AppSuite:Configuration properties 7.0.1

OX App Suite Configuration Parameters

This is an overview of all configuration parameters for the AppSuite backend. By default, this list is sorted by the .properties files they appear in. Yet for most parameters, it does not really matter in which file are found. This does not apply to core configuration files. For these, you cannot re-define the value in another file:


The following are all parameters from all .properties within version 7.0.1

Key Default value Comment File
USER_STORAGE com.openexchange.admin.stora...
GROUP_STORAGE com.openexchange.admin.stora...
RESOURCE_STORAGE com.openexchange.admin.stora...
CONCURRENT_JOBS 2 how many jobs should be executed concurrently
MASTER_AUTHENTICATION_DISABLED false Disabling authentication for system calls like context/server etc. creation! ONLY USE THIS SWITCH IF YOU EXACTLY KNOW WHAT YOU DO!!!
CONTEXT_AUTHENTICATION_DISABLED false Disabling authentication for context calls like user/group etc. creation! This also disables authentication for calls which a "normal" user can make like change his own data or get his own data! ONLY USE THIS SWITCH IF YOU EXACTLY KNOW WHAT YOU DO!!!
CHECK_USER_UID_REGEXP [$@%\\.+a-zA-Z0-9_-]
SPAM_MAILFOLDER_IT_IT Posta Indesiderata
CONFIRMED_SPAM_MAILFOLDER_IT_IT Posta indesiderata accertata
CONFIRMED_HAM_MAILFOLDER_IT_IT Posta attendibile accertata
SENT_MAILFOLDER_ZH_CN \u5df2\u53d1\u9001\u90ae\u4ef6
TRASH_MAILFOLDER_ZH_CN \u5783\u573e\u7b52
SPAM_MAILFOLDER_ZH_CN \u5783\u573e\u90ae\u4ef6
CONFIRMED_SPAM_MAILFOLDER_ZH_CN \u5df2\u786e\u8ba4\u7684\u57...
CONFIRMED_HAM_MAILFOLDER_ZH_CN \u5df2\u786e\u8ba4\u7684\u6b...
SENT_MAILFOLDER_CS_CZ Odeslan\u00e9 polo\u017eky
CONFIRMED_HAM_MAILFOLDER_CS_CZ Potvrzen\u00e1 norm\u00e1ln\...
SENT_MAILFOLDER_HU_HU Elk\u00fcld\u00f6tt elemek
TRASH_MAILFOLDER_HU_HU T\u00f6r\u00f6lt elemek
SPAM_MAILFOLDER_HU_HU Lev\u00e9lszem\u00e9t
CONFIRMED_SPAM_MAILFOLDER_HU_HU Elfogadott k\u00e9retlen
CONFIRMED_HAM_MAILFOLDER_HU_HU Elfogadott \u00e1l-k\u00e9re...
AUTO_TO_LOWERCASE_UID false this will lowercase the uid
SENT_MAILFOLDER_SK_SK Odoslan\u00e9 polo\u017eky
DRAFTS_MAILFOLDER_SK_SK Rozp\u00edsan\u00e9
CONFIRMED_HAM_MAILFOLDER_SK_SK Potvrden\u00e9 ako nie spam
SENT_MAILFOLDER_LV_LV Nos\u016Bt\u012Bt\u0101s vie...
CONFIRMED_SPAM_MAILFOLDER_LV_LV Apstiprin\u0101ta "m\u0113st...
CONFIRMED_HAM_MAILFOLDER_LV_LV Apstiprin\u0101ts "ham"
USERNAME_CHANGEABLE false WARNING: Changing the username might have impact on external systems like imap server that allows acls to be set. Imap ACLS usually use symbolic names so when changing the user name without changing the ACL breaks the ACL. open-xchange-admin will NOT change those ACLS, so DO NOT CHANGE THIS SETTING ON OX Express
PRIMARY_MAIL_UNCHANGEABLE true Here you can set whether the primary mail address can be changed or not. If set to false, it is possible to change the primary mail address. Only change, if you know what you are doing (Outlook might not work anymore under certain circumstances)
SENT_MAILFOLDER_DE_DE Gesendete Objekte default mail folder fallback if not sent by rmi client:
DEFAULT_PASSWORD_MECHANISM SHA specify the default password mechanism to use possible values: CRYPT / SHA / BCRYPT
SENT_MAILFOLDER_FR_FR Objets envoy\u00e9s
CONFIRMED_HAM_MAILFOLDER_FR_FR non-pourriel-confirme
UID_NUMBER_START -1 set to > 0 to use the uidnumber feature
CONFIRMED_SPAM_MAILFOLDER_SV_SV bekr\u00E4ftad-skr\u00E4ppost
CONFIRMED_HAM_MAILFOLDER_SV_SV felaktigt-bekr\u00E4ftad-spam
SENT_MAILFOLDER_ES_ES Elementos enviados
SPAM_MAILFOLDER_ES_ES Correo no deseado
CONFIRMED_SPAM_MAILFOLDER_ES_ES correo basura confirmado
CONFIRMED_HAM_MAILFOLDER_ES_ES correo leg\u00EDtimo confirm...
SENT_MAILFOLDER_JA_JP \u9001\u4FE1\u6E08\u30A2\u30...
TRASH_MAILFOLDER_JA_JP \u524A\u9664\u6E08\u307F\u30...
SPAM_MAILFOLDER_JA_JP \u8FF7\u60D1\u30E1\u30FC\u30EB
CONFIRMED_HAM_MAILFOLDER_JA_JP \u4E00\u822C\u30E1\u30FC\u30...
SENT_MAILFOLDER_PL_PL Elementy wys\u0142ane
CHECK_USER_UID_FOR_NOT_ALLOWED_CHARS true this will check the user name using the check below
verbosity 1 verbosity: The level of messages for status/debug (messages go to standard output). The setting here is for your own local catalogs. The verbosity of Forrest's core catalogs is controlled via main/webapp/WEB-INF/cocoon.xconf The following messages are provided ... 0 = none 1 = ? (... not sure yet) 2 = 1+, Loading catalog, Resolved public, Resolved system 3 = 2+, Catalog does not exist, resolvePublic, resolveSystem 10 = 3+, List all catalog entries when loading a catalog (Cocoon also logs the "Resolved public" messages.)
catalogs ../resources/schema/catalog.... catalogs ... list of additional catalogs to load (Note that Apache Forrest will automatically load its own default catalog from main/webapp/resources/schema/catalog.xcat) Use either full pathnames or relative pathnames. pathname separator is always semi-colon (;) regardless of operating system directory separator is always slash (/) regardless of operating system
relative-catalogs no relative-catalogs If false, relative catalog URIs are made absolute with respect to the base URI of the file. This setting only applies to catalog URIs obtained from the catalogs property in the file Example: relative-catalogs=[yes|no]
GID_NUMBER_START -1 set to higher than 0 to enable gid number feature
CHECK_GROUP_UID_FOR_NOT_ALLOWED_CHARS true this will check the group name using the check below
CHECK_GROUP_UID_REGEXP [ $@%\\.+a-zA-Z0-9_-]
AUTO_TO_LOWERCASE_UID false this will lowercase the uid
webmail_plus contacts,webmail this are the deprecated definitions of module access combinations. please use the newly defined sets.
pim_plus contacts,webmail,calendar,ta...
groupware_plus contacts,webmail,calendar,de...
premium contacts,webmail,calendar,de...
groupware calendar,contacts,delegateta... PLEASE Update accordingly when UPDATING "all" level! Includes all modules except mobility,
webmail webmail,contacts,globaladdre...
pim webmail,calendar,contacts,ta...
pim_infostore webmail,calendar,contacts,ta...
pim_mobility webmail,calendar,contacts,ta...
groupware_standard webmail,calendar,contacts,in... Groupware Standard always gets new features except mobility and OXtender.
groupware_premium webmail,calendar,contacts,in...
all webmail,calendar,contacts,in...
CHECK_RES_UID_FOR_NOT_ALLOWED_CHARS true this will check the resource name using the check below
CHECK_RES_UID_REGEXP [ $@%\\.+a-zA-Z0-9_-]
AUTO_TO_LOWERCASE_UID false this will lowercase the uid
INITIAL_OX_SQL_ORDER sequences.sql,ldap2sql.sql,o...
SERVLET_POOL_SIZE 1 initial number of instances held in memory for each available single threaded servlet (single threaded servlets are deprecated and are not used by the open-xchange server)
AJP_SERVER_THREAD_SIZE 1 Number of AJP server threads which create a client socket on an incoming request. This is the number of threads processing new opened AJP sockets. AJP sockets are kept alive by default therefore only one thread is recommended
AJP_LISTENER_POOL_SIZE 1 AJP listener pool size number of initially created AJP listeners for processing incoming AJP requests This pool does grow dynamically but does not go below.
AJP_LISTENER_READ_TIMEOUT 60000 The amount of time in milliseconds a listener is going to wait (or block) while waiting to read the initial bytes from web server from input stream 0 stands for unlimited and should not be changed because if the server does close connections here the sticky sessions would break.
AJP_LOG_FORWARD_REQUEST FALSE Logs corresponding AJP forward request if an unexpected empty body request is detected
AJP_BACKLOG 0 Specify the backlog for opened AJP server socket Default is zero; meaning using JVM's default backlog setting /var/www/webdesktop/AppForge
io.ox/core//theme default
io.ox/core/settingOptions//themes/default Default Theme
translator.get_request com.openexchange.index.solr... Translator configuration
get_request.id_field uuid
translator.all_request com.openexchange.index.solr...
translator.custom com.openexchange.index.solr...
field.param6 id Field configuration
handler.simple simpleSearch Handler configuration
handler.custom customSearch
handler.get_request getSearch
handler.all_request allSearch
handler.persons_and_topics personsAndTopics
LDAP_HOST localhost
LDAP_BASE dc=example,dc=org
LDAP_SEARCH (&(objectClass=oxdbObject)(u... search query to get the users ldap dn ,@USER@ will be replaced by the username
LDAP_ATTRIBUTE mailPrimaryAddress which attribute should be parsed for the email adress (context=domainpart)
USE_POOL false
AUTOCID_STORAGE com.openexchange.admin.autoc...
com.openexchange.mail.autoconfig.path /opt/open-xchange/ispdb Path to the local configuration files for mail domains. See
com.openexchange.mail.autoconfig.ispdb https://live.mozillamessagin... The ISPDB is a central database, currently hosted by Mozilla Messaging, but free to use for any client. It contains settings for the world's largest ISPs. We hope that the database will soon have enough information to autoconfigure approximately 50% of our user's email accounts. true Optional encryption for amazon S3 E710DF51333E8B35D32AE732E9B... DA802F4961847681C5BCB397192... 54703F3B8178AE4A Fill in your AWS Access Key ID and Secret Access Key Set urls of the regions for aws eu-west-1.elasticloadbalanc...
type t1.micro Instance type, see
securitygroups sg-0d94a179 Security group which instances will use
keyPair jbauerdick Keypair to use for ssh login
launchconfiguration ox-aws-autoscaling-configur... Set name for launch configuration
regions eu-west-1a Set the regions where the loadbalancer will be available
loadbalancers ox-aws-loadbalancer Set name of the loadbalancer
min 2 Minimun instances in autoscaling group
max 10 Maximum instances in autoscaling group
metrics cpu,diskreadops,diskwriteops Metrics that will be monitored (available: cpu, diskread, diskreadops, diskwrite, diskwriteops, networkin, networkout)
gracetimes 120,120,120 Number of seconds that AWS will wait after an autoscaling event occurs before triggering another event, comma separated list, must be multiples of 60
thresholds 80,20,10000,0,10000,0 Threshold for metrics, comma separated values for scaling up/down
evalPeriods 300,120,60 Number of periods over which data is compared to thresholds, must be multiple of 60
scaleup 2 Number of instances to start when scaleup policy is triggered
scaledown -1 Number of instances to stop when scaledown policy is triggered
autoscaling ox-aws-autoscaling-group Set name for autoscaling group
ami ami-a1e7e1d5 Id of the AMI image eu-west-1a Set the zone where the loadbalancer will be available sg-0d94a179 Security group which instances will use ami-a1e7e1d5 Id of the AMI image t1.micro Instance type, see jbauerdick Keypair to use for ssh login ox-aws-loadbalancer The loadbalancer's name false Change to true, if loadbalancer should handle https requests eu-west-1a Set the zone where the loadbalancer will be available oxbucket Name of OX AWS default bucket
com.openexchange.s3.versioning true Set versioning enabled/disabled
modules/com.openexchange.blackwhitelist/module true The following property enables the Black-/Whitelist GUI-Plugin
jcs.region.[REGIONNAME] LTCP It's important that cache entries don't get invalidated, since the cache may not be deterministic for LDAP contacts. Therefore, the properties 'MaxObjects', 'MaxMemoryIdleTimeSeconds', 'MaxLifeSeconds' and 'IdleTime' should be set to '-1'.
jcs.region.[REGIONNAME].cacheattributes org.apache.jcs.engine.Compos...
jcs.region.[REGIONNAME].cacheattributes.MaxObjects -1
jcs.region.[REGIONNAME].cacheattributes.MemoryCacheName org.apache.jcs.engine.memory...
jcs.region.[REGIONNAME].cacheattributes.UseMemoryShrinker true
jcs.region.[REGIONNAME].cacheattributes.MaxMemoryIdleTimeSeconds -1
jcs.region.[REGIONNAME].cacheattributes.ShrinkerIntervalSeconds 60
jcs.region.[REGIONNAME].cacheattributes.MaxSpoolPerRun 500
jcs.region.[REGIONNAME].elementattributes org.apache.jcs.engine.Elemen...
jcs.region.[REGIONNAME].elementattributes.IsEternal false
jcs.region.[REGIONNAME].elementattributes.MaxLifeSeconds -1
jcs.region.[REGIONNAME].elementattributes.IdleTime -1
jcs.region.[REGIONNAME].elementattributes.IsSpool false
jcs.region.[REGIONNAME].elementattributes.IsRemote false
jcs.region.[REGIONNAME].elementattributes.IsLateral false
com.openexchange.caching.jcs.enabled true Specify whether JCS-based caching should be enabled Default is "true"
com.openexchange.caching.jcs.eventInvalidation true Configures how remote cache invalidation is done. Set to 'true' for cache events via the cache event messaging service, or to 'false' to stick with the JCS-internal lateral auxiliary cache configuration. Defaults to 'true'.
com.openexchange.caldav.interval.start one_month Defines the minimum end time of appointments to be synchronized via the CalDAV interface, relative to the current date. Possible values are "one_month" (default), "one_year" and "six_months".
com.openexchange.caldav.interval.end one_year Defines the maximum start time of appointments to be synchronized via the CalDAV interface, relative to the current date. Possible values are "one_year" (default) and "two_years".
com.openexchange.caldav.enabled true Whether CalDAV is enabled or not
com.openexchange.caldav.url https://[hostname]/caldav/[f... Tells users where to find a caldav folder. This can be displayed in frontends. You can use the variables [hostname] and [folderId] If you chose to deploy caldav as a virtual host (say '') use[folderId] as the value If you are using user-agent sniffing use https://[hostname]/caldav/[folderId]
com.openexchange.caldav.tree 0 Configures the ID of the folder tree used by the CalDAV interface
cp_dayview_table.tmpl calendar, printing
cp_monthview_list.tmpl calendar, printing
cp_monthview_table.tmpl calendar, printing
cp_weekview_table.tmpl calendar, printing
cp_workweekview_table.tmpl calendar, printing
com.openexchange.carddav.tree 0 Configures the ID of the folder tree used by the CardDAV interface
com.openexchange.carddav.enabled true Whether CardDAV is enabled or not
com.openexchange.carddav.exposedCollections 0 Controls which collections are exposed via the CardDAV interface. Possible values are '0', '1' and '2'. A value of '1' makes each visible folder available as a resource collection, while '2' only exposes an aggregated collection containing all contact resources from all visible folders. The default value '0' exposes either an aggregated collection or individual collections for each folder, depending on the client's user-agent that is matched against the pattern in 'userAgentForAggregatedCollection'.
com.openexchange.carddav.userAgentForAggregatedCollection .*CFNetwork.*Darwin.*|.*Addr... Regular expression to match against the client's user-agent to decide whether the aggregated collection is exposed or not. The default pattern matches all known varieties of the Mac OS Addressbook client, that doesn't support multiple collections. Only used if 'exposedCollections' is set to '0'. The pattern is used case insensitive.
com.openexchange.carddav.reducedAggregatedCollection false Specifies if all visible folders are used to create the aggregated collection, or if a reduced set of folders only containing the global addressbook and the personal contacts folders should be used. This setting only influences the aggregated collection that is used for clients that don't support multiple collections. Possible values are 'true' and 'false.
com.openexchange.carddav.ignoreFolders A comma-separated list of folder IDs to exclude from the synchronization. Use this to disable syncing of very large folders (e.g. the global address list in large contexts, which always has ID 6). By default, no folders are excluded.
com.openexchange.passwordchange.script.shellscript /bin/ Script which updates the users passwd Must be executable (+x) and correct interpreter set (#!/bin/bash) Following values are passed by the servlet to the script: 1. --cid - Context ID 2. --username - Username of the logged in user 3. --userid - User ID of the logged in user 4. --oldpassword - Old user password 5. --newpassword - New user password see for some examples If script does not exit with status code 0 , an io-error is shown in the GUI. the following exit codes will display a defined error: 1: Cannot change password < %s >, see logfiles for details. 2: New password is too short 3: New password is too weak 4: Cannot find user 5: LDAP error Specifies the name of the cluster. Each node in the cluster should be configured with the same name. Required.
readProperty.1 user=openexchange username for the database user
readProperty.2 password=secret password for the database user
readProperty.3 useUnicode=true The driver properties should be kept at their defaults.
readProperty.4 characterEncoding=UTF-8
readProperty.5 autoReconnect=true
readProperty.6 useServerPrepStmts=false
readProperty.7 useTimezone=true
readProperty.8 serverTimezone=UTC
readProperty.9 connectTimeout=15000
readProperty.10 socketTimeout=15000
writeDriverClass com.mysql.jdbc.Driver the write connection must point to the database master
writeUrl jdbc:mysql://localhost/confi... writeURL holds the database host and the used schema name
writeProperty.1 user=openexchange username for the database user
writeProperty.2 password=secret password for the database user
writeProperty.3 useUnicode=true The driver properties should be kept at their defaults
writeProperty.4 characterEncoding=UTF-8
writeProperty.5 autoReconnect=true
writeProperty.6 useServerPrepStmts=false
writeProperty.7 useTimezone=true
writeProperty.8 serverTimezone=UTC
writeProperty.9 connectTimeout=15000
writeProperty.10 socketTimeout=15000
cleanerInterval 10000 Timeinterval of cleaner thread in milliseconds. This thread removes idle timed out database connections and removes not used database connection pools. after each cleanerInterval.
minIdle 0 Number of connections to keep open although they aren't used. This value is overwritten for OX databases from configdb. Sould be 0 so that no unnecessary connection are kept in the memory.
maxIdle -1 Number of maximum idle connections. More connections aren't pooled and closed. -1 stands for unlimited.
maxIdleTime 60000 Maximum time in milliseconds a connection can be idle. If this time is exceeded, the connection gets closed.
maxActive 100 If exhaustedAction is set to BLOCK, not more than maxActive connections will be opened to the mysql database. This value is overwritten for OX databases from configdb.
maxWait 10000 If exhaustedAction is set to BLOCK, a thread will not wait for more than maxWait milliseconds.
readDriverClass com.mysql.jdbc.Driver the read connection must point to the database slave
maxLifeTime 600000 Maximum time in milliseconds a connection will be used. After this time the connection get closed.
exhaustedAction BLOCK BLOCK: If maxActive number of connections is reached threads have to wait for a connection. FAIL: If maxActive number of connections is reached an exception is thrown. GROW: Open more connections even if maxActive is already reached. This value is overwritten for OX databases from configdb.
testOnActivate false Validate connections if they are activated. This is not necessary because the activation already includes a check if the connection isn't closed.
testOnDeactivate true Check if connections can be reused after they are returned to the pool.
testOnIdle false Not useful for connections.
readUrl jdbc:mysql://localhost/confi... readURL holds the database host and the used schema name
testThreads false if testThreads is set to true, more information is logged to the Open-Xchange log files about database connections. If this option is enabled the performance may degrade dramatically. The JVM has to generate then a lot of method call stack dumps.
URL http://localhost/oxadmin/umin
URL http://localhost/?cid=%c&log... URL to the config interface. %c is replaced with context login information. %u is replaced with user login information. %p is replaced with user password.
validate_contact_email true Check the entered email address from a new contact for correctness (syntactic check user@domain.tld)
max_image_size 4194304 The maximum size in bytes for the upload of contact images. Remember: If you decrease the size after some images where uploaded already, you might trigger errors, for example when trying to modify the contact without adding an image of the correct size. true Determines if a search is triggered if the dialog for searching for emailable contacts is opened. This dialog is used for selecting recipients for an email and for creating distribution lists. false Searching for contacts can be done in a single folder or globally across all folders. Searching across all folders can cause high server and database load because first all visible folders must be determined and if a user has object read permissions in that folders. Software internal default is true to prevent high load if the property is not defined. Default here is false because it is easier for the user to find contacts.
com.openexchange.contacts.characterSearch true Enables/Disables the start letter based quick select of contacts
com.openexchange.contacts.allFoldersForAutoComplete true The auto complete search for email addresses may be triggered easily and quite often if a new email is written and a part of a recipients address is written. This can lead to high load on the database system if a context has a lot of users and a lot of contacts. Therefore the scope if this search can be configured. Set this parameter to true and the auto complete search looks in every readable contact folder for contacts with emails addresses matching the already typed letters. If this parameter is configured to false, only three folders are considered for the search: the users private default contact folder, his contact folder for collected contacts and the global address book if that is enabled for the user. 200x200 Configures the maximum image dimension to use when serializing contacts to vCards in the format [max_width]x[max_height]. Larger images will be resized dynamically to fit the specified rectangular area. If left empty, images are not resized at all and serialized as-is.
contact_first_letter_field field02 First Letter Field, the field you sort in when you hit one of the start letters field02 Last name field03 First name
com.openexchange.contactcollector.enabled true Whether enabled or disabled regardless of bundle start-up Enabled by default (provided that bundle is installed and properly started)
com.openexchange.contactcollector.folder.deleteDenied false Whether deletion of contact collector folder will be denied
CONTEXT_RESTORE_STORAGE com.openexchange.admin.conte... Define the storage implementation here
modules/themes/default Cool Water (Default) The following property defines the default theme of the AJAX GUI.
com.openexchange.subscribe.crawler.updatedfile Points to the remove URL for updates to workflow definitions
com.openexchange.subscribe.crawler.updateinterval 86400000 The time interval in which to check for updates. Defaults to 86400000, which means daily.
com.openexchange.subscribe.crawler.enableautoupdate true Enables/disables auto-update for crawler functionality (true / false)
com.openexchange.subscribe.crawler.onlyupdatealreadyinstalled false Only update crawlers that are already installed (true) or add new crawlers as they become available (false)
com.openexchange.subscribe.xing true Enable / Disable individual crawlers (true / false)
com.openexchange.subscribe.crawler.googlemail true
com.openexchange.subscribe.crawler.webde true true true true true false
com.openexchange.subscribe.crawler.suncontacts false
com.openexchange.subscribe.crawler.suncalendar false
com.openexchange.subscribe.crawler.suntasks false
com.openexchange.subscribe.crawler.path crawlers Points to the directory containing the workflow definitions of crawlers
com.openexchange.subscribe.crawler.updatepath Points to the remote URL containing updates to the workflow definitions
com.openexchange.groupware.dataRetrieval.lifetime 60000 Lifetime of a token in milliseconds. If this value is not set or negative the token only expires at the end of the session.
com.openexchange.groupware.dataRetrieval.onetime true Whether the token expires after the first access or not. Defaults to true.
com.openexchange.dataretention.sourceID OX_mail_01 The string identifying the data source; e.g. "OX_mail_01"
com.openexchange.dataretention.location DE/Olpe The location of the system generating the retention data
com.openexchange.dataretention.timeZone GMT The time zone of the location
com.openexchange.dataretention.dir /var/log/open-xchange The directory where the CSV file is held
com.openexchange.dataretention.rotateLength 0 Specifies the max. output resource's length (in bytes) before it gets rotated. This option is only useful for implementations which output data to a file or to any limited resource. This value should have a reasonable size since multiple write accesses may occur at same time. Therefore small sizes (<= 200KB) cannot be guaranteed being obeyed. Moreover it is only an approximate limit which can vary about 8KB. A value less than or equal to zero means no rotation.
com.openexchange.dataretention.versionNumber 1 The format version appended to each record type; e.g "H1" meaning "Header version 1".
com.openexchange.dataretention.clientID Open-Xchange The string identifying the tenant; e.g "Open-Xchange".
com.openexchange.spamhandler.defaultspamhandler.createConfirmedHam true # Indicates whether to create the confirmed-ham folder during check for default mail folders # during login if spam is enabled for logged-in user. # Default is true.
com.openexchange.spamhandler.defaultspamhandler.unsubscribeSpamFolders true # Indicates whether the confirmed-spam/confirmed-ham folders shall automatically be unsubscribed during login. # Default is true.
com.openexchange.spamhandler.defaultspamhandler.createConfirmedSpam true # Indicates whether to create the confirmed-spam folder during check for default mail folders # during login if spam is enabled for logged-in user. # Default is true.
com.openexchange.oauth.dropbox.apiSecret PUT_YOUR_APP_SECRET_HERE The API secret
com.openexchange.oauth.dropbox true Enable/disable
com.openexchange.oauth.dropbox.apiKey PUT_YOUR_APP_KEY_HERE The API key
com.openexchange.oauth.dropbox true Enable/disable
com.openexchange.oauth.dropbox.apiKey The API key
com.openexchange.oauth.dropbox.apiSecret The API secret UTF-8 Define the URL encoding which will be used to modify the given URL user Define the FROM address of the email which will be sent to the user when he has selected the email transport as provisioning method. Possible values are: 1. A valid eMail address (eg.: 2. user (Then the from address will be the standard address from the user who sends the provisioning message) Open-Xchange Mobility Provis... Define the subject and the mailtext of the provisioning eMail which will be send to the user if he has chosen eMail as provisioning method. You can set a subject and text per language. If you want to add a new language code provide the following two configuration options:$languagecode_$LANDCODE.subject$languagecode_$LANDCODE.text Please click on the followin... Open-Xchange Mobility Provis... Please click on the followin... Open-Xchange Mobility-Provis... Bitte auf den folgenden Link... Pr\u00E9paration de la mobil... Veuillez cliquer sur le lien... Open-Xchange-mobility-initia... Klik op de volgende link om ... Configuraci\u00F3n m\u00F3vi... Por favor, haga clic en el s... Fornitura in mobilit\u00E0 O... Fai clic sul seguente colleg... Please click on the followin... Define the text of the provisioning SMS which will be send to the user if he has chosen SMS as provisioning method. You can set a text per language. If you want to add a new language code provide the following configuration option:$languagecode_$LANDCODE.text Please click on the followin... Bitte auf den folgenden Link... Veuillez cliquer sur le lien... Klik op de volgende link om ... Por favor, haga clic en el s... Fai clic sul seguente colleg... https://%h/servlet/mobilecon... Define the URL which will be send to the device via the transport. The following placeholders will be replaced by: %h : The Hostname taken from the URL of the user %l : The login which the user has entered on the login page %c : The context ID %u : The user login %p : Users primary email address Properties for the ACTION SMS Provisioning Plugin Currently only SIPGATE is supported as SMS provider via XML-RPC API Sipgate API URL openexchange Sipgate API Username test Sipgate API Password
modules/com.openexchange.eas.provisioning.ui/module true
modules/com.openexchange.eas.provisioning.ui/other/0/fr_FR/name Nokia S60
modules/com.openexchange.eas.provisioning.ui/other/0/fr_FR/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/0/en_US/name Nokia S60
modules/com.openexchange.eas.provisioning.ui/other/0/en_US/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/0/en_GB/name Nokia S60
modules/com.openexchange.eas.provisioning.ui/other/0/en_GB/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/0/nl_NL/name Nokia S60
modules/com.openexchange.eas.provisioning.ui/other/0/nl_NL/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/0/es_ES/name Nokia S60
modules/com.openexchange.eas.provisioning.ui/other/0/es_ES/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/1/de_DE/name Blackberry Blackberry configuration description:
modules/com.openexchange.eas.provisioning.ui/other/1/de_DE/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/1/fr_FR/name Blackberry
modules/com.openexchange.eas.provisioning.ui/other/1/fr_FR/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/1/en_US/name Blackberry
modules/com.openexchange.eas.provisioning.ui/other/1/en_US/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/1/en_GB/name Blackberry
modules/com.openexchange.eas.provisioning.ui/other/1/en_GB/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/1/nl_NL/name Blackberry
modules/com.openexchange.eas.provisioning.ui/other/1/nl_NL/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/1/es_ES/name Blackberry
modules/com.openexchange.eas.provisioning.ui/other/1/es_ES/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/2/de_DE/name Android Android configuration description:
modules/com.openexchange.eas.provisioning.ui/other/2/de_DE/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/2/fr_FR/name Android
modules/com.openexchange.eas.provisioning.ui/other/2/fr_FR/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/2/en_US/name Android
modules/com.openexchange.eas.provisioning.ui/other/2/en_US/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/2/en_GB/name Android
modules/com.openexchange.eas.provisioning.ui/other/2/en_GB/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/2/nl_NL/name Android
modules/com.openexchange.eas.provisioning.ui/other/2/nl_NL/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/2/es_ES/name Android
modules/com.openexchange.eas.provisioning.ui/other/2/es_ES/url plugins/com.openexchange.usm...
modules/com.openexchange.eas.provisioning.ui/other/0/de_DE/name Nokia S60 The following options will display the detailed setup descriptions from devices which don't support autoconfiguration emails. Nokia S60 configuration description:
modules/com.openexchange.eas.provisioning.ui/other/0/de_DE/url plugins/com.openexchange.usm... The location of the openssl binary (needed if SignConfig is true) 3000 The timeout for the openssl binary in milliseconds (needed if SignConfig is true) The cert file (needed if SignConfig is true) The key file (needed if SignConfig is true) ^.*(iPhone|iPad).*$ RegEx for iPhone browser detection ^.*Windows Phone.*$ RegEx for Windows Mobile browser detection true If only https should be used false If signing is used or not
read_cl ONE Consistency Levels. It can be defined on a per-column-family basis. Since we only have one column family, it only applies to that. Possible values (CaSe sensitive): ONE, TWO, THREE, QUORUM, ALL, ANY, EACH_QUORUM, LOCAL_QUORUM
write_cl ONE
replication_factor 1 Replication factor of the keyspace
keyspace OX Keyspace name
cf_xt_props ExtendedProperties Extended Properties column family name
com.openexchange.event.eventQueueDelay 60000 This parameter set the delay in milliseconds when events are sent to the subscribed services. Events for example are triggered when deleting an appointment with attachment. The event then is for deleting the attachment. If this value is increased more events may be in the queue that must be executed. This can cause longer runtime delivering all those events. Lowering this value may cause too often look into the queue without finding events there to process.
com.openexchange.event.isEventQueueEnabled true This option enables or disable the complete event handling for OX The event handling is a essential Open-Xchange component which needs to always run. This should only be set to false for debugging purposes.
com.openexchange.messaging.facebook.loginPageBaseURL Specify the base URL of facebook's login page
com.openexchange.messaging.facebook.actionOfLoginForm Specify the action of the facebook login form located at login page
com.openexchange.messaging.facebook.linkAfterLogin "\\Q Specify the regular expression (in quotes) for the link of the expected page after successfully passing facebook's login page Note: The (optional) capturing group is checked against facebook's user identifier. If no group is specified, no check is performed
com.openexchange.messaging.facebook.apiVersion 1.0 Specify the version of facebook's API
com.openexchange.messaging.facebook.nameOfUserField email Specify the name of the login field on facebook's login page
com.openexchange.messaging.facebook.nameOfPasswordField pass Specify the name of the password field on facebook's login page
com.openexchange.messaging.facebook true
com.openexchange.messaging.facebook.renewalFrequence 300000 Frequence for facebook session renewal in milliseconds. Default is 300000 (5 minutes).
com.openexchange.facebook.apiKey INSERT_YOUR_API_KEY_HERE Specify the API key obtained from facebook
com.openexchange.facebook.secretKey INSERT_YOUR_API_SECRET_HERE Specify the secret key obtained from facebook
com.openexchange.subscribe.socialplugin.facebook true
IGNORE_SHARED_ADDRESSBOOK TRUE Determine whether to ignore 'shared addressbook' folder or not. Possible values: TRUE / FALSE
ENABLE_INTERNAL_USER_EDIT TRUE Define if users are allowed to edit their own contact object contained in folder 'Global Address Book' aka 'Internal Users'. Switching this parameter only has an effect for new created contexts.
com.openexchange.folderstorage.outlook.showPersonalBelowInfoStore true Specifies whether a user's default InfoStore folder should appear below InfoStore root folder: - Infostore -- My files -- Public infostore -- Userstore -- Other infstore folders
ENABLE_DB_GROUPING TRUE Define where to perform folder grouping. This filters the database results for duplicate folders in the where clause of the db statement or afterwards in the application. Possible values: TRUE / FALSE
ENABLE_FOLDER_CACHE TRUE Enable or disable folder caching. Possible values: TRUE / FALSE
com.openexchange.folder.json.module folders # Define the module which also serves as the appendix for registered servlet: # If module is set to "myfolders", the servlet path is changed to "/ajax/myfolders" # Default is "folders"
project.required.plugins org.apache.forrest.plugin.ou... The names of plugins that are required to build the project comma separated list (no spaces) You can request a specific version by appending "-VERSION" to the end of the plugin name. If you exclude a version number the latest released version will be used, however, be aware that this may be a development version. In a production environment it is recomended that you specify a known working version. Run "forrest available-plugins" for a list of plug-ins currently available lucene Specifies name of Forrest skin to use See list at
com.openexchange.freebusy.provider.ews.password The password to access the EWS. Required.
com.openexchange.freebusy.provider.ews.detailed true Configures whether the detailed free/busy-view including subject and location of the appointments is requested from EWS or not.
com.openexchange.freebusy.provider.ews.emailSuffixes Allows the definition of a comma-separated list of e-mail-address suffixes (e.g. domain parts like "") that are used to pre-filter the requested participants before passing them to EWS. Optional, but strongly recommended to reduce the amount of transferred data.
com.openexchange.freebusy.provider.ews.validEmailsOnly true Configures whether only valid e-mail addresses are used in the free/busy lookup or not.
com.openexchange.freebusy.provider.ews.trustAllCerts false For testing purposes, it's possible to skip certificate validation and trust all server certificates. This might only work when using Sun Java as it configures "".
com.openexchange.freebusy.provider.ews.skipHostVerification false For testing purposes, it's possible to bypass hostname verification. This might only work when using Sun Java as it configures "".
com.openexchange.freebusy.provider.ews.exchangeVersion EXCHANGE_2010 Configures the requested Exchange Server version. Possible values include "EXCHANGE_2007_SP_1", "EXCHANGE_2010", "EXCHANGE_2010_SP_1" and "EXCHANGE_2010_SP_2".
com.openexchange.freebusy.provider.ews.url Specifies the URL to the Exchange Web Service (usually something like Required.
com.openexchange.freebusy.provider.ews.userName The user name to access the EWS. Required., Allows the definition of a comma-separated list of e-mail-address suffixes (e.g. domain parts like "") that are used to pre-filter the requested participants before passing them to Google. Optional, but strongly recommended to reduce the amount of transferred data. true Configures whether only valid e-mail addresses are used in the free/busy lookup or not. Configures the URI of the Google Calendar API endpoint and should normally not be changed. Required. {YOUR_API_KEY} Sets the Google API key to be used for requests to the Google Calendar API. Required.
com.openexchange.freebusy.publisher.ews.userID Specifies the user ID of the user in whose name the internal free/busy data is requested from the server (should normally be the internal user ID of the context administrator). Required.
com.openexchange.freebusy.publisher.ews.url Specifies the URL to the Exchange Web Service (usually something like Required.
com.openexchange.freebusy.publisher.ews.userName The user name to access the EWS. Required.
com.openexchange.freebusy.publisher.ews.password The password to access the EWS. Required.
com.openexchange.freebusy.publisher.ews.publishMonths 3 Configures the amount of free/busy data to be published. The period always starts at the first of the current month. Defaults to '3'.
com.openexchange.freebusy.publisher.ews.delay 15 Specifies the time in minutes between publication cycles, i.e. configures the free/busy data update interval. Defaults to '15'.
com.openexchange.freebusy.publisher.ews.initialDelay 5 Specifies the time in minutes before starting the first publication cycle upon bundle startup. Defaults to '5'.
com.openexchange.freebusy.publisher.ews.chunkSize 50 Defines the number of users that are processed in a chunk when publishing free/busy data. Default to '50'.
com.openexchange.freebusy.publisher.ews.exchangeVersion EXCHANGE_2010 Configures the requested Exchange Server version. Possible values include "EXCHANGE_2007_SP_1", "EXCHANGE_2010", "EXCHANGE_2010_SP_1" and "EXCHANGE_2010_SP_2". Defaults to 'EXCHANGE_2010'.
com.openexchange.freebusy.publisher.ews.trustAllCerts false For testing purposes, it's possible to skip certificate validation and trust all server certificates. This might only work when using Sun Java as it configures "".
com.openexchange.freebusy.publisher.ews.contextID Specifies the context ID of the users whose free/busy data is published to the Exchange server. Required.
com.openexchange.freebusy.publisher.ews.skipHostVerification false For testing purposes, it's possible to bypass hostname verification. This might only work when using Sun Java as it configures "".
com.openexchange.freebusy.publisher.ews.lookup Specifies how the legacyExchangeDN for free/busy users is retrieved. May be one of 'static' or 'ldap'. A static lookup uses existing user attributes to construct the legacyExchangeDN path, while 'ldap' queries the 'legacyExchangeDN' attribute from the Active Directory using one or more user attributes. Required.
com.openexchange.freebusy.publisher.ews.lookup.static Configures the template to construct the legacyExchangeDN path. Required if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'static'. All occurrences of the following user attributes are replaced: [displayName], [contactId], [givenName], [surName], [userId], [imapLogin], [imapServer], [mailDomain], [mail], [loginInfo]. An example template would be "/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/ cn=Recipients/cn=[displayName]"
com.openexchange.freebusy.publisher.ews.lookup.ldap.filter Configures the LDAP filter used to query the Active Directory for the legacyExchangeDN of a user. Required if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'. Within the search filter, all occurrences of the following user attributes are replaced dynamically: [displayName], [contactId], [givenName], [surName], [userId], [imapLogin], [imapServer], [mailDomain], [mail], [loginInfo]. For example: "(&(objectClass=contact)(cn=[displayName]))"
com.openexchange.freebusy.publisher.ews.lookup.ldap.uri The URI of the LDAP server, should be in the format ldap:// For SSL access, use the ldaps protocol and the appropriate port, e.g. ldaps:// Required if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'.
com.openexchange.freebusy.publisher.ews.lookup.ldap.baseDN Configures a base LDAP path. If defined, all Distinguished Names supplied to and received from LDAP operations will be relative to the LDAP path supplied. If not defined, the default naming context of the RootDSE is used as baseDN. Only used if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'.
com.openexchange.freebusy.publisher.ews.lookup.ldap.bindDN Specify the bind DN used for LDAP authentication here. Only used if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'. If left empty, anonymous authentication is used.
com.openexchange.freebusy.publisher.ews.lookup.ldap.bindPW Specify the bind password used for LDAP authentication here. Only used if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap' and 'com.openexchange.freebusy.publisher.ews.lookup.ldap.bindDN' is defined.
com.openexchange.http.grizzly.hasCometEnabled true Comet is an umbrella term used to describe a technique allowing web browser to receive almost real time updates from the server. The two most common approaches are long polling and streaming. Long polling differs from streaming in that each update from the server ultimately results in another follow up request from the client. Default value: true
com.openexchange.http.grizzly.hasWebSocketsEnabled true Bi-directional, full-duplex communications channels over a single TCP connection. Default value: false
com.openexchange.http.grizzly.hasJMXEnabled true Do you want to enable grizzly monitoring via JMX? Default value: true.
com.openexchange.http.grizzly.hasAJPEnabled false Grizzly is able to communicate via AJP besides its default prototcol HTTP. Do you want to use AJP instead of HTTP? Default value: false
com.openexchange.hazelcast.mergeFirstRunDelay 120s Configures the time until the first check if the cluster needs to merge is scheduled. This takes a timespan parameter with 'ms' denoting milliseconds, 's' denoting seconds, 'm' denoting minutes. The value is passed to the hazelcast property "". Defaults to "120s"
com.openexchange.hazelcast.enabled true Enable/Disable Hazelcast bundle
com.openexchange.hazelcast.mergeRunDelay 120s Configures the time between each check if the cluster needs to merge. This takes a timespan parameter with 'ms' denoting milliseconds, 's' denoting seconds, 'm' denoting minutes. The value is passed to the hazelcast property "". Defaults to "120s".
com.openexchange.hazelcast.networkConfig.port 5701 The port Hazelcast will listen for incoming connections. Defaults to "5701".
com.openexchange.hazelcast.networkConfig.portAutoIncrement true Configures if autmatically the next port should be tried if the incoming port is already in use. Defaults to "true".
com.openexchange.hazelcast.networkConfig.outboundPortDefinitions By default Hazelcast lets the system to pick up an ephemeral port during socket bind operation. But security policies/firewalls may require to restrict outbound ports to be used by Hazelcast enabled applications. To fulfill this requirement, you can configure Hazelcast to use only defined outbound ports. You can use port ranges and/or comma separated ports, e.g. "35000-35100" or "36001, 36002, 36003". Defaults to "".
com.openexchange.hazelcast.enableIPv6Support false IPv6 support has been switched off by default, since some platforms have issues in use of IPv6 stack. And some other platforms such as Amazon AWS have no support at all. To enable IPv6 support, just set this property to true.
com.openexchange.hazelcast.interfaces Comma-separated list of interface addresses hazelcast should use. Wildcards (*) and ranges (-) can be used. Leave blank to listen on all interfaces.
com.openexchange.hazelcast.jmx true Enable JMX
CONTEXT_STORAGE com.openexchange.admin.stora...
CREATE_CONTEXT_USE_UNIT context what to count when distributing contexts over db engines possible values: context or user
CHECK_CONTEXT_LOGIN_MAPPING_REGEXP [$%\\.+a-zA-Z0-9_-] pattern of allowed chars in login mapping names
NEW_CONTEXT_DEFAULT_ACCESS_COMBINATION_NAME webmail_plus Default access combination template name for newly created contexts! See also "ModuleAccessDefinitions" file for details! If the name is NOT defined in "ModuleAccessDefinitions" file , fallback will be used!
UTIL_STORAGE com.openexchange.admin.stora...
AVERAGE_CONTEXT_SIZE 200 Misc properties average size of a context in MB
CONTEXTS_PER_SCHEMA 1000 amount of contexts per database schema
com.openexchange.imap.notifyRecent false Notify about recent messages using mail push events. This is a poll-based alternative for any connection-keeping mail push bundle.
com.openexchange.imap.notifyFrequencySeconds 300 The frequency when a check for recent mails is enforced.
com.openexchange.imap.notifyFullNames INBOX The full names of the folders to consider.
com.openexchange.imap.maxMailboxNameLength 60 The max. length of a mailbox name Default is 60 characters
com.openexchange.imap.imapSearch imap Define where to search for emails: Value "imap" to let the IMAP Server search. The search is done on IMAP server if a mailbox' size exceeds the mailFetchLimit as defined in Leave blank or fill in value "application" to search within application.
com.openexchange.imap.umlautFilterThreshold 50 Specify the threshold for number of search results returned by IMAP server for which manual umlauts-filtering will be applied. If less than or equal to zero, no manual filtering will be applied. Default value is 50.
com.openexchange.imap.imapFastFetch true This property determines whether a fast fetch is performed on large mail folders or not. Although the fetch is fast on IMAP side, a lot of data is transfered during reading response which cause a temporary memory peak. If disabled only the necessary fields are used as command arguments, which is slower but needs less memory. NOTE: See property "imapMessageFetchLimit" to know which mail folders are treated as large mail folders
com.openexchange.imap.imapSupportsACL auto Define if IMAP server supports ACLs. Possible values: true/false/auto NOTE: Value "auto" means to use server-defined ACL support as indicated through response to IMAP command "CAPABILITY"
com.openexchange.imap.imapTimeout 50000 Define the socket I/O timeout value in milliseconds. A value less than or equal to zero is infinite timeout. See also mail.imap.timeout
com.openexchange.imap.imapConnectionTimeout 20000 Define the socket connection timeout value in milliseconds. A value less or equal to zero is infinite timeout. See also mail.imap.connectiontimeout
com.openexchange.imap.imapTemporaryDown 10000 Define the amount of time in milliseconds an IMAP server is treated as being temporary down. An IMAP server is treated as being temporary down if a socket connect fails. Further requests to the affected IMAP server are going to be denied for the specified amount of time. A value less or equal to zero disables this setting.
com.openexchange.imap.failedAuthTimeout 10000 The number of milliseconds a failed authentication attempt is cached to faster handle subsequent authentication attempts Default is 10 seconds.
com.openexchange.imap.imapAuthEnc UTF-8 Define the encoding for IMAP authentication
com.openexchange.imap.maxIMAPConnectionIdleTime 60000 Define max. IMAP connection idle time in milliseconds or in other words how long an established IMAP connection is going to be kept alive while it's idle. NOTE: This is for future use and not yet implemented!
com.openexchange.imap.User2ACLImpl auto Name of the class that implements User2ACL, their alias or "auto" to use auto-detection. Currently known aliases: Cyrus, Courier, Dovecot, and Sun (Sun Java(tm) System Messaging Server)
com.openexchange.imap.imapSort imap Define where to sort emails: Value "imap" to let the IMAP Server sort (faster but less reliable). Leave blank or fill in value "application" to sort within application (slower but good quality). The sorting is done on IMAP server if a mailbox' size exceeds the mailFetchLimit as defined in NOTE: This value is going to be set to "application" if IMAP server capabilities do not contain string "SORT"
com.openexchange.imap.blockSize 1000 IMAP operations which shall be applied to a number of messages which exceeds the block size are performed in blocks. Example: A folder containing thousands of messages shall be cleared. To avoid the risk of an IMAP timeout when trying to delete all messages at once, the messages are deleted in block size portions. A block size equal to or less than zero means no block size.
com.openexchange.imap.spamHandler DefaultSpamHandler Define the registration name of the appropriate spam handler to use
com.openexchange.imap.propagateClientIPAddress false Whether client's IP address should be propagated by a NOOP command; e.g. "A01 NOOP <CLIENT_IP>"
com.openexchange.imap.propagateHostNames Configure a comma-separated list of external IMAP server's host names which should receive client's IP address by a NOOP command, too
com.openexchange.imap.maxNumConnections 0 The max. number of connection allowed being established for a user to an IMAP server Note: This setting overrides possibles restrictions specified through property "com.openexchange.imap.maxNumExternalConnections" if this property's value is less than the other one. Less than or equal to zero means infinite.
com.openexchange.imap.maxNumExternalConnections, Configure the max. number of concurrent connections which are allowed being established to a subscribed/external IMAP account. Notation is a comma-separated list of: <host> + ':' + <max-count>; e.g.:, For convenience a max-count can be specified which applies to all subscribed/external IMAP accounts; e.g.: com.openexchange.imap.maxNumExternalConnections=4 Zero or less is interpreted as unlimited. If not set, unlimited concurrent connections are allowed.
com.openexchange.imap.enableTls true Enables the use of the STARTTLS command (if supported by the server) to switch the connection to a TLS-protected connection.
IMAP_TIMEOUT 5000 Socket I/O timeout value in milliseconds
IMAP_CONNECTIONTIMEOUT 5000 Socket connection timeout value in milliseconds
IMAP_SERVER localhost imap server ip or fqdn
USE_FULL_LOGIN_INFO true ############################################# Set to true to auth with "user@domain" instead of just "user" against imap server. If true the "domain" part will be used as the context name of the ox system. so add "domain" as a login mapping to be able to login. If false, the plugin react as only 1 context exists in the ox system, and this context has the mapping "defaultcontext" added.
USE_MULTIPLE false ######## MULTIPLE IMAP SERVERS ############# If set to true the IMAP authentication plugin gets all IMAP server information from the OX database instead of reading configuration from this file. Following information is fetched from DB and will be used to authenticate against the server: - server - port - ssl/tls Moreover the proper login name is detected as configured by property "com.openexchange.mail.loginSource". To use this feature, set the correct values while provisioning an OX user. Useful if you have many IMAP Servers to connect to. ##### INFO: Domain part of the login is used as context name. Example: Username of the OX account must be "test" and name of the OX context must be ""
IMAP_PORT 143 port on which the imap server is listening
com.openexchange.authentication.imap.imapAuthEnc UTF-8 Define the encoding for IMAP authentication
IMAP_USE_SECURE false set to true if connecting via imaps://
com.openexchange.index.allowedModules Specify all modules that may be indexed as a comma-separated list of module identifiers (these are numbers defined in The default value is empty and disables indexing as a whole. This value takes effect on server granularity and can be overwritten for sets of contexts, single contexts and single users. See and /ox-config-path/contextSets/index.yml for more information on this. Possible modules: E-Mail: 19 As of now only E-Mail can be enabled. Enabling other modules may lead to unforseen errors during runtime.
com.openexchange.service.indexing.workerThreads 4 The number of worker threads for the clustered job scheduler instance that executes the indexing jobs. More worker threads allow it to run more indexing jobs at the same time, but will also increase the load of the worker node. It is recommended to start with a number not higher than the nodes number of CPU cores. Increasing the number afterwards always requires a restart of the node.
translator.get_request com.openexchange.index.solr...
get_request.id_field uuid
translator.all_request com.openexchange.index.solr...
MAX_UPLOAD_SIZE 10485760 true enable kerberos debugging /opt/open-xchange/etc/krb5.c... path to the krb5.conf configuration file
com.openexchange.kerberos.moduleName Open-Xchange Name of the module in the authentication and authorization configuration file. Must be an entry in the file named by /opt/open-xchange/etc/kerber... path to the Java authentication and authorization configuration file
com.openexchange.langdetect.languageModelsDir languageModels The path to the directory containing the language models
com.openexchange.langdetect.languageCodesFile Maps language to their code
com.sun.jndi.ldap.connect.timeout 10000 Timeouts are useful to get quick responses for login requests. This timeout is used if a new connection is established. 10000 This timeout only works since Java 6 SE to time out waiting for a response.
uidAttribute uid This attribute is used login. E.g. uid=<login>,baseDN
baseDN ou=Users,ou=OxObjects,dc=ope... This is the base distinguished name where the user are located.
ldapReturnField If you do not want to pass on the user id, used for authentication, to the groupware but another field entry of the LDAP user object, then you can specify the field here.
adsBind false This option activates a special ADS bind. It allows the user to authenticate at the ADS with only the displayName or by using the syntax DOMAIN\Samaccountname. Note that "\" cannot be used in user names when this option is activated.
subtreeSearch false set subtreeSearch to true if the user entries are not directly below the baseDN, and e.g. distributed over one or more subtrees. The bindDN to authenticate the user will then determined using a search over the complete tree below baseDN NOTE: When two users exist with the same uidAttribute, authentication will be refused, though.
searchFilter (objectclass=posixAccount) specify the filter to limit the search of user entries (used in combination with subtreeSearch=true. the filter will be ANDed with the attributed specified in uidAttribute. Example: (&(objectclass=posixAccount)(uid=foo))
java.naming.provider.url ldap://localhost:389/dc=exam... URL of the LDAP server to connect to for authenticating users. ldaps is supported.
bindDN if your LDAP server does not allow to do searches without any authentication, specify a dn here to bind in order to search (used in combination with subtreeSearch=true).
bindDNPassword the password required for the bindDN
referral follow possible values: ignore, follow, throw
adsBind false This option activates a special ADS bind. It allows the user to authenticate at the ADS with only the displayName or by using the syntax DOMAIN\Samaccountname. Note that "\" cannot be used in user names when this option is activated.
referral follow This option configures how to handle the chasing of referrals in LDAP (see possible values: ignore, follow, throw simple Defines the authentication security that should be used.
com.openexchange.liberty.appstore.url Where to send the app store requests
com.openexchange.liberty.appstore.storefront Where to redirect the user for the BSS
com.openexchange.liberty.appstore.gateway http://html5gateway.mch.fsc....
com.openexchange.liberty.appstore.gatewayQuery gateway=
com.openexchange.licensekey.1 OX-AS-MK-123456-789
modules/themes/light_breeze Light Breeze The following property defines the light breeze theme of the AJAX GUI.
com.openexchange.socialplugin.linkedin.apikey REPLACE_THIS_WITH_THE_KEY_FR... These keys are either pre-filled or need to be replaced by ones gotten from an application managed at linkedIn for information how to create this application please see
com.openexchange.socialplugin.linkedin.apisecret REPLACE_THIS_WITH_THE_SECRET...
com.openexchange.subscribe.socialplugin.linkedin true
log4j.appender.console org.apache.log4j.ConsoleAppe...
log4j.appender.console.layout org.apache.log4j.PatternLayout
log4j.appender.console.layout.ConversionPattern %d{dd.MM.yyyy HH:mm:ss} [%t... INFO,console WARN,console ERROR,console
com.openexchange.login.internal.LoginPerformer.level INFO Important note: The following option ensures, that all login relevant information is logged correctly. Such information is essential to detect and to address session issues, pontentially caused by 3rd parties. Open-Xchange strongly suggests NOT to modify this configuration setting unless you are forced to do so by specific legal requirements, e.g. privacy regulations. Please note: If these settings are changed, Open-Xchange will take no responsibility and will exclude support regarding any session issues and potential security breaches arising thereof.
com.openexchange.sessiond.impl.SessionHandler.level INFO
sun.rmi.level INFO
org.apache.level WARNING
.level INFO possible log levels are ALL INFO DEBUG
com.sun.level INFO INFO
com.hazelcast.level SEVERE
handlers java.util.logging.ConsoleHan...
java.util.logging.ConsoleHandler.level ALL
com.openexchange.ajax.login.http-auth.client com.openexchange.ox.gui.dhtml Every client tells the backend through the client parameter on the login request his identity. This is not possible when using the HTTP authorization header based login. So the client identifier for that request is defined here. It must be the same identifier that the web frontend uses, if you set com.openexchange.cookie.hash to calculate and want the previously configured autologin to work. Identifier for web UI is: com.openexchange.ox.gui.dhtml
com.openexchange.ajax.login.http-auth.version HTTP Auth The version of the client when using the HTTP Authorization Header based login. This should not be the normal web frontend version because a different version can be used to distinguish logins through HTTP authorization header and normal login request.
com.openexchange.ajax.login.insecure false Configures whether an insecure login is allowed. Meaning if local IP and/or user-agent strings are replaced in associated user session on login redirect or login redeem requests. To create a session from a server for some client you have to pass the clients IP address when creating the session. WARNING! Setting this parameter to true may result in users seeing a different users content if the infrastructure around OX does not work correctly.
com.openexchange.ajax.login.redirect.changeIPAllowed true This option has only an effect if com.openexchange.ajax.login.insecure is configured to true. This option allows to enable the IP check for /ajax/login?action=redirect requests. This request is mostly used to create a session without using the OX web UI login screen. The previous behavior allowed to change the IP for this request. Configure this option to false to have an IP check during this request. Additionally you can white list IP addresses from that an IP change is still allowed. This is useful if other systems in the infrastructure around OX want to create the session.
com.openexchange.ajax.login.http-auth.autologin false Configures if some user is able to reenter his existing session after closing the browser tab or the complete browser. Setting this to true may be a security risk for clients running on unsafe computers. If this is configured to true, check that the parameter client contains the same identifier the UI sends as client parameter on normal login request. Otherwise the backend will not be able to rediscover the users session after closing the browser tab. This parameter only applies to the HTTP authorization header based login request.
strategy SimpleStrategy two options here either SimpleStrategy or NetworkTopologyStrategy
node node ip with port eg. node =
keyspace OX keyspace name
replication_factor 3 replication factor of the keyspace
com.openexchange.push.allowedClients "USM-EAS*", "USM-JSON*" Specify the comma-separated list of clients which are allowed to receive notifications about new mails. Wild-card notation is allowed.
com.openexchange.mail.watcherTime 60000 Define exceeding time in milliseconds for mail connections. If use time of an mail connection exceeds this value it is logged. Thus unclosed connections can be detected.
com.openexchange.mail.watcherShallClose false Define if watcher is allowed to close exceeded mail connections
com.openexchange.mail.JavaMailProperties JavaMail Properties
com.openexchange.mail.phishingHeader A comma-separated list of headers which identifies phishing headers; e.g. X-Phishing1,X-Phishing2,etc. Leave empty for no phishing header.
com.openexchange.mail.adminMailLoginEnabled false Define whether a context admin is allowed to login to mail system or not. Note that a mail account is supposed to exist if set to true; if not an authentication error will occur.
com.openexchange.mail.addClientIPAddress false Set whether client's IP address should be added to mail headers on delivery as custom header "X-Originating-IP"
com.openexchange.mail.rateLimitPrimaryOnly true Define if the rateLimit and maxToCcBcc settings below will only affect the primary account or all accounts
com.openexchange.mail.rateLimit 0 Define the time (in milliseconds) which must pass by before a new mail can be sent A value of 0 disables the limit.
com.openexchange.mail.maxToCcBcc 0 Define the allowed maximum number of recipients in a mail A value of 0 disables the limit.
com.openexchange.mail.passwordSource session Set the password source for primary mail/transport account; meaning which source is taken to determine a user's password to login into mailing system. If 'session' is set, then user's individual system's password is taken. If 'global' is set, then the value specified through property 'com.openexchange.mail.masterPassword' is taken. Currently known values: session and global
com.openexchange.mail.hidePOP3StorageFolders false Whether folders which carry a POP3 account shall not be displayed. This property affects primary account only.
com.openexchange.mail.deleteDraftOnTransport false Whether to delete draft messages when sent out Note: Client MUST provide appropriate value in "sendtype" field; see
com.openexchange.mail.translateDefaultFolders true If set to 'false', translation of names of the mail default folders is not performed, if naming differs from pre-defined default values. Thus custom set names can be specified for Trash, Drafts, Sent & Spam folder. By default this value is 'true'. Pre-defined names are: "Trash" "Drafts" "Sent objects" "Spam"
com.openexchange.mail.mailServerSource user Set the mail server source for primary mail account; meaning which source is taken to determine the mail server into which the user wants to login to access mails. Set to 'global' to take the value specified through property "com.openexchange.mail.mailServer". Set to 'user' to take user's individual mail server settings as specified in storage. Currently known values: user and global
com.openexchange.mail.transportServerSource user Set the transport server source for primary transport account; meaning which source is taken to determine the transport server into which the user wants to login to transport mails. Set to 'global' to take the value specified through property "com.openexchange.mail.transportServer". Set to 'user' to take user's individual transport server settings as specified in storage. Currently known values: user and global
com.openexchange.mail.masterPassword secret The master password for primary mail/transport server. Only takes effect when property "com.openexchange.mail.passwordSource" is set to "global"
com.openexchange.mail.mailServer Primary mail server: e.g. or imap:// Only takes effect when property "com.openexchange.mail.mailServerSource" is set to "global"
com.openexchange.mail.transportServer Primary transport server: e.g. or smtp:// Only takes effect when property "com.openexchange.mail.transportServerSource" is set to "global"
com.openexchange.mail.defaultMailProvider imap The mail provider fallback if an URL does not contain/define a protocol
mail.mime.charset UTF-8 Define the default MIME charset used for character encoding. This setting will then be accessible through system property "mail.mime.charset". This parameter takes effect for the complete mail module where no charset is given.
com.openexchange.mail.mailFetchLimit 1000 Define the max. fetch limit; meaning all mails whose count is less than or equal to this value are going to be fetched with all attributes set. Thus these mails can be put into message cache for subsequent list requests.
com.openexchange.mail.attachmentDisplaySizeLimit 8192 maximum size of email text attachments that will be displayed inline ( in bytes)
com.openexchange.mail.mailAccessCacheShrinkerSeconds 3 Define the interval seconds of the mail access cache's shrinker thread
com.openexchange.mail.mailAccessCacheIdleSeconds 7 Define the idle seconds a mail access may reside in mail access cache before it is removed by shrinker thread
com.openexchange.mail.quoteLineColors #a14044,#917722,#599351,#516... Comma-separated hex values of colors for displaying quoted text emails
com.openexchange.mail.userFlagsEnabled true Enable/disable user defined flags
com.openexchange.mail.loginSource login Set the login source for primary mail/transport account; meaning which source is taken to determine a user's login for mailing system. If 'login' is set, then user's individual mail login as defined in user storage is taken. If 'mail' is set, then user's individual primary email address is taken. If 'name' is set, then user's individual system's user name is taken. Currently known values: login, mail, and name
com.openexchange.mail.partModifierImpl com.openexchange.mail.partmo... Define the implementing class of PartModifier. This class is then be used to manipulate the email before displaying.
com.openexchange.mail.allowNestedDefaultFolderOnAltNamespace false This property defines if the default folders of an user (Draft, Sent, Spam & Trash) are going to be placed right below folder "INBOX" even if feature "altNamespace" is enabled. NOTE: This property requires that subfolders are still permitted below initial folder "INBOX" even though "altNamespace" is enabled.
com.openexchange.mail.ignoreSubscription false Defines if folder subscription is ignored when listing mail folders If set to 'true', all folders - regardless of their subscription status - are going to be listed
com.openexchange.mail.supportSubscription true Define if underlying store should support subscription
com.openexchange.mail.defaultSeparator / Define the separator within folder fullnames if not available from mail server
com.openexchange.mail.watcherEnabled true The watcher checks after watcherFrequency for mail connections used for more than watcherTime milliseconds and logs this mail connection. If watcherShallClose is set to true those connections will be closed.
com.openexchange.mail.watcherFrequency 10000 Define watcher's frequency in milliseconds
SIEVE_CREDSRC session Specify which sieve credentials should be use. Two options are allowed here: "session" : login name and password are used from the current session "session-full-login" : full login (incl. context part) name and password are used from the current session "imapLogin" : the login name is taken from the field imapLogin of the current user the password is taken from the current session "mail" : use the primary mail address of the user and the password from the session
SIEVE_SERVER localhost to override the sieve server defaults specify a value for the sieve server here
SIEVE_PORT 2000 Specify the SIEVE port ----------------------------------------------------------- NOTE: 2000 is the deprecated port number for SIEVE (now assigned to some Cisco SCCP protocol by the IANA) 4190 is the new one used with most recent Linux and IMAP implementations. Please check your system's default port defined at /etc/services. -----------------------------------------------------------
SCRIPT_NAME Open-Xchange If you want the script to be generated with another script name change it here. Note that the mail filter bundle will then leave the old script with the old script name behind, and doesn't delete it
SIEVE_AUTH_ENC UTF-8 Define the charset encoding to use for authentication to sieve server
NON_RFC_COMPLIANT_TLS_REGEX ^Cyrus.*v([0-1]\\.[0-9].*|2\... Define the regex which recognizes servers with incorrect sieve TLS implementation
TLS true Whether to use TLS if available
SIEVE_LOGIN_TYPE user Specify which sieve server should be used. Two options are allowed here: user : use the imap server setting stored for user in the database global : use the sieve server given in this config file for all users
VACATION_DOMAINS Specify here if vacation messages should only be sent to specific domains If multiple domains are given, they should be separated by "," e.g.,
com.openexchange.mail.filter.connectionTimeout 30000 Specifies when the connection should time out (value in milliseconds)
com.openexchange.mail.filter.passwordSource session Set the password source; meaning which source is taken to determine a user's password to login into mail filter system. If 'session' is set, then user's individual system's password is taken. If 'global' is set, then the value specified through property 'com.openexchange.mail.filter.masterPassword' is taken. Currently known values: session and global
com.openexchange.mail.filter.masterPassword The master password for mail/transport server. Only takes effect when property "com.openexchange.mail.filter.passwordSource" is set to "global"
com.openexchange.mail.filter.useUTF7FolderEncoding false Cyrus imap server uses MODIFIED UTF-7 encoding for folder names in older versions. This has to be set to 'true' if a cyrus imap server is used whose version is lower than 2.3.11. Otherwise moving mails with the 'fileinto' command will not work for mail folders with special characters in their names.
com.openexchange.mail.filter.punycode false Enable punycode encoding for the username used in authentication against the managesieve server
com.openexchange.mail.filter.useSIEVEResponseCodes false interpret SIEVE Response Codes, see in most cases, this option must be kept to false
com.openexchange.mail.filter.redirectWhitelist Specify a comma-separated list of domains (wild-card syntax supported) that are allowed for redirect rules
com.openexchange.mail.filter.preferGSSAPI false Specify whether to prefer GSSAPI authentication mechanism if supported by SIEVE backend Default is false.
com.openexchange.push.malpoll.concurrentglobal true Whether the tasks executed by global timer are executed concurrently or by calling timer's thread. Note: This property only has effect if "" is set to "true"
com.openexchange.push.malpoll.folder INBOX Define the folder to look-up for new mails in each mailbox Default is INBOX folder
com.openexchange.push.malpoll.period 300000 Define the amount of time in milliseconds when to periodically check for new mails. Default is 300000 (5 minutes). true Whether a global timer is set or a timer per user Or in other words: Do you want a global heartbeat or a heartbeat per per user? Default is true.
JMXBindAddress localhost Define the bind address for JMX agent Use value "*" to let the JMX monitor bind to all interfaces
JMXLogin Define the JMX login for authentication Leaving this property empty means not to use authentication
JMXPassword Define the JMX password in SHA hashed version This property only has effect if previous property "JMXLogin" is set. The following perl command can be used to generate such a password: perl -M'Digest::SHA1 qw(sha1_base64)' -e 'print sha1_base64("YOURSECRET")."=\n";' that requires to install the Digest::SHA1 perl module, of course.
JMXPort 9999 Define the port for the RMI Registry. The default is 9999.
JMXServerPort -1 Define the JMX RMI Connector Server port. Typically chosen randomly by JVM. The default is -1; meaning that port is randomly determined by JVM
com.openexchange.mdns.enabled true Specify whether MDNS bundle is enabled Default is true
com.openexchange.mdns.interface Configures a specific network interface given its IP-address to bind to. If left empty, JmDNS will try to resolve to a local IP address of the machine using a network discovery.
com.openexchange.service.message.numOfServerThreads 1 Specify the number of threads listening on defined port
com.openexchange.service.message.servers Statically configured servers. This property requires the "com.openexchange.service.message.mdnsEnabled" property being set to "false" Specify a comma-separated list of <address> + ':' + <port> elements; e.g.:,
com.openexchange.service.message.bindAddress * Define the bind address. If bind address is "*", then the server socket will be bound to the wildcard address, an IP address chosen by the kernel.
com.openexchange.service.message.mdnsEnabled true Whether mDNS is enabled
com.openexchange.service.message.listenerPort 9311 Specify the listener port. The port must be between 0 and 65535 inclusive.
com.openexchange.messaging.enabled true Determines whether messaging is enabled for this server
com.openexchange.subscribe.microformats.contacts.http true
com.openexchange.subscribe.microformats.infostore.http true
com.openexchange.subscribe.microformats.allowedHosts Optionally specifies the list of accepted host names allowed being subscribed If property is empty, there is no restriction for such subscriptions Otherwise non-matching host names are rejected.
iPhoneTemplate.tmpl mobile_configuration
winMobileTemplate.tmpl mobile_configuration
com.openexchange.oauth.msn.apiKey REPLACE_THIS_WITH_VALUE_OBTA...
com.openexchange.oauth.msn.apiSecret REPLACE_THIS_WITH_VALUE_OBTA...
com.openexchange.subscribe.socialplugin.msn true
notify_participants_on_delete true
object_link http://[hostname]/[uiwebpath...
imipForInternalUsers false Enables/Disables imip-mails for internal users.
com.openexchange.notification.fromSource defaultSenderAddress This property defines which email address of a user is used as from header when this user triggers notification mails. Possible values are: primaryMail or defaultSenderAddress
com.openexchange.oauth.provider.validator.maxVersion 1.0 The maximum valid oauth_version Default value is 1.0.
com.openexchange.oauth.provider.validator.v2.maxTimestampAgeMsec 300000 The range of valid time stamps, in milliseconds into the past or future. So the total range of valid time stamps is twice this value, rounded to the nearest second. Default value is 5 minutes (300000).
com.openexchange.oauth.provider.validator.v2.maxVersion 2.0 The maximum valid OAuth v2 version Default value is 2.0.
com.openexchange.oauth.provider.secret f58c636e089745d4a79679d726ac... The secret identifier
com.openexchange.oauth.provider.validator.maxTimestampAgeMsec 300000 The range of valid time stamps, in milliseconds into the past or future. So the total range of valid time stamps is twice this value, rounded to the nearest second. Default value is 5 minutes (300000).
com.openexchange.oauth.callback false Sets whether call-back policy is enabled when performing OAuth authentication If false; oob (out-of-band) is used which requires user interaction to provide the verifier (pin) Default is false
RMI_HOSTNAME rmi://localhost:1099/ admin daemon rmi URL
LOCK_WAIT_TIME 10 How long (in seconds) the system should wait for a lock before throwing exceptions
MAX_RMI_CONNECT_ATTEMPTS 2 maximum attempts to reconnect to the admin daemon
CONNECT_ATTEMPTS_DELAY_TIME 1 time in seconds to wait between connect attempts
modules/ true
additionalPackages org.eclipse.equinox.event_1....
mox/config/mailCount 50
mox/config/appointmentDays 10
mox/config/maxAppointmentBreak 50
mox/subscribedFolders/contacts []
mox/subscribedFolders/mail []
mox/subscribedFolders/calendar []
mox/defaultContactStoreFolder -1
modules/com.openexchange.custom.parallels/module true The following property enables the Parallels GUI-Plugins
ui/parallels/sender_address_hiding_activated true disable/enable default sender address hiding for POA setups
ui/parallels/use_parallels_antispam_features true should the parallels antispam features be used
com.openexchange.custom.parallels.branding.suffix The following defines the options for the branding stuff set via "loginmapping" attributes within a context in OX. Example: If want to brand a context, set a login mapping with a string like this: BRANDING||<YOUR_POA_BRANDED_HOST> com.openexchange.custom.parallels.branding.suffix=BRANDING|| Leave empty if not, or the log will fill up with warnings
com.openexchange.custom.parallels.branding.fallbackhost Fallback host which should be used if now branding-host was specified for a context Info: If you need trailing slash, add it here. For compatibility reasons it will not be appended by the server to support also jumping to server scripts IMPORTANT INFO: the attribute: "object_link" MUST be set to include the [hostname] placeholder like: https://[hostname]#m=[module]&i=[object]&f=[folder] If this is not set, the systems hostname is used.
com.openexchange.custom.parallels.antispam.xmlrpc.port 3100 This port will be used to communicate with the "POA XML-RPC Service" to retrieve correct spamd hostname and user so that OX can train spamd via socket communication THIS property below must only contain URL to OX GUI like
com.openexchange.custom.parallels.openapi.interface_url http://<coreserver>:<port>/ # OpenAPI properties for managing Black&White Lists via OX GUI This property defines the URL to the HTTP OpenAPI interface of POA
com.openexchange.custom.parallels.openapi.auth_enabled false This property defines if OpenAPI calls should be made with http basic auth
com.openexchange.custom.parallels.sso_info_servlet /ajax/parallels/info Properties for the Parallels Plugin The property defines the mount point of the parallels info servlet used to retrieve correct hostname for direktlinks and sessiontimeouts/logout page
com.openexchange.custom.parallels.openapi.auth_id openapi_user_id This property defines OpenAPI http basic auth credentials auth id
com.openexchange.custom.parallels.openapi.auth_password openapi_password This property defines OpenAPI http basic auth credentials auth password
com.openexchange.custom.parallels.openapi_servlet /ajax/parallels/openapi The property defines the mount point of the OX OpenAPI servlet implementation. Typically, no need to change it.
com.openexchange.participant.autoSearch true When searching for participants and the participants selection dialog is opened this option defines if initially all users, groups and resources are displayed or not. If this option is true every opening of the dialog triggers a search request on the server.
com.openexchange.participant.MaximumNumberParticipants 0 Defines the maximum number of participants that can be selected for an appointment or a task. This should prevent slow free busy queries and slow server and GUI responses if in large contexts large number of participants are selected. 0 means no limit.
com.openexchange.participant.ShowWithoutEmail true When searching for external participants in contact folders this option defines if contacts without email address are shown.
com.openexchange.passcrypt.key 5ce1bcd8175f43ecaf5c809f66bd... The key for password-based encryption to encrypt/decrypt passwords
com.openexchange.passwordchange.regexp [^a-z0-9] Defines the class of allowed special characters as Regular Expression.
com.openexchange.passwordchange.special $, _, or % Shows an example of allowed special characters to the user. Should be a subset of "regexp" in a human readable format.
com.openexchange.passwordchange.showStrength false Show a widget, which displays the current passwort Strength while entering.
com.openexchange.passwordchange.minLength 4 The minimum length of an entered password.
com.openexchange.passwordchange.maxLength 0 The maximum length of an entered password. 0 for unlimited.
com.openexchange.pop3.pop3TemporaryDown 10000 Define the amount of time in milliseconds a POP3 server is treated as being temporary down. A POP3 server is treated as being temporary down if a socket connect fails. Further requests to the affected POP3 server are going to be denied for the specified amount of time. A value less or equal to zero disables this setting.
com.openexchange.pop3.pop3AuthEnc UTF-8 Define the encoding for POP3 authentication
com.openexchange.pop3.spamHandler DefaultSpamHandler Define the registration name of the appropriate spam handler to use
com.openexchange.pop3.pop3ConnectionIdleTime 300000 Define the amount of time in milliseconds an established POP3 connection is kept open although being idle. Since some POP3 servers limit the time period in which connections may be opened/closed, this property allows to keep the connection open to avoid an error on a subsequent login. This property overwrites default connection idle time specified through property "com.openexchange.mail.mailAccessCacheIdleSeconds".
com.openexchange.pop3.pop3Timeout 50000 Define the socket I/O timeout value in milliseconds. A value less than or equal to zero is infinite timeout. See also mail.pop3.timeout
com.openexchange.pop3.pop3BlockSize 100 Specify the number of messages (positive integer!) which are allowed to be processed at once. Default is 100. Zero or negative value is defaulted to 100.
com.openexchange.pop3.allowPing false Whether ping operation is allowed for POP3 account Many POP3 account limit number of allowed login attempts in a certain time interval Default is false
com.openexchange.pop3.logDeniedPing true Whether denied ping operation shall be indicated as a warning to client Only effective if "com.openexchange.pop3.allowPing" is set to false. Default is true
com.openexchange.pop3.pop3ConnectionTimeout 20000 Define the socket connection timeout value in milliseconds. A value less or equal to zero is infinite timeout. See also mail.pop3.connectiontimeout
com.openexchange.http.probe.alias /healthProbe The alias name in the URI namespace at which the probe is registered Default value: /healthProbe
com.openexchange.publish.microformats.usesWhitelisting true if set to true, the contents of a microformatted publication will be processed through a whitelisting filter that removes elements that are considered potentially unsafe. We recommend you use this in case you do not have publications on a different subdomain.
contacts_hcard_censored.tmpl contacts, publish, default
contacts_hcard_uncensored.tmpl contacts, publish
contacts_oxmf_censored.tmpl contacts, publish
contacts_oxmf_uncensored.tmpl contacts, publish
contacts.tmpl contacts, publish
infostore.tmpl infostore, publish, default 600000 The maximum time in milliseconds a push object may be delayed before finally pushing it to the clients Default value: 600000 120000 Time in milliseconds after which a queued object object is pushed to clients unless it got delayed again due to modifications of the push object within the delayDuration or modifications within the folder of the push object. Default value: 120000
com.openexchange.push.udp.remoteHost list of open-xchange servers that should be connected when multicast is disabled
com.openexchange.push.udp.registerTimeout 3600000 time in milliseconds a client registration is kept
com.openexchange.push.udp.registerPort 44335 Port where the clients send the push registration request to.
com.openexchange.push.udp.registerDistributionEnabled false only one of registerDistribution or eventDistribution can be enabled at the same time. if set to true, registrations are distributed to all ox servers
com.openexchange.push.udp.eventDistributionEnabled false if set to true, events will be distributed to all Open-Xchange servers
com.openexchange.push.udp.outputQueueDelay 120000 time in milliseconds after which queued "push" packages are sent to clients
com.openexchange.push.udp.hostname if empty, then the output of the java function getHostName will be used. This name is used for internal communication.
com.openexchange.push.udp.senderAddress address used as the sender address when UDP packages are sent to the clients (should be the IP address of the load balancer in front of the Open-Xchange server farm
com.openexchange.push.udp.multicastEnabled false true/false Send register information per multicast
com.openexchange.push.udp.multicastAddress IP multicast address
com.openexchange.push.udp.multicastPort 9982 Multicast port
com.openexchange.push.udp.pushEnabled false defines if server push port gets opened or not
com.openexchange.push.imapidle.pushmode always when to fire push events? possible values: newmail,always default: always Explanation: newmail means to only send a push event in case of at least one new mail has arrived. NOTE: Using dovecot this does only work when only ONE concurrent session of the same user is active. always send a push event for every changes to the users mailbox.
com.openexchange.push.imapidle.debug false since commons logging is hard to configure, do it our own using when debug is on here
com.openexchange.push.imapidle.folder INBOX Define the folder to look-up for new mails in each mailbox Default is INBOX folder
com.openexchange.push.imapidle.errordelay 2000 waiting time in milliseconds before a reconnect when an error happens during IDLE
com.openexchange.push.mail.notify.udp_listen_multicast false Define if the listener should receive multicast messages
com.openexchange.push.mail.notify.use_ox_login false Whether to use the ox login name to check for a valid push event. The default is to only check the users aliases. If is not contained in the list of aliases, set this to true. Warning: This won't work in multidomain setups where the same login might exist in different contexts!
com.openexchange.push.mail.notify.use_full_email_address false Whether to use the full email address from aliases or just use the localpart. When using a multidomain setup where the imap login is an email address, this should be set to true. If not, login might not be unique because and might be different users. Note: Do NOT set com.openexchange.push.mail.notify.imap_login_delimiter in this case!
com.openexchange.push.mail.notify.udp_listen_host localhost Define the hostname or interface/multicast group where the udp server should listen
com.openexchange.push.mail.notify.udp_listen_port 23420 Define the port where the udp server should listen
com.openexchange.quartz.startLocalScheduler true Wether the local quartz scheduler instance should be started. If false, this node is unable to perform local jobs.
com.openexchange.quartz.localThreads 5 Number of worker threads for the local scheduler instance.
errorMessage Error!!! The displayd error Message.
publicKey The API Key to use the recaptcha Service This is hosted by Google, so you need an Google Account to receive API Keys Go to: to generate keys. Use the global-key option to avoid domain restrictions.
privateKey false This defines if a proxy server should be used to establish the http connection to the Open-Xchange report server, and if which server and proxy details to use. 8080 false USER PASSWORD
com.openexchange.requestwatcher.isEnabled true Enable/disable the requestwatcher. Default value: true (enabled).
com.openexchange.requestwatcher.frequency 30000 Define the requestwatcher's frequency in milliseconds. Default value: 30000.
com.openexchange.requestwatcher.maxRequestAge 60000 Define the maximum allowed age of requests in milliseconds. Default value: 60000.
com.openexchange.requestwatcher.restartPermission false Permission to stop & re-init system (works only for the ajp connector)
RESELLER_STORAGE com.openexchange.admin.resel... localhost Set this to 0 to bind on all interfaces
com.openexchange.rmi.port 1099
com.openexchange.messaging.rss true Whether the RSS Messaging Service is available or not
com.openexchange.secret.secretSource "<password>" Specifies the source for secret (used to decrypt/encrypt user passwords) <password>: Denotes the session's password (also the fall-back to previous handling) <user-id>: Denotes the user identifier <context-id>: Denotes the context identifier <random>: Denotes the value specified in property 'com.openexchange.user.secretRandom' <list>: Step-wise trial-and-error with tokens specified in file 'secrets' Literals are surrounded by single-quotes E.g. com.openexchange.user.secretSource="<user-id> + '@' + <context-id>"
com.openexchange.secret.secretRandom eb495148-a9f8-441e-8a28-dcb9... The random secret token
com.openexchange.cookie.hash calculate Whether the hash value for the cookie name should be calculated or remembered from the session for each request. Possible values are: calculate (default) - Calculate hash from client login paramater and HTTP header User-Agent (may be modified through c.o.cookie.hash.fields) remember - remember once calculated hash in session and use it for the whole session life time (less secure)
com.openexchange.forceHTTPS false If an HTTPS connection is detected the cookie is automatically marked as secure. This tells the browser only to send the cookie over encrypted connections. If HTTPS is terminated in front by some load balancer only HTTP is detected. Then this parameter can force to set the secure flag for cookies. Additionally all links generated inside the groupware to point at itself will use the https:// protocol prefix when this is set. Use this flag to indicate that HTTPS termination happens elsewhere.
com.openexchange.servlet.maxActiveSessions -1 The maximum number of active sessions that will be created by this Manager, or -1 (the default) for no limit.
com.openexchange.servlet.maxInactiveInterval 1800 The initial maximum time interval, in seconds, between client requests before a session is invalidated. A negative value will result in sessions never timing out. If the attribute is not provided, a default of 1800 seconds is used.
UPLOAD_DIRECTORY /var/spool/open-xchange/uplo... Upload Parameter. All uploads that are done by a client are temporarily saved in that directory.
com.openexchange.servlet.maxBodySize 104857600 Specify the maximum body size allowed being transferred via PUT or POST method A request exceeding that limit will be responded with a 500 error and that request is discarded Equal or less than zero means no restriction concerning body size By default limit is set to 100MB (104857600 bytes).
com.openexchange.servlet.echoHeaderName X-Echo-Header Specify the name of the echo header whose value is echoed for each request providing that header
com.openexchange.log.propertyNames com.openexchange.ajpv13.remo... Specify property names as comma-separated list. One of: - com.openexchange.ajpv13.threadName - com.openexchange.ajpv13.remotePort - com.openexchange.ajpv13.remoteAddress - com.openexchange.ajpv13.requestId - com.openexchange.session.sessionId - com.openexchange.session.userId - com.openexchange.session.contextId Furthermore a log level may be appended to each name to specify at what log level implies the property being logged E.g. com.openexchange.ajpv13.remoteAddress(ERROR),com.openexchange.session.userId(DEBUG),com.openexchange.session.contextId(DEBUG) If no loe level is specified, the property is logged with each log output
com.openexchange.json.maxSize 2500 Specify the max. number of allowed attributes for a JSON object
com.openexchange.webdav.disabled false Setting this to true means that the WebDav XML servlets for attachments, calendar, contacts and tasks will be disabled. On requests to these servlets a service-not-available (503) response will be sent. See "webdav-disabled-message.txt" to customize the detailed error message that will be sent.
com.openexchange.ajax.response.includeStackTraceOnError false Whether the JSON response object should provide the stack trace of the associated exception
com.openexchange.json.poolEnabled false Enabled character array pooling in JSON
com.openexchange.json.poolSize 10000,1000,10 Define the number of pooled small, medium, and large character arrays (in that order) as comma-separated string of integer values Default is: 10000, 1000, 10 Only takes effect if "com.openexchange.json.poolEnabled" is set to "true"
com.openexchange.json.poolCharArrayLength 1024,10240,102400 Define the length of small, medium, and large character arrays (in that order) as comma-separated string of integer values Default is: 1024, 10240, 102400 Only takes effect if "com.openexchange.json.poolEnabled" is set to "true"
com.openexchange.connector.networkListenerHost The host for the connector's (ajp, http) network listener. Set to "*" if you want to listen on all available interfaces. Default value:, bind to localhost only.
com.openexchange.connector.networkListenerPort 8009 The default port for the connector's (ajp, http) network listener. Default value: 8009.
com.openexchange.connector.maxRequestParameters 30 Specify the max. number of allowed request parameters for the connector (ajp, http) Default value: 30
com.openexchange.server.backendRoute OX0 To enable proper load balancing and request routing from {client1, client2 .. .} --> balancer --> {backend1, backend2 ...} we have to append a backend route to the JSESSIONID cookies separated by a '.'. It's important that this backend route is unique for every single backend behind the load balancer. The string has to be a sequence of characters excluding semi-colon, comma and white space so the JSESSIONID cookie stays in accordance with the cookie specification after we append the backendroute to it. Default value: OX0
com.openexchange.server.considerXForwards false Decides if we should consider X-Forward-Headers that reach the backend. Those can be spoofed by clients so we have to make sure to consider the headers only if the proxy/proxies reliably override those headers for incoming requests. Default value: false
com.openexchange.server.forHeader X-Forwarded-For The name of the protocolHeader used to identify the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. This is needed for grizzly based setups that make use of http proxying. If the header isn't found the first proxy in front of grizzly will be used as originating IP/remote address. Default value: X-Forwarded-For
MAX_UPLOAD_SIZE 0 If the sum of all uploaded files in one request is greater than this value, the upload will be rejected. This value can be overridden on a per-module basis by setting the MAX_UPLOAD_SIZE parameter in the modules config file ( or Or it can be overriden on a per-user basis by setting the upload_quota in the mail configuration of this user If this value is set to 0 and not overridden by the module config or user config uploads will be unrestricted. The size is in bytes.
com.openexchange.server.knownProxies A list of know proxies in front of our httpserver/balancer as comma separated IPs e.g:,
MAX_UPLOAD_IDLE_TIME_MILLIS 300000 The max. idle time in milliseconds for an uploaded file temporary stored in upload directory
MAX_BODY_SIZE 0 The max. HTTP body size Zero or less means infinite.
com.openexchange.defaultMaxConcurrentAJAXRequests 0 The default max. number of allowed concurrent requests per user This property only has effect if no individual value has been specified for active user A value less than or equal to zero means infinite
DefaultEncoding UTF-8 DEFAULT ENCODING FOR INCOMING HTTP REQUESTS This value MUST be equal to web server's default encoding
com.openexchange.MinimumSearchCharacters 0 Minimum number of characters a search pattern must contain. 0 means no minimum. This should prevent slow searches for contacts or big responses in large contexts.
PUBLISH_REVOKE e-mail address of a person that can be called if data has been published and the actual owner of the data objects to the publication. If removed or left empty, the e-maill address of the context admin is used.
com.openexchange.IPCheck true On session validation of every request the client IP address is compared with the client IP address used for the login request. If this configuration parameter is set to "true" and the client IP addresses do not match the request will be denied and the denied request is logged with level info. Setting this parameter to "false" will only log the different client IP addresses with debug level. WARNING! This should be only set to "false" if you know what you are doing and if all requests are secure - requests are always encrypted by using HTTPS.
com.openexchange.IPMaskV4 Subnet mask for accepting IP-ranges. Using CIDR-Notation for v4 and v6 or dotted decimal only for v4. Examples: com.openexchange.IPMaskV4= com.openexchange.IPMaskV4=/24 com.openexchange.IPMaskV6=/60
com.openexchange.IPCheckWhitelist Specify a comma-separated list of client patterns that do bypass IP check E.g. com.openexchange.IPCheckWhitelist="Mobile App*", "Foo*"
com.openexchange.UIWebPath /ox6/index.html Configures the path on the web server where the UI is located. This path is used to generate links directly into the UI. The default conforms to the path where the UI is installed by the standard packages on the web server. This path is used for the [uiwebpath]. For the Open-Xchange 6 frontend the path needs to be configured to "/ox6/index.html" which is still the default. For the App Suite frontend the path needs to be configured to "/appsuite/".
com.openexchange.dispatcher.prefix /ajax/ Specify the prefix for Central Dispatcher framework (the Open-Xchange AJAX interface)
PrefetchEnabled true Enable or disable SearchIterator prefetch. If prefetch is enabled the underlying ResultSet data is completely stored and all related resources are released immediately when creating a SearchIterator. Possible values: TRUE / FALSE
com.openexchange.cookie.ttl 1W The time-to-live for session, secret and JSESSIONID cookie. Note: Time-to-live is only relevant for session and secret cookie, if autologin is enabled as well. Autologin is configured in by "com.openexchange.sessiond.autologin" property. Can contain units of measurement: D (=days) W(=weeks) H(=hours). Special identifier "web-browser" to let the Cookie(s) be deleted when the Web browser
com.openexchange.cookie.httpOnly true Whether the "; HttpOnly" should be appended to server cookies exits
com.openexchange.sessiond.maxSessionPerClient 0 Specify the number of sessions allowed per client (Web UI, EAS, WebDAV, ...) and user. A value equal to or less than zero means unlimited
com.openexchange.sessiond.sessionDefaultLifeTime 3600000 Maximum value in milliseconds a session is allowed to be kept without request. After this time the session is put into the long life time container and all temporary session data is removed. Life time of a session in the short term session containers. Short term session containers are rotated every 6 minutes. Therefore this value should be a multiple of 6 minutes.
com.openexchange.sessiond.sessionLongLifeTime 1W This amount of time a session can life in the long life time container. The session can be restored from here but it won't have any temporary session data anymore. Restoring temporary session data may cause some slower functionality and maybe temporary errors on image, proxy data or the like. Can contain units of measurement: D(=days) W(=weeks) H(=hours) M(=minutes). Long term session containers are rotated every hour. Therefore this value should be a multiple of 1 hour.
com.openexchange.sessiond.randomTokenTimeout 1M The random token to access a newly created session is valid for this configured time. Can contain units of measurement: D(=days) W(=weeks) H(=hours) M(=minutes).
com.openexchange.sessiond.autologin false Whether autologin is allowed or not
com.openexchange.sessiond.encryptionKey auw948cz,spdfgibcsp9e8ri+<#q... Key to encrypt passwords during transmission during session migration. Change this, and make sure it's the same in the entire cluster
com.openexchange.sessiond.maxSession 5000 Maximum number of concurrent sessions, 0 stands for unlimited
com.openexchange.sessiond.maxSessionPerUser 100 Maximum number of concurrent sessions per user, a value less than or equal to zero means unlimited 1 Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. 0 Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. true Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. sessions-6 The name of the map. Don't change this on your own. 640000 Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. To avoid unnecessary eviction, the value should be higher than the configured 'com.openexchange.sessiond.sessionLongLifeTime' in ''. Defaults to 640000 (a bit more than a week).
com.openexchange.sessionstorage.nosql.enabled true
com.openexchange.sessionstorage.nosql.port 9160
com.openexchange.sessionstorage.nosql.keyspace OX
com.openexchange.sessionstorage.nosql.cfname SessionStorage
com.openexchange.sessionstorage.nosql.sessionLifetime 604800
com.openexchange.mail.smal.blacklist * Specify host names of mail backends that shall be excluded from index access. If set to *, only the primary mail account is allowed to be indexed. Leave empty to allow indexing for all external mail accounts. Example:,
com.openexchange.smtp.smtpAuthentication true Enable/disable SMTP Authentication
com.openexchange.smtp.setSMTPEnvelopeFrom false Defines if SMTP header ENVELOPE-FROM should be explicitly set to user's primary email address or not
com.openexchange.smtp.smtpTimeout 50000 Define the socket I/O timeout value in milliseconds. A value less than or equal to zero is infinite timeout. See also mail.smtp.timeout
com.openexchange.smtp.smtpConnectionTimeout 10000 Define the socket connection timeout value in milliseconds. A value less or equal to zero is infinite timeout. See also mail.smtp.connectiontimeout
com.openexchange.smtp.smtpLocalhost null The localhost name that is going to be used on SMTP's HELO or EHLO command. The default is set to InetAddress.getLocalHost().getHostName() but if either JDK or name service are not configured properly, this routine fails and the HELO or EHLO command is send without a name which leads to an error: "501 HELO requires domain address" The value "null" falls back to InetAddress.getLocalHost().getHostName() which works in most cases.
com.openexchange.smtp.smtpAuthEnc UTF-8 Define the encoding for SMTP authentication
com.openexchange.nosql.cassandra.snappyjava.nativelibs @oxsnappydir@/lib Path for native libs
com.openexchange.solr.solrHome /opt/open-xchange/solr This is the path to the home directory of the embedded Solr server. Don't change this unless you know what you are doing!
com.openexchange.solr.libDir /opt/open-xchange/solr/lib This is the path to the library directory of the embedded Solr server. Don't change this unless you know what you are doing!
com.openexchange.solr.configDir /opt/open-xchange/solr/conf This is the path to the configuration directory of the embedded Solr server. Don't change this unless you know what you are doing!
com.openexchange.solr.schemaMail /opt/open-xchange/solr/conf... This is the path to the schema file for the mail index. Don't change this unless you know what you are doing!
com.openexchange.solr.configMail /opt/open-xchange/solr/conf... This is the path to the configuration file for the mail index. Don't change this unless you know what you are doing!
com.openexchange.solr.schemaInfostore /opt/open-xchange/solr/conf... This is the path to the schema file for the infostore index. Don't change this unless you know what you are doing!
com.openexchange.solr.configInfostore /opt/open-xchange/solr/conf... This is the path to the configuration file for the infostore index. Don't change this unless you know what you are doing!
com.openexchange.solr.schemaAttachments /opt/open-xchange/solr/conf... This is the path to the schema file for the attachment index. Don't change this unless you know what you are doing!
com.openexchange.solr.configAttachments /opt/open-xchange/solr/conf... This is the path to the configuration file for the attachment index. Don't change this unless you know what you are doing!
com.openexchange.solr.isSolrNode false Indicates whether this OX node is a Solr node or not. Being a Solr node means that this node will be used to perform Solr searches and jobs like indexing mailboxes etc. If set to false, all index search actions will be delegated to a Solr node.
com.openexchange.spamhandler.spamassassin.port 783 If the mail should be send to spamd specify the port of the spamassassin daemon here
com.openexchange.spamhandler.spamassassin.timeout 10 If the mail should be send to spamd specify the timeout after which the try to connect is aborted here
com.openexchange.spamhandler.spamassassin.retries 1 If the mail should be send to spamd specify the connect retries here.
com.openexchange.spamhandler.spamassassin.spamd false Choose if a mail should be send to spamd afterwards
com.openexchange.spamhandler.spamassassin.retrysleep 1 If the mail should be send to spamd specify the connect retries sleep here. This is how log should be waited between the different tries.
com.openexchange.spamhandler.spamassassin.hostname localhost If the mail should be send to spamd specify the hostname of the spamassassin daemon here
modules/com.openexchange.spamhandler.spamexperts/module true The following property enables the Spamexperts Iframe GUI-Plugins
com.openexchange.custom.spamexperts.panel.api_interface_url URL of spamexperts Interface to generate new sessions
com.openexchange.custom.spamexperts.panel.admin_user admin This property defines the username which should be used as basic auth
com.openexchange.custom.spamexperts.panel.admin_password demo This property defines the password which should be used as basic auth
com.openexchange.custom.spamexperts.panel.api_auth_attribute mail Which user attribute should be used for authentication against panel API Possible values: - imaplogin -> Users IMAP login - mail -> Users mail address - login -> String which user entered at login mask - username -> Users "username" attribute.
com.openexchange.custom.spamexperts.panel.web_ui_url Defines the URL where the panel is available
com.openexchange.custom.spamexperts.panel_servlet /ajax/spamexperts/panel The next property defines the mount point of the panel servlet
com.openexchange.spamhandler.cloudmark.targetSpamFolder 2 Defines to which folder the selected mails should be moved to after they have been bounced to the target eMail address. If no option is configured the selected mails will be moved to the users trash folder. Possible options are: 1 = User's trash folder (Default) 2 = User's SPAM folder 3 = Subscribed confirmed-spam folder (experimental)
com.openexchange.spamhandler.cloudmark.targetSpamEmailAddress Defines the eMail address to which the selected eMails will be bounced. If no address is specified the bounce will be skipped, but moving the selected mails to the target folder will still be processed (if configured)
driver com.mysql.jdbc.Driver
driver com.mysql.jdbc.Driver
driver com.mysql.jdbc.Driver
driver com.mysql.jdbc.Driver
driver com.mysql.jdbc.Driver
login openexchange
login openexchange
login openexchange
login openexchange
login openexchange
password secret
password secret
password secret
password secret
password secret
url jdbc:mysql://localhost/ox_t...
url jdbc:mysql://devel-master.n...
url jdbc:mysql://localhost/open...
url jdbc:mysql://localhost/ox_t...
url jdbc:mysql://localhost/open...
com.openexchange.cluster.discovery.static.nodes Specify CSV list of known nodes e.g.,,
serviceUsageInspection false Enabled/disable service usage inspection. If enabled, all services obtained and managed by ServiceHolder class will be tracked to ensure all services are put back (via unget) within a certain amount of time. The time range can be defined through property 'serviceUsageTimeout'.
serviceUsageTimeout 10000 The service usage timeout in milliseconds. This property only has effect if property 'serviceUsageInspection' is set to 'true'.
MimeTypeFileName mime.types Name of the MIME type file
UserConfigurationStorage Caching Name of the class implementing the UserConfigurationStorage. Currently known aliases: Caching, DB
Cache true Switch for enabling caching in the groupware. Normally this should be set to true or the database will get a lot more load.
CalendarSQL com.openexchange.groupware.c...
SERVER_NAME local Server name registered by registerserver in the configuration database can be read with listservers
com.openexchange.config.cascade.scopes user, context, contextSets, ... The scopes to use in the config cascade, and their precedence
com.openexchange.caching.configfile cache.ccf Location of default cache configuration file
com.openexchange.threadpool.maximumPoolSize 2147483647 The maximum number of threads to allow in the pool. Default is max. integer value of 2^31 - 1 which is considered as unlimited max. number of threads.
com.openexchange.threadpool.keepAliveTime 60000 When the number of threads is greater than the core, this is the maximum time (in milliseconds) that excess idle threads will wait for new tasks before terminating. Default is 60000msec
com.openexchange.threadpool.workQueue synchronous The queue type to use for holding tasks before they are executed. This queue will hold only the tasks submitted by the execute method. Supported values: synchronous and linked A synchronous queue is an appropriate choice when "com.openexchange.threadpool.maximumPoolSize" is unlimited and possible rejection of tasks is allowed. A synchronous queue has no capacity, it rather acts as a direct hand-off of tasks to an already waiting worker thread and will deny the task if there is no further worker thread to process the task. A linked queue is an appropriate choice when "com.openexchange.threadpool.maximumPoolSize" is limited and rejection of tasks is prohibited. A linked queue has a (fixed) capacity to store submitted tasks which have to wait for a worker thread to become ready.
com.openexchange.threadpool.corePoolSize 3 The number of threads to keep in the pool, even if they are idle. If unsure follow this rule: Number of CPUs + 1
com.openexchange.threadpool.workQueueSize 0 The size of the work queue. Zero means unlimited size. Note: If this property is set to a value greater than zero, property "com.openexchange.threadpool.workQueue" is implicitly set to "linked" to accomplish a fixed-size work queue.
com.openexchange.threadpool.blocking false Enable/disable blocking behavior. A blocking behavior means that caller is blocked until space becomes available in working queue. This is useful for installation with limited capacities concerning max. number of threads and a bounded blocking work queue.
com.openexchange.threadpool.refusedExecutionBehavior abort The default behavior to obey when execution is blocked because the thread bounds and queue capacities are reached. Supported values: abort, caller-runs, discard abort: Aborts execution by throwing an appropriate exception to the caller caller-runs: The caller is considered to run the task if thread pool is unable to do so discard: The task is silently discarded. No exception is thrown.
com.openexchange.threadpool.prestartAllCoreThreads true Starts all core threads, causing them to idly wait for work. This overrides the default policy of starting core threads only when new tasks are executed.
com.openexchange.mail.transport.enablePublishOnExceededQuota false Enable/disable to publish email attachments if quota is exceeded rather than throwing an appropriate error. ------- /!\ Please be aware that this option requires infostore module to be enabled! /!\ -------
com.openexchange.mail.transport.publishingPublicInfostoreFolder i18n-defined Specify the name of the publishing infostore folder which is created below public infostore folder. The denoted folder is created if absent only if "com.openexchange.mail.transport.enablePublishOnExceededQuota" is enabled The special identifier "i18n-defined" indicates to use translation of text "E-Mail attachments".
com.openexchange.mail.transport.publishPrimaryAccountOnly true Whether all accounts or only primary account are affected if property "com.openexchange.mail.transport.enablePublishOnExceededQuota" is enabled.
com.openexchange.mail.transport.sendAttachmentToExternalRecipients false Whether external recipients shall receive file attachments instead of publication links although quota is exceeded if property "com.openexchange.mail.transport.enablePublishOnExceededQuota" is enabled.
com.openexchange.mail.transport.provideLinksInAttachment false This options enables that publication links are provided in a separate "text/html" file attachment named "links.html, instead of inserting them to top of mail text. This avoids modification of original mail text. If set to "false", the publication links are inserted to top of mail text.
com.openexchange.mail.transport.publishedDocumentTimeToLive 604800000 Define the time-to-live in milliseconds for published email attachments
com.openexchange.mail.transport.referencedPartLimit 1048576 Define the limit in bytes for keeping an internal copy of a referenced MIME message's part when sending a mail. If a part exceeds this limit a temporary file is created holding part's copy
com.openexchange.mail.transport.externalRecipientsLocale user-defined Set the identifier of the locale to use when composing text sent to external recipients; e.g "en", or "de" The special identifier "user-defined" indicates to use that locale from the user who sends the email.
com.openexchange.mail.defaultTransportProvider smtp The transport provider fallback if an URL does not contain/define a protocol
com.openexchange.twitter.http.proxyHost The HTTP proxy host
com.openexchange.twitter.http.proxyPort The HTTP proxy port
com.openexchange.twitter.http.connectionTimeout 20000 Connection time out
com.openexchange.twitter.http.readTimeout 120000 Read time out
com.openexchange.twitter.http.retryCount 3 Retry count
com.openexchange.twitter.http.retryIntervalSecs 10 Retry interval seconds
com.openexchange.twitter.consumerKey kZX3V4AmAWwC53yA5RjHbQ The consumer key
com.openexchange.twitter.consumerSecret HvY7pVFFQSGPVu9LCoBMUhvMpS00... The consumer secret
com.openexchange.twitter.clientVersion 2.2.3 The client version string
com.openexchange.twitter.http.useSSL false Whether to use HTTPS or HTTP
com.openexchange.messaging.twitter true Whether the twitter messaging service is available
com.openexchange.oauth.twitter true Enable/disable Twitter OAuth bundle
ui/global/toolbar/mode/value tabbased UI: Toolbar type Possible values: tabbased|simple
ui/global/toolbar/mode/configurable true All user to configure the latter Possible values: true|false
ui/mail/showContactImage/value true UI: Show contact images in email view Possible values: true|false
ui/mail/showContactImage/configurable true All user to configure the latter Possible values: true|false Please configure the ui.yml accordingly.
ui/mail/replyTo/configurable false Allow user to configure a reply-to address Possible values: true|false
ui/global/windows/mode/value embedded UI: Window manager Possible values: embedded and popups
ui/portal/autoRefresh false Auto refresh portal page Possible values: true|false Whenever the user accesses the portal, all visible widgets get refreshed (mail, calendar, contacts etc.). Default is false.
ui/portal/customUWA true Allow custom UWA widgets Possible values: true|false Disables add, remove, edit in UI. Default is true.
ui/global/expert/mode/configurable true Allow disabling of expert mode Possible values: true|false value does not affect user setting. reserved for future use.
ui/global/expert/mode/value false
ui/global/windows/mode/configurable true All user to configure the latter Possible values: true|false
modules/com.openexchange.upsell.multiple.gui/module true
modules/com.openexchange.upsell.generic/module true /opt/open-xchange/etc/groupw... Subject to use for emails which are sent to the ox enduser. If you need i18n support, create template with suffix "_<LANGUAGE_CODE>" Example: upsell_mail_subject_ox_enduser.tmpl_de_DE For placeholders, see above.
com.openexchange.upsell.multiple.servlet /ajax/upsell/multiple The next property defines the mount point of the servlet FOR TESTING, DEMO ONLY. DO NOT TOUCH IF YOU DONT KNOW WHAT THESE OPTIONS MEAN! OX API RMI Host, IF not localhost, make sure the OX accepts remote RMI connections! See for enabling remote connections.
modules/com.openexchange.upsell.generic/html <b>Groupware</b><BR><BR>This...
com.openexchange.upsell.multiple.rmi.masteradmin oxadminmaster OX API RMI Masteradmin
com.openexchange.upsell.multiple.rmi.masteradmin.pass secret OX API RMI Masteradmin Password
com.openexchange.upsell.multiple.rmi.downgrade.accessname pim Which access-combination-name should be used for downgrading the context
com.openexchange.upsell.multiple.method.external.shop_api_url DISABLED AT THE MOMENT! URL of the external Interface to generate "upsell URL" for customers shop or control center URL will be used in a POST request with following parameters of the logged in ox user: src = "ox_upsell" user = <ox_username> userid = <ox_user_id> pwd = <ox_user_password> cid = <ox_user_cid> mail = <ox_user_mail> login = <ox_user_full_login_from_login_mask> imaplogin = <ox_user_imap_login> clicked_feat = <clicked_feature_at_gui> upsell_plan = <clicked_upsell_plan>
com.openexchange.upsell.multiple.method static Define which Upsell method should be used Possible values: a) direct b) static, c) email direct = Redirect within IFRAME immediately to com.openexchange.upsell.multiple.method.static.shop_redir_url value after clicking one of the upsell triggers static = Redirect AFTER clicking a button within the shipped OX Upsell pages email = Send email to specific address AFTER clicking a button within the shipped OX Upsell pages
com.openexchange.upsell.multiple.method.static.shop_redir_url b) Defines the static URL to redirect with all parameters we can pass , see below for all possible parameters c) Defines the email address where upsell will send all infos to for processing this request /opt/open-xchange/etc/groupw... Email template to load, if not found, hardcoded text will be used. Following placeholders will be replaced by ox users data: "_USER_" "_USERID_" "_MAIL_" "_LOGIN_" "_IMAPLOGIN" "_CLICKED_FEATURE_" "_UPSELL_PLAN_" - Not in use. "_CID_" "_LANG_" "_PURCHASE_TYPE_" - Only used if email or static method is used due to the OX upsell layout/buttons "_INVITE_" - User checked "invite my friends" checkbox in upsell box OX upsell in context _CID_ f... Mail subject to use when sending upsell request mails. See available placeholders in option above true Send info email to ox enduser to inform about upsell? /opt/open-xchange/etc/groupw... Following placeholders can be replaced by ox users data: "_USER_" "_USERID_" "_MAIL_" "_LOGIN_" "_IMAPLOGIN" "_CLICKED_FEATURE_" "_UPSELL_PLAN_" - Not in use. "_CID_" "_LANG_" "_PURCHASE_TYPE_" - Only used if email or static method is used due to the OX upsell layout/buttons
com.openexchange.user.contactCollectOnMailAccess false Define the default behavior whether to collect contacts on mail access Note: Appropriate user access permission still needs to be granted in order to take effect
com.openexchange.user.contactCollectOnMailTransport false Define the default behavior whether to collect contacts on mail transport Note: Appropriate user access permission still needs to be granted in order to take effect
com.openexchange.user.maxClientCount -1 Specify the max. allowed number of client identifiers stored/tracked per user A value equal to or less than zero means unlimited Default is -1
com.openexchange.user.beta true Specify whether beta features are enabled/disabled per default. The value is remembered for every user in its attributes.
com.openexchange.folder.tree 1 Defines the default folder tree that should be used if a user has not selected one.
com.4psa.voipnow.faxaddress Fax address. The VoipNow host; either the machine name, such as "", or a textual representation of its IP address.
com.4psa.voipnow.port 443 The VoipNow port. true Whether a secure connection (HTTPS) shall be established. A secure connection is recommended.
com.4psa.voipnow.adminLogin admin The login name of the VoipNow administrator account
com.4psa.voipnow.adminPassword secret The password of the VoipNow administrator account for used for SOAP requests (and for login via web front-end)
com.4psa.voipnow.adminPasswordHTTP secret The password of the VoipNow administrator account for used for HTTP API request
com.4psa.voipnow.enabled true Enable/disable.
com.4psa.voipnow.version 2.0.4 The version string.
com.openexchange.oauth.xing.apiSecret REPLACE_THIS_WITH_YOUR_XING_... The API secret
com.openexchange.oauth.xing.domain The domain to use when composing call-back URL Leave empty to use host address as default
com.openexchange.oauth.xing false Enable/disable
com.openexchange.oauth.xing.apiKey REPLACE_THIS_WITH_YOUR_XING_... The API key
com.openexchange.subscribe.socialplugin.xing true Enable/disable XING subscribe service REPLACE_THIS_WITH_VALUE_OBTA... REPLACE_THIS_WITH_VALUE_OBTA... true