Name, Middle Name Initials, and Surname will be used to define the user name. We use only Name (John) and Surname (Smith), which result in the JohnSmith username.

    If the name or surname contain non-ASCII characters, an automatic mapping will be enforced: for example, ä, à will become a. When there is no mapping available, message Auto fill user is disabled will be displayed: in this case, the username must be filled manually. This is the case for example, for letters using diacritics, cedillas or German’s ß.


    You can change the automatically generated username at will, for example to match company policies.

  • Password is the one used by John for the first login only

  • User will change password on the next login requires that John, after the first log in (and before accessing his mailbox) must change the password.

We also explicitly configure the Account Status (see the list of possible values), but do not change the Default COS. Click the CREATE WITH THESE DATA button to create the account


When assigning a COS to a user, all the values defined in that COS will be inherited by the user. They can be later changed on a user basis later, when editing the account.

Create New Global Admin#

To create a new Admin, you need first to create the account, as explained in the previous section. We give this account the acme_admin name.

Then, from the account list, select the new account, then click the pencil icon to edit it.


Fig. 6 Create a new Global Admin.#

To make acme_admin a Global Admin, in the Admnistration tab and click the switch with label Global administration, then save. The acme_admin user is now able to access the Carbonio Admin Panel.

Distribution List#

Distribution lists can be simply created by clicking the + button to open a tabbed modal dialog in which to configure it.

In the first tab you can give a name, an address, and a description to the distribution list; if you want a dynamic mode, that automatically populates the list’s members, refer to section Dynamic Mode.

In the second add Members by simply writing the e-mail addresses in the test field.


E-mail addresses are auto-completed while typing.

In the third tab, advanced settings can be configured, including the option to notify new members that they have been added to the list and the presence of the distribution list in the GAL. Owners can be added to the list: they will see the lists of which they are owners in a dedicated menu item, where they can edit some details and the members (see Section Distribution lists).

The last tab recaps the settings: now you can either go back to any of the previous tabs and change some of the settings, or proceed to create the distribution list.

Once a distribution list has been created, it can be further configured by adding aliases, which work like e-mail accounts, changing the description, notes, and members, and granting selected users the permission to send e-mails to the distribution list or making them Owners

Dynamic Mode#

Distribution list’s Dynamic Mode allows the automatic management of members. Indeed, each Dynamic Distribution List is identified by a name and by a unique Distribution List URL, which is an LDAP query that automatically populates the members of the Distribution List.

To create a Dynamic Distribution List, the procedure is similar to the normal Distribution Lists: click the + button and provide a Displayed Name name and list Name, then click the Dynamyc Mode switch to access more options, including the Distribution List URL, which is mandatory. You can also make the list Hidden from GAL and add owners to the list, who can manage the configuration of the list.

Advanced options, like subscription and unsubscription options are available after the creation of the Dynamic Distribution List, when editing it.


A Resource is a generic object that can be assigned an e-mail address, but, unlike other regular accounts, they do not need any signature, so you can not specify one. A typical example of a Resource is a meeting room: to reserve the room, send an e-mail to the room’s e-mail address.

A policy can be assigned to Resource, to determine how to react to the booking request, either a manual or automatic acceptance or rejection.

Additional e-mail addresses can be added to the resource, for example to notify the company’s facility manager which meeting rooms are reserved and which are free.