This screen designates the default settings for the Domain Manager's Webmail Settings screen. When a user signs in to Webmail, these options govern how various Webmail features initially work for that user. Many of these settings can then be customized by the user via the Options pages within Webmail.
Default MDaemon Webmail Settings
Language
Use the drop-down list box to choose the default language in which the Webmail interface will appear when your users first sign in to the selected domain. Users can change their personal language setting on the Webmail Sign-in page, and through an option in Options » Personalize within Webmail.
Default to the user's browser language
When this box is checked, Webmail users will have their language set to their browser language instead of the default Language setting above. Note: This option is only available in MDRA.
Theme
Use this drop-down list box to designate the default Webmail theme to used for users whenever they sign in for the first time. The users can personalize the theme setting from Options » Personalize within Webmail.
Date format
Use this text box to designate how dates will be formatted within Webmail. Click the Macros button to display a list of macro codes that can be used in this text box. You can use the following macros in this control:
%A — Full weekday name
%B — Full month name
%d — Day of month (displays as "01-31")
%m — Month (displays as "01-12")
%y — 2-digit year
%Y — 4-digit year
For example, "%m/%d/%Y" might be displayed in Webmail as "12/25/2011".
Macros
Click this button to display the list of macro codes that can be used in the Date format.
Send read confirmations?
This option governs how Webmail will respond to incoming messages that contain a request for read confirmation.
always
If this option is selected, MDaemon will send a notification to the sender indicating that the message was read. The Webmail user who received the message will not see any indication that the read confirmation was requested or responded to.
never
Choose this option if you want Webmail to ignore read confirmation requests.
prompt
Select this option if you wish to ask Webmail users whether or not to send a read confirmation each time a message is opened that requests it.
Display time using AM/PM
Click this option if you want a 12-hour clock with AM/PM to be used within Webmail for times displayed. Clear the check box if you want to use a 24-hour clock. Individual users can modify this setting via the "Display my hours in an AM/PM format" option located on the Options » Calendar page within Webmail.
Empty trash on exit
This option causes the user's trash to be emptied when he or she signs out from Webmail. Individual users can modify this setting from the Options » Personalize page within Webmail.
Use advanced compose
Check this box if you want users to see the Advanced Compose screen in Webmail rather than the normal Compose screen by default. Individual users can modify this setting from Options » Compose within Webmail.
Save messages to 'Sent' folder
Click this option if you want a copy of each message that you send to be saved in your mailbox's Sent folder. Individual users can modify this setting from the Options » Compose page within Webmail.
The image blocking options can be used to help with security and spam prevention, because many spam messages contain images with special URLs that can help the sender identify things about the recipient, such as the validity of their email address, their location, the time the message was viewed, the platform being used, and so on. Note: These options (except "Block HTML images") are only available in MDRA.
Block HTML remote images in spam and messages that fail DMARC, DNSBL, or SPF authentication
Enable this check box if you wish to prevent remote images from being displayed automatically in HTML email messages in Webmail when the message failed DMARC, DNSBL, or SPF authentication. In order to view the images the user must click the bar that appears above the message in the browser window.
Block HTML images
Enable this check box if you wish to prevent remote images from being displayed automatically when viewing HTML email messages in Webmail. In order to view the images the user must click the bar that appears above the message in the browser window. This option is enabled by default.
Always Block HTML remote images
This option is like the "Block HTML remote images in all messages" option above, except the user has no option to view the images. When replying to or forwarding messages, it also prevents the original email's images from being displayed in the compose view.
Image Blocking Conditions
Note: These options are only available in MDRA.
...except when the From header matches a contact in the domain's or user's Allowed Senders contact lists
Check this box if you do not want the image blocking options to apply when the message's From header matches a contact in the domain's or user's Allowed Senders contact list. However, if "Always Block HTML remote images" is enabled, messages from addresses in the user's Allowed Senders list will still have their remote images blocked; this exception will only apply to messages from someone in the domain's Allowed Senders list. Note: This option is only available in MDRA.
Also Block HTML inline images
Use this option if you also wish to apply the image blocking options to inline/embedded images.
Disable hyperlinks in spam and messages that fail DMARC, DNSBL, or SPF authentication
By default, when a message is flagged as spam or fails DMARC, DNS-BL, or SPF verification, any hyperlinks contained in the message will be disabled. Clear this checkbox if you do not wish to disable links in those messages. Note: This option is only available in MDRA.
...except when the From header matches a contact in the domain's or user's Allowed Senders contact lists
Check this box if you wish to exempt flagged messages from hyperlink disabling when the message's From header matches a contact in the domain's or user's Allowed Senders contact lists. Note: This option is only available in MDRA.
Use HTML editor when composing new messages
Check this box if you want users to see the HTML compose editor by default in Webmail. They can control this setting for themselves from Options » Compose within Webmail.
Enable password recovery
If enabled, users who have permission to edit their password will be able to enter an alternate email address in Webmail, which can be sent a link to reset their password if they forget it. To set up this feature, users must enter both the password recovery email address and their current password in Webmail on the Options » Security page. Once set, the "forgot password?" link on the Webmail sign-in page will take them to a page to confirm their password recovery email address. If entered correctly, an email will be sent with a link to a change password page. This feature is enabled by default.
You can enable or disable this option on a per-user basis by adding the following key to a Webmail user's user.ini file (e.g. \Users\example.com\frank\WC\user.ini):
[User]
EnablePasswordRecovery=Yes (or "=No" to disable the option for the user)
Allow Two Factor Authentication Remember Me (also applies to Remote Admin)
When someone uses Two-Factor Authentication (2FA) when signing in to Webmail or Remote Admin, there is ordinarily a Remember Me option available to the user on the 2FA authentication page, which will prevent the server from requiring 2FA again from that user for a set number of days (see the "Enable Remember Me" option below). Clear this checkbox if you do not wish to display the 2FA Remember Me option, which means all users with 2FA enabled will have to enter a 2FA code every time they sign in. Note: This option is only available in the MDaemon Remote Administration (MDRA) web-interface.
Enable Remember Me
Check this box if you want there to be a Remember Me checkbox on the MDaemon Webmail sign-in page when users connect via the https port. If users check this box at sign-in, their credentials will be remembered for that device. Then any time they use that device to connect to Webmail in the future they will be signed in automatically, until such time that they manually sign out of their account or their Remember Me token expires.
By default, user credentials are remembered for a maximum of 30 days before the user is forced to sign in again. If you wish to increase the expiration time then you can do so by changing the value of the Expire Remember Me tokens after this many days option in the MDaemon Remote Administration (MDRA) web-interface. You can also change it by editing the RememberUserExpiration=30 key in the [Default:Settings] section of the Domains.ini file, located in the \MDaemon\WorldClient\ folder. The expiration value can be set to a maximum of 365 days. Note: Two-Factor Authentication (2FA) has its own Remember Me expiration key (TwoFactorAuthRememberUserExpiration=30), located in the [Default:Settings] section of the Domains.ini file, located in the \MDaemon\WorldClient\ folder. Therefore 2FA will again be required at sign-in when the 2FA Remember Me token expires, even if the regular token is still valid.
The Remember Me option is disabled by default and applies to all of your domains. If you wish to override this setting for specific domains then use the Remember Me setting located on the Domain Manager's Webmail screen.
Because Remember Me allows users to have a persistent login on multiple devices, users should be discouraged from using it on public networks. Further, if you ever suspect that an account may have had a security breach, in MDRA there is a Reset Remember Me button that you can use to reset Remember Me tokens for all users. This will require all users to sign-in again. |
Enable Documents Folder
The Documents Folder is available for your Webmail users by default. This option controls the default state of the domain-specific option of the same name located on the Domain Manager's Webmail page. If you change that setting for a specific domain then it will override this global setting for that domain. Note: This option and the Document Links options below are only available in the MDaemon Remote Administration (MDRA) web-interface.
Allow users to create temporary links to personal documents
When this option is enabled, users will be able to create links to personal documents, which can be shared with anyone. Links older than 30 days are automatically purged.
View Document Links
Click this button to display the Document Links page, which contains a list of all active document links. From that page you can revoke any link you choose. Links older than 30 days will be revoked automatically.
Push client signature
Check this box if you wish to push the Default Client Signature to Webmail users. In Webmail, this will create a signature called "System" under the signature options at: Options » Compose. Users can then choose to have this signature automatically inserted into the compose view when composing a new message. If you wish to customize or enable/disable the client signature for specific domains, use the Domain Manager's Client Signatures and Webmail options.
Allow user-created signatures
Check this box if you wish to allow users to create their own custom signatures in Webmail. Users can then choose which signature they wish to insert into the compose view automatically when composing messages. When you do not allow user-created signatures, but the Push client signature option above is enabled, only the Client Signature (i.e. the "System" signature in Webmail) can be inserted automatically. In Webmail, the signature options are located at: Options » Compose.
Allow users to edit their alias display names
Check this box if you wish to allow users to edit the display name of any alias associated with their account. They can do this by using the Edit Alias Display Names option, located in Webmail's Pro Theme, under Settings » Compose. This option is disabled by default. Note: This option is only available in the MDaemon Remote Administration (MDRA) web-interface.
Enable AI message features
Check this box if you wish to enable support for MDaemon's AI Message Features in MDaemon Webmail for all of your domains. You can override this setting for specific domains using the option of the same name located on the Domain Manager's Webmail Settings screen. Note: enabling AI Message Features support for a domain does not grant all of that domain's users access to the features. You must activate the Enable AI message features option on the Account Editor's Web Services screen for any user you wish to allow to use them. Alternatively, you can use the Account Templates and Groups features to assign users to a group that has access to the AI message features. See: "Webmail's AI Message Features" below for important information and cautions about using these features.
Message listing shows this many messages per page
This is the number of messages that will be listed on each page of the Message Listing for each of your mail folders. If a folder contains more than this number of messages then there will be controls above and below the listing that will allow you to move to the other pages. Individual users can modify this setting from Options » Personalize within WorldClient.
Message listing refresh frequency (in minutes)
This is the number of minutes that Webmail will wait before automatically refreshing the Message Listing. Individual users can modify this setting from Options » Personalize within Webmail.
Login failure 'Help' text (can contain HTML code)
You can use this option to specify a sentence of text (either plain text or HTML) to display on the Webmail sign-in page when a user encounters a problem signing in. The text is displayed below the following default text: "Incorrect Logon, please try again. If you need assistance please contact your email administrator." This text could be used to direct users to a page or contact info for help regarding signing in to Webmail.
Security Settings (Note: The options in this section are only available in the MDaemon Remote Administration (MDRA) web-interface.)
Allow WebAuthn at Sign-In
Check this box if you wish to allow MDaemon Webmail users to sign in utilizing the Web Authentication API (also known as WebAuthn), which gives them a secure, passwordless sign-in experience, by allowing them to use biometrics, USB security keys, Bluetooth, and more for authentication. WebAuthn is allowed by default.
Prompt users to register the current device on first sign-in
Check this box if you wish to prompt users to register their current device (phone, biometrics, etc.) for passwordless sign-in when they first sign in to their account.
Allow WebAuthn Sign-In to bypass the Two Factor Authentication page
Because WebAuthn is already a multi-factor form of authentication, using another form of Two Factor Authentication (2FA) after someone has already used WebAuthn to sign-in could be viewed as redundant or excessive by some users or administrators. You can therefore check this box if you wish to skip 2FA when someone uses WebAuthn authentication at sign-in. NOTE: Regardless of this setting, when an account is specifically set to Require Two-Factor Authentication, that account will not be able to bypass 2FA, even when using WebAuthn to sign in.
Visit: webauthn.guide, for more information on WebAuthn and how it works. |
Enable password recovery
If enabled, users who have permission to edit their password will be able to enter an alternate email address in Webmail, to which a link can be sent to reset their password if they forget it. To set up this feature, users must enter both the password recovery email address and their current password in Webmail on the Options » Security page. Once set, if the user attempts to log in to Webmail with an incorrect password a "forgot password?" link will appear. This link takes them to a page that asks them to confirm their password recovery email address. If entered correctly, an email will be sent with a link to a change password page. This feature is disabled by default.
You can enable or disable this option on a per-user basis by adding the following key to a Webmail user's user.ini file (e.g. \Users\example.com\frank\WC\user.ini):
[User]
EnablePasswordRecovery=Yes (or "=No" to disable the option for the user)
Allow Active Directory users to change their passwords through Webmail
When this box is checked/enabled, users whose accounts are set to use Active Directory authentication can use Webmail's "Change Password" option. When this option is disabled, only users whose passwords are set in MDaemon instead of Active Directory can change their password from within Webmail. The Domain Manager has an option of the same name that you can use to override this setting for specific domains.
Allow users to view passwords being typed
When this option is turned on, the password field on the Webmail sign-in page has an icon that the user can click to make the typed password visible. Clear this checkbox if you do not wish to allow the password to be seen.
Allow users to receive Two Factor Authentication verification codes over email
By default, users are allowed to enter an alternative email address into Webmail when setting up Two Factor authentication, so that they can receive verification codes via email rather than having to use the Google authenticator app. Turn off this option if you do not wish to allow verification codes via email. You can override this option separately for each of your domains by using the option of the same name on the Domain Manager's Webmail Settings page.
Two Factor Authentication verification code sent over email expires after: [xx] minutes
When receiving Two Factor authentication codes via email, this is how long the user will have to enter the code before it expires. By default this is set to 10 minutes.
Allow WebAuthn for Two Factor Authentication
Check this box if you wish to allow MDaemon Webmail users to utilize the Web Authentication API (also known as WebAuthn) for two factor authentication. WebAuthn allows users to use biometrics, USB security keys, Bluetooth, and more for authentication. WebAuthn is allowed by default for two-factor authentication.
For security, you cannot use the same authentication method for both passwordless sign-in and two factor authentication. Therefore if you wish to use both passwordless authentication and two factor authentication, choose a different authentication method for each. Visit: webauthn.guide, for more information on WebAuthn and how it works. |
Allow Two Factor Authentication Remember Me (also applies to Remote Admin)
When someone uses Two-Factor Authentication (2FA) when signing in to Webmail or Remote Admin, there is ordinarily a Remember Me option available to the user on the 2FA authentication page, which will prevent the server from requiring 2FA again from that user for a set number of days (see the "Expire Remember Me tokens after this many days" option below). Clear this checkbox if you do not wish to display the 2FA Remember Me option, which means all users with 2FA enabled will have to enter a 2FA code every time they sign in.
As of MDaemon 23.5.0, the Pro theme in MDaemon's Webmail client includes various Artificial Intelligence (AI) features to help assist your users in managing their email and increasing productivity. These features are optional and disabled by default, but can be enabled for any user you choose.
With these features, in MDaemon Webmail you can use AI to:
•Give you a summary of the contents of an email message.
•Suggest a reply to the message, according to several guidelines that you can instruct the AI to use. You can set the Tone of the reply to be professional, respectful or casual. The Position, or stance, to take in the reply can be set to interested or not interested, agree or disagree, or skeptical. The Attitude the reply should convey can be set to confident, excited, calm, or apologetic. Last, you can designate the Length of the reply, ranging from very brief to detailed.
•Assist you in composing a new email message, based on some text you have already included. As with the Suggest a Reply option above, you can also designate the Tone, Position, Attitude, and Length for the AI to use when composing the message.
The Enable AI message features option on the main Webmail Settings dialog controls whether or not support for the AI features is enabled by default for your domains. There is an option of the same name located on the Domain Manager's Webmail dialog that can be used to override that main setting for specific domains. Note: enabling AI Message Features support for a domain does not grant all of that domain's users access to the features. You must activate the Enable AI message features option on the Account Editor's Web Services screen for any user you wish to allow to use them. Alternatively, you can use the Account Templates and Groups features to assign users to a group that has access to the AI message features.
Enabling accounts to use MDaemon's AI message features allows them to submit and receive information to and from third-party generative AI services, specifically ChatGPT by OpenAI. Administrators and users should therefore be aware that this introduces several potential privacy concerns due to the feature's ability to process personal data and generate potentially sensitive information. To address privacy concerns, it’s vital for organizations to train their employees to use AI responsibly. Note: Data submitted to/from Open AI is not stored on the local server or on our network. You can find MDaemon Technologies' AI Usage Policy at our Artifical Intelligence (AI) Information Page. On that same page there is also a link to OpenAI's Terms of Use. |
There are various standard Webmail features that you can customize by editing certain files in the MDaemon\WorldClient\ folder:
You can hide the Allowed Senders and Blocked Senders folders for Webmail users by default. To do so, open MDaemon\WorldClient\Domains.ini, and under [Default:UserDefaults] change the value of "HideWhiteListFolder=" or "HideBlackListFolder=" from "No" to "Yes". You can hide or show these folders for specific users by editing those same keys in the User.ini file under the [User] section.
See:
Domain Manager » Webmail Settings