Services in Kerio Connect

Setting service parameters

You can set parameters for Kerio Connect services in the Configuration > Services section.

By default, all services are running on their standard ports.

For each service, you can:

• Specify whether the service runs automatically on Kerio Connect startup
• Add or remove listening IP addresses and ports
• Limit access to the service for specific IP addresses
• Specify the maximum number of concurrent connections. Consider the number of server users —For an unlimited number of connections, set the value to 0

Port collisions

If any service available in Kerio Connect is already running on the server, you have two possibilities:

• Change the traffic port for one of the services
• Reserve a different IP addressAn identifier assigned to devices connected to a TCP/IP network. for each instance of the service on the same port (not recommended if you reserve IP addresses dynamically, for example, via DHCPDynamic Host Configuration Protocol - A protocol that automatically gives IP addresses and additional configuration to hosts in a network.)

Service types

Each service is available in both unsecured and secured version (encrypted by SSLSecure Sockets Layer - A protocol that ensures integral and secure communication between networks.). The following sections describe individual services.

SMTP

The SMTPSimple Mail Transport Protocol - An internet standard used for email transmission across IP networks. protocol server sends outgoing email messages, receives incoming messages and messages created via mailing lists in Kerio Connect.

You can use two methods for encrypting the SMTP traffic:

• SMTP on port 25 with STARTTLS if TLSTransport Layer Security - A follower of the SSL protocol and ensures secure communication between networks. encryption is supported. The traffic on port 25 starts as unencrypted. If both sides support TLS, TLS is started via STARTTLS.
• SMTP on port 465 with SSL/TLS. The traffic is encrypted from the start.

SMTP Submission is a special type of communication which enables messages sent by an authenticated user to be delivered immediately without antispam control. Allow SMTP Submission if you use a distributed domain.

POP3

POP3Post Office Protocol 3 - A protocol used by local email clients to retrieve emails from mailboxes over a TCP/IP connection. protocol server allows users to retrieve messages from their accounts. It can be used as an alternative to IMAPInternet Message Access Protocol - One of the two most commonly used Internet standard protocols for e-mail retrieval, the other being POP3. for access messages.

IMAP

IMAP protocol server allows users to access their messages. With this protocol, messages stay in folders and can be accessed from multiple locations at any time.

NNTP

NNTPNetwork News Transfer Protocol - A transfer protocol for discussion groups over the Internet. is a transfer protocol for discussion groups over the Internet. The service allows users to use messages of the news type and use the protocol to view public folders. Public folders cannot be viewed via NNTP if their name includes a blank space or the . (dot) symbol.

LDAP

LDAPLightweight Directory Access Protocol - A protocol that enables users to access centrally managed contacts. server enables users to access centrally managed contacts. It provides read-only access — users are not allowed to create new contacts nor edit the existing ones.

If Kerio Connect is installed on a server which is used as a domain controllerA server that runs the authentication process in Microsoft Active Directory. (in Active Directory), run this service on non-standard ports or disable them.

HTTP

HTTPHypertext Transfer Protocol - A protocol for exchange of hypertext documents in HTML. protocol is used to:

• Access user mailboxes in Kerio Connect Client
• Access the Free/Busy server
• Automatically update Kerio Outlook Connector (Offline Edition)
• Synchronize via ActiveSync or NotifyLink
• Publish calendars in iCal format
• (HTTPSSecure version of secured by SSL.) Access Kerio Connect administration
• (HTTPS) Access user mailboxes in Kerio Connect Client (if secured connection is required)

Instant Messaging

Instant messaging allows users to chat with other users in or outside of their domain.

Restricting access to some services

To restrict access to any service for any users, you can define User Access Policies. You can allow or deny access to individual protocols from certain IP addresses to individual users.

Defining access policies

1. In the administration interface, go to Configuration > Definitions > User Access Policies.
2. Click Add Policy.
3. Type a name for the policy.
4. Click the Add restriction link and select a protocol.
5. Click Allow/Deny/Allow only to to set the access. You can add multiple restriction.
6. Set access for the remaining (unselected) protocols.
7. Click Apply.

To remove a restriction, select it and click Remove.

To remove a policy, select it and click Remove.

Assigning access policies to users

Every new user is assigned the Default policy. To assign a different policy to a user:

1. In the administration interface, go to Accounts > Users.
2. Double-click a user and go to the Rights tab.
3. Select an Access policy from the drop-down list.
4. Click OK.

Troubleshooting

If any problem regarding services occurs, consult the Debug log. Right-click the Debug log area, click Messages, and select the appropriate message type (service to be logged):

Service type	When to use
SMTP	When problems in the communication between the SMTP server and a client arise, use the SMTP Server and SMTP Client options.
POP3	When problems with the POP3 server arise, enable the POP3 Server option.
IMAP	When problems with the IMAP Server arise, enabling of the IMAP server logging might be helpful.
NNTP	When problems with the NNTP server arise, enable the NNTP Server option.
LDAP	When problems with the LDAP server arise, enable the LDAP Server option.
HTTP	The HTTP Server option enables logging of HTTP traffic on the server's side. The WebDAVWeb Distributed Authoring and Versioning is a framework that enables users to work with documents on a server. Server Request option enables logging of queries sent from a WebDAV server. Used it for Microsoft Entourage or Apple Mail where problems with Exchange accounts arise. The PHP Engine Messages option helps solving problems with the Kerio Connect Client interface.
Instant messaging	When problems with the IMInstant Messaging - A real-time online chat. server arise, enable the Instant MessagingInstant messaging is a real-time online chat. Server option.

Too many log messages may slow down your server. Once you solve your problem, disable the logging.