The Domain page allows the management of domains and of related settings, including individual accounts, user quota and authentication, mailing lists, and more.

The following sections are available in the page: global settings, domain details, and domain management.

Create New Domain

To create a new domain, fill in the form that opens upon clicking the CREATE button.

Options for Domain acme.example

Two types of options are available during the creation of a new domain:

  • General information

    The only mandatory data to supply it the domain name, which is its FQDN. All other data are optional and can be set at a later point.

    Important options that can be configured during the domain creation are the total number of accounts that can be managed for the domain and the e-mail quota. Also a description can be added.

  • GAL settings

    Except for the GAL mode, currently only Internal, it is possible to define the account used to synchronise GAL information, the mail server used, which must be on the same domain (or in a compatible one, i.e., in a valid alias URL, see Virtual Hosts below).

The image below shows how a sample domain is created.


Further configuration option for the domain, including how to configure authentication and accounts in the domain, can be found in the Domain Details section.



Global settings concern the appearance of Carbonio and allow to customise various option that will influence how the Carbonio web interface appears to the web clients.


These setting are applied to all the domains configured; if you want to customise the appearance, please change the settings under Domains ‣ Details ‣ Theme.

All the resources used for White Labelling must have a valid URI and must be reachable from Carbonio.

In case the resources are hosted on an server external to the Carbonio infrastructure, make sure that server’s SSL certificate is valid and has not expired, and its FQDN is valid and resolvable from Carbonio (from the Proxy Node in case of a Multi-Server).

You can safely use the Carbonio’s Proxy Node to expose those resources, by uploading them into a directory called for example /opt/zextras/web/custom/ (create it if does not exist yet) and using the URL https://<Carbonio_hostname>/static/custom/, where <Carbonio_hostname> is the FQDN of the Single-Server or of the Proxy Node in a Multi-Server.

Moreover, in a Multi-Server featuring multiple Proxy Nodes, it is mandatory to keep in sync the resources on all the Proxies instances.

Light/Dark mode

The light mode features a white-based colour combination for the Carbonio login page and GUI, while the dark mode has a black-based colour combination.

Primary colours Light and Dark mode

Select the primary colour that will used in either Light or Dark mode, using an HEX (HTML) value. The secondary colour will be automatically computed.

Title & Copyrights Information

The title is the string that will appear on the client’s tab, while the copyrights information will appear at the bottom of the panel in the login page.

Logo on the login page

This is the logo that appears on the login mask of Carbonio at the top of the panel in the login page. There are different dimensions and ratios for the Admin and End User logos.


Each login logo must adhere to the following suggested requirements.

  • The preferred format is SVG

  • The logo must have a transparent background

  • For a correct display of the logos, please respect the aspect ratio indicated and (in the case of raster images) respect dimensions as close as possible to the default ones

    • Admin: ratio 7:1, default 340x47 pixel

    • End user: ratio 4:1, default 340x85 pixel

Logo in the WebUiApp

This logo appears:

  1. on the main page after a successful login, is displayed on the upper left corner.

  2. in video calls: before starting and after terminating the call and during the call, in the top right corner

There are different dimensions and ratios for the Admin and End User logos.


Each WebUiApp logo must adhere to the following suggested requirements.

  • The preferred format is SVG

  • The logo must have a transparent background

  • For a correct display of the logos, please respect the aspect ratio indicated and (in the case of raster images) respect dimensions as close as possible to the default ones

    • Admin: ratio 5:1, default 150x30 pixel

    • End user: ratio 8:1, default 250x31 pixel


The favicon will be displayed next to the tab’s name and in browser notifications, if they have been activated in your browser.


The favicon must adhere to the following maximum requirements.

  • The format must be ICO

  • The dimensions must be 64x64 pixel, with ratio 1:1 (i.e., it must be square)

Background for the Login Page

The background image for the login page is displayed behind the login panel during the login phase, You can choose one image for the light mode and one for the dark mode.


The images used for the background must adhere to the following maximum requirements.

  • The format must be JPG

  • The dimensions must be at least 1920x1050 pixel, with ratio 16:9

  • The size must be 800 Kb

All customisations can be removed at once by clicking the RESET button.

Domain Details

In the various subsection present in Domain Details, it is possible to refine the configuration of the domain. Values for most of the options (for example the Time Zone), if not specified for a given domain, are inherited from the main domain defined.

General Settings

General setting influence the basic domain configuration; most of them appear during the creation of the domain. Additional options allow to define the time zone, the use of HTTP or HTTPS protocol (we suggest using always the latter), and a mail server used for spam-relay purposes.

Moreover, a default COS and its status can be attached to the domain.

COS statuses

A COS can be defined for a whole domain or an account and determines its status, that is, its ability to log in to the domain and access the e-mail. If the domain COS and a user’s COS differ, the resulting status of the account is shown. Each COS can be defined with one of the following five values.

  1. Active. The COS is enabled, therefore the domain and its accounts can be used for everyday operations.

  2. Closed. The domain is shut down, no access is granted, and all incoming e-mails are rejected.


    This status overrides the individual accounts COS status.

  3. Locked. In this state, user access is not possible, unless individual accounts are marked as Active. Incoming e-mails are regularly delivered to the accounts.

  4. Maintenance. Users can not log in, their incoming e-mails are not delivered but are kept in a queue by the MTA. If the account’s status is closed, it overrides the domain status setting, that is, the user’s incoming e-mails are rejected.

  5. Suspended. A status similar to maintenance, with the difference that no accounts or distribution lists can be changed. If the account’s status is closed, it overrides the domain status setting, that is, the user’s incoming e-mails are rejected.

We build on the domain created in previous section and attach some property.

Additional settings for acme.example

We assign now the following properties to our sample domain.

  1. Public Service Protocol. Force clients to connect only using https.

  2. Public Service Hostname. It is the FQDN (mail.acme.example) used by clients to connect to the domain. It must be defined as an A record in the domain’s DNS.

  3. The Time Zone is set to Hawaii’s time

  4. Inbound SMTP Host Name. Set to smtp.acme.example, its the URL of an SMTP server that is used for spam training.

  5. Default Class of Service. The COS used by the domain, which is left to the default one.


At the bottom of the page, button DELETE DOMAIN allows to delete the domain. When clicked, a dialog will open, listing all items defined on the domain (Accounts, mailing lists, resources, and so on) and that will be deleted together with the domain. Two choices are available: to Close the domain, keeping all items but preventing access, or Remove the domain and all its items.


The removal of the domain is an operation that can not be undone: all the items are gone forever.

Global Access List

A GAL is a special account (“GALSync Account”) that contains all e-mail accounts configured on the server and provides the ability to quickly search e-mail addresses, for example when composing an email or adding participants to an event in the Calendar. A GAL can be internal when configured on Carbonio, external (when configured on the LDAP used by Carbonio, or both. In this page you see the email-address of the GALSync account, you can change it from external to internal, or vice versa, or both. you can also remove it, create it if missing, and change some of its options.

The GALSync account is updated regularly, according to the interval specified in the Settings section of the page.

Virtual Hosts & Certificate

A Virtual Host is an alternative name given to a domain that can be used to access the same domain. To be able to use the virtual host, the name must be registered on the domain’s DNS with an A record. Users can then log in to the domain using only their usernames, without the domain.

To each virtual host you can associate an SSL certificate. Carbonio supports the upload of multiple SSL domain certificates from the Carbonio Admin Panel and associate them to different domains, a procedure that requires only a few steps.


The generation of server-side certificates directly on Carbonio and the management of wildcard certificate are tasks that can be carried out from the CLI only: check out section Deploy an SSL Certificate if you need to use either of them.

Select the virtual host, then click LOAD AND VERIFY CERTIFICATE. In the dialog, you can choose whether to enter the three files of the authorisation chain (i.e., the Domain Certificate, the Certificate CA Chain, and the Private Key) in the first or copy the content of the individual files in the appropriate fields. Click VERIFY to verify the certificates: if everything is correct, notification The certificate is valid will appear. To use the certificate, click the I WANT TO USE THIS CERTIFICATE button to upload and use the certificate. Again, a notification will be shown (The certificates have been saved). To complete the procedure: if you are on a Single-Node, restart it otherwise you need to restart the node on which the Proxy is installed;

You can REMOVE or DOWNLOAD the certificates by clicking the appropriate button above the certificates themselves.

Mailbox Quota

These settings allow to define a maximum limit (in bytes, with 0 meaning no limit) for the space used by each account and by the entire domain. It is also possible to set a value that, when reached, will send a warning by e-mail to a given address. The values configured here are inherited by all accounts that will be created, but can be overridden on a per-user basis.

To ease monitoring user’s quota, the bottom of the page contains a list of accounts and of their used quota.


These setting are the same that appear in the Global Theme section, but are domain-specific: if not defined at domain level, the global theme settings will be applied.


The management of SAML access to Carbonio is carried out from this page.

See also

The same SAML configuration tasks can be carried out from the CLI, please refer to Section Setting up SAML Configuration.

At the top of the page, two buttons allow to copy the ENTITY ID and SERVICE URL of the current Carbonio, which are required to carry out the configuration on the SAML IDP provider’s side: click each of them to paste the respective value and generate the configuration.

Once the configuration has been carried out, it is possible to copy its URL and paste it in the textfield. Click the Allow Unsecure if the configuration URL uses HTTP and not HTTPS. Click IMPORT to import the configuration.

The three button below allow to generate the SP certificate to configure the logout from the IDP and to export or delete the current configuration.

The procedure to follow for the complete logout from the IDP is described in detail in the CLI Section Configure SAML Logout. You can accomplish the same goal from the Carbonio Admin Panel by writing in the two bottom textfields the variables mentioned in that section and their corresponding value, then clicking the ADD button. Remember also to add the SP certificate to the IDP’s configuration.

Manage Domains

The Manage Domains page contains options to configure accounts, mailing, and generic resources.


The list of all account in the domain is present here, along with information on their type and status.

The list can be filtered using the text field above the list, while a new account can be created using the + button.

A click on any account will open a new panel that contains a number of information and options, including the name and aliases, if present, its status (see below), and creation date. The aliases can be easily managed by clicking the MANAGE ALIAS button: in the opening dialog window, select a domain and a new alias, then click + to add the alias to the user.

On the panel’s top right corner, buttons allow to edit or delete the user, and also to redirect to the user’s mailbox.

When editing a user’s account, most of the option are the same that can be found in the Create New Account section and are organised in four tabs:

This tab contains all the options provided during the account creation in the Details and Create steps, plus other options, including the ability to prevent the user from changing the password and remove the user’s password from LDAP.

This tab also shown of which Mailing list the user is member.

The options listed here allows to specify forwarding addresses, to prevent e-mail messages to be saved locally, and to enable ActiveSync, if these operations are allowed by the administrator. Values for these options can be set from the CLI: please refer to section Setting Features from CLI for more information.

The preferences in this tab concern how a user sees or interacts with the e-mails (receive, sending, composing, adding a signature) and are mostly inherited from the COS.


Signatures can not be assigned to Resources.

Options present here allow to manage the account security: OTP and policies for password and failed login. New application passwords and OTP tokens can be created to allow the user to login by using a QR Code; a policy can set to force the user to select a secure password and the type of characters to be chosen. The Failed login policy determines how the system behaves when a user fails too many consecutive logins.

In this tab it is possible to define for which other accounts or groups this account is responsible and which permissions (“Rights”) are granted. The first setting allow to define whether to save or not a copy of the sent messages and where: only in delegated account’s folder or also in the delegate’s folder.

The bottom part of the tab can be seen as either a Simplified View or and Advances View and allows to define permissions of the delegated people. There are small differences in the two views, the most relevant is how to set the permission.


Details on the rights that can be granted can be found in the box below.

In the Simplified View, select a user or group, then the permission and click the ADD THE ACCOUNT button to add it as a delegate. The delegated accounts will appear at the bottom of the tab.

In the Advanced View, a three steps procedure (SELECT MODE, SET RIGHTS, and ADD) guides you to complete the same task. The last step, similarly to the other guided procedures in the Carbonio Admin Panel, allows to review the settings before saving them.


The user who delegates and the user who is the delegated can not share the same account; in other words, it is not possible to add as a delegated user the same account of the user who is delegating.

Available Delegate’s Rights

The Rights that can be granted to a user are basically to read, write, and send emails, and to access e-mails folders. Rights can be granted when editing an account, in the dedicated Delegates tab. Rights can be granted using a Simplified or an Advanced method.

The Simplified method permissions are granted using checkboxes:

  • read, access with no permission to change

  • read/write, full read and write permission

  • send, the recipient will see as sender the selected user

  • send on behalf, similar to the previous. the recipient will see the the sender’s e-mail preceded by the string On behalf of

In the Advanced method, rights are given in a slight different way and can be defined in a more granular way. In the SET RIGHTS step it is possible to grant the following rights: Send Mails only, Read Mails only, Send and Read Mails, Manage and Send, Read, and Manage Mails (all of the above). Depending on the choice, the bottom part will show additional options, according to the following table.


Additional options

Send Mails only

Send, Send on Behalf of

Read Mails only

folders to share

Send and Read Mails

Send, Send on Behalf of; folders to share


Folders to share

Send, Read, and Manage Mails

Send, Send on Behalf of; folders to share

At the bottom of the panel, a list of the active sessions appears: for example, if a user has logged in from three different devices and never logged out, three sessions will appear. When selecting one of them, clicking the END SESSION button will close that session.

Create New Account

In order to create a new account, click the + button. You will enter a three-step procedure that guides you in the initial account configuration.

Step 1: Create New Account John Smith

We create the first account for the CEO of ACME Corporation and provide the following data.

  • Name, Middle Name Initials, and Surname will be used to define the user name. We use only Name (John) and Surname (Smith), which result in the JohnSmith username.


    You can change the automatically generated username at will, for example to match company policies.

  • Password is the one used by John for the first login only

  • Must change password on the next login requires that John, after the first log in (and before accessing his mailbox) must change the password.

We also explicitly configure the Account Status (see the list of possible values).

Step 2: Confirm Account John Smith

This dialog window recaps the values entered in the previous step. Go back to change

(Optional) Step 3: Send OTP to John Smith

The last step is optional: here you can create an OTP code for John Smith, that he can use to access his account.

Account statuses

A user account can be in one of the following statuses.

  1. Active. The account is enabled and ready for everyday operations: the user can log in and send and receive e-mails.

  2. Under Maintenance. This state occurs during maintenance operations on the domain or account: backup, import, export, restore. The user can not login, e-mails are queued on the MTA.

  3. Locked. The account can not be accessed by the user, but incoming e-mails are still delivered. This status can be set for example if the user violates the terms of service or if the account has been cracked

  4. Closed. The user is not allowed to log in, incoming e-mails are rejected.

  5. Pending. This status is usually seen during the account creation, when it is not yet active. User can not log in, incoming e-mails are rejected.

  6. LockOut. This is the only status that can not be set. It is applied automatically when the log in attempts fail for a given number of times. It is a preventive measure to avoid unauthorised access of brute force attacks. The account will not be accessible for a given interval (“lockout period”)


    Both the number of failed attempts and the lockout period can be configured.

Mailing List

Mailing list can be simply created by clicking the + button to open a tabbed modal dialog in which to configure the mailing list.

In the first tab you can give a name, an address, and a description to the mailing list; in the second add Members by simply writing the e-mail addresses in the test field.


E-mail addresses are auto-completed while typing.

In the third tab, advanced settings can be configured, including to limit the members that are allowed to send e-mails to the list, the policies for subscription and unsubscription requests, and the owners of the mailing list,

The last tab recaps the settings: now you can wither go back to any of the previous tabs and change some of the settings, or proceed to create the mailing list.

Once a mailing list has been created, it can be further configured by adding aliases, which work like e-mail accounts, changing the members and owners, and granting selected users the permission to send e-mails to the mailing list.


A Resource is a generic object that can be assigned an e-mail address, but, unlike other regular accounts, they do not need any signature, so you can not specify one. A typical example of a Resource is a meeting room: to reserve the room, send an e-mail to the room’s e-mail address.

A policy can be assigned to Resource, to determine how to react to the booking request, either a manual or automatic acceptance or rejection.

Additional e-mail addresses can be added to the resource, for example to notify the company’s facility manager which meeting rooms are reserved and which are free.

Restore Account

The Restore Account procedure allows you to restore the contents and preferences of a mailbox in the exact status when it was deleted.

When a Restore Account starts, a new account is created (the Destination Account), and all the items existing in the source account at the moment of the deletion are recreated in the destination account, including the folder structure and all the user’s data. All restored items will be created in the current primary store unless the Apply HSM Policy after the restore box is checked.


When restoring data on a new account, shared items consistency is not preserved. This is because the original share rules refer to the original account’s UUID, not to the Destination Account, which has a completely different UUID.

To start the procedure, type an e-mail address in the text-field or select an account from the list.

Then, click on the CONFIG tab and select the options to apply for the Restore:

  • To which date and time to restore the account

  • Whether to use the last available status of the account

  • If External Data Sources should be restored

  • Select an e-mail to which send a notification of the successful restore.


    This could be the alternate e-mail of the user whose account is being restored.