Services in Kerio Connect

Setting service parameters

You can set parameters for Kerio Connect services in the Configuration > Services section.

By default, all services are running on their standard ports.


For security reasons, enable only the services you know will be used. For more information refer to Configuring your firewall.

For each service, you can:

  • Specify whether the service runs automatically on Kerio Connect startup
  • Add or remove listening IP addresses and ports
  • Limit access to the service for specific IP addresses
  • Specify the maximum number of concurrent connections. Consider the number of server users —For an unlimited number of connections, set the value to 0

Port collisions

If any service available in Kerio Connect is already running on the server, you have two possibilities:

Service types

Each service is available in both unsecured and secured version (encrypted by SSLSecure Sockets Layer - A protocol that ensures integral and secure communication between networks.). The following sections describe individual services.


The SMTPSimple Mail Transport Protocol - An internet standard used for email transmission across IP networks. protocol server sends outgoing email messages, receives incoming messages and messages created via mailing lists in Kerio Connect.

You can use two methods for encrypting the SMTP traffic:


Since public WiFi networks often do not support traffic on unencrypted protocols, SMTP on port 25 can be blocked. In such cases users cannot send email out of the network. SMTPS on port 465 is usually allowed.

SMTP Submission is a special type of communication which enables messages sent by an authenticated user to be delivered immediately without antispam control. Allow SMTP Submission if you use a distributed domain.


POP3Post Office Protocol 3 - A protocol used by local email clients to retrieve emails from mailboxes over a TCP/IP connection. protocol server allows users to retrieve messages from their accounts. It can be used as an alternative to IMAPInternet Message Access Protocol - One of the two most commonly used Internet standard protocols for e-mail retrieval, the other being POP3. for access messages.


IMAP protocol server allows users to access their messages. With this protocol, messages stay in folders and can be accessed from multiple locations at any time.


NNTPNetwork News Transfer Protocol - A transfer protocol for discussion groups over the Internet. is a transfer protocol for discussion groups over the Internet. The service allows users to use messages of the news type and use the protocol to view public folders. Public folders cannot be viewed via NNTP if their name includes a blank space or the . (dot) symbol.


LDAPLightweight Directory Access Protocol - A protocol that enables users to access centrally managed contacts. server enables users to access centrally managed contacts. It provides read-only access — users are not allowed to create new contacts nor edit the existing ones.

If Kerio Connect is installed on a server which is used as a domain controllerA server that runs the authentication process in Microsoft Active Directory. (in Active Directory), run this service on non-standard ports or disable them.


HTTPHypertext Transfer Protocol - A protocol for exchange of hypertext documents in HTML. protocol is used to:

  • Access user mailboxes in Kerio Connect Client
  • Access the Free/Busy server
  • Automatically update Kerio Outlook Connector (Offline Edition)
  • Synchronize via ActiveSync or NotifyLink
  • Publish calendars in iCal format
  • (HTTPSSecure version of secured by SSL.) Access Kerio Connect administration
  • (HTTPS) Access user mailboxes in Kerio Connect Client (if secured connection is required)

Instant Messaging

Instant messaging allows users to chat with other users in or outside of their domain.

Restricting access to some services

To restrict access to any service for any users, you can define User Access Policies. You can allow or deny access to individual protocols from certain IP addresses to individual users.

Defining access policies

  1. In the administration interface, go to Configuration > Definitions > User Access Policies.
  2. Click Add Policy.
  3. Type a name for the policy.
  4. Click the Add restriction link and select a protocol.
  5. Click Allow/Deny/Allow only to to set the access. You can add multiple restriction.
  6. Set access for the remaining (unselected) protocols.
  7. Click Apply.

To remove a restriction, select it and click Remove.

To remove a policy, select it and click Remove.

Assigning access policies to users

Every new user is assigned the Default policy. To assign a different policy to a user:

  1. In the administration interface, go to Accounts > Users.
  2. Double-click a user and go to the Rights tab.
  3. Select an Access policy from the drop-down list.
  4. Click OK.


If any problem regarding services occurs, consult the Debug log. Right-click the Debug log area, click Messages, and select the appropriate message type (service to be logged):

Service type When to use

When problems in the communication between the SMTP server and a client arise, use the SMTP Server and SMTP Client options.


When problems with the POP3 server arise, enable the POP3 Server option.


When problems with the IMAP Server arise, enabling of the IMAP server logging might be helpful.


When problems with the NNTP server arise, enable the NNTP Server option.


When problems with the LDAP server arise, enable the LDAP Server option.

Instant messaging

When problems with the IMInstant Messaging - A real-time online chat. server arise, enable the Instant MessagingInstant messaging is a real-time online chat. Server option.

Too many log messages may slow down your server. Once you solve your problem, disable the logging.