System Settings¶

Configure Mailborder system-wide settings through the web interface.

Accessing Settings¶

Navigate: Dashboard → Settings → System

Permissions required: Admin level 8+

General Settings¶

System Information¶

Editable: - System name - Hostname - Timezone - Contact email

Read-only: - Mailborder version - Install date - License type

Email Processing¶

Message size limits: - Maximum message size (default: 50 MB) - Maximum attachment size (default: 25 MB) - Maximum recipients per message (default: 100)

Relay settings: - Relay host (mail server) - Relay port (default: 25) - Authentication (if required)

Apply changes: Click "Save" → Services reload automatically

Spam Filtering¶

Thresholds¶

Spam score thresholds: - Pass threshold (default: 6.0) - Quarantine threshold (default: 6.0) - Reject threshold (default: 20.0)

Lower = more strict (catches more spam, more false positives) Higher = more lenient (misses some spam, fewer false positives)

Bayesian Learning¶

Auto-learn settings: - Enable auto-learning - Ham threshold (learn as legitimate) - Spam threshold (learn as spam)

RBL Servers¶

Real-time Blacklists: - Add/remove RBL servers - Set weights per RBL - Enable/disable individual RBLs

Recommended: - zen.spamhaus.org (weight: 3.0) - bl.spamcop.net (weight: 2.5)

Virus Scanning¶

ClamAV Settings¶

Scan configuration: - Enable/disable virus scanning - Action on detection (quarantine/reject) - Maximum file size to scan - Archive scanning depth

Blocked extensions: - Add/remove file extensions - .exe, .scr, .bat (recommended blocked)

Signature Updates¶

Automatic updates: - Enable/disable - Update frequency (default: hourly) - Alert on update failure

Authentication¶

Password Policy¶

Requirements: - Minimum length (default: 12) - Require uppercase - Require lowercase - Require numbers - Require special characters - Password age (default: 90 days)

Session Settings¶

Timeouts: - Session timeout (default: 3600 seconds / 1 hour) - Idle timeout (default: 1800 seconds / 30 minutes)

Security: - Require HTTPS - Session fingerprinting - Single session per user

Two-Factor Authentication¶

2FA settings: - Enable/disable - Require for all users - Grace period (days) - Backup codes count

Passkeys¶

WebAuthn settings: - Enable/disable passkeys - Require for admins - Allow passwordless login

Network & Security¶

Firewall Rules¶

IP whitelist/blacklist: - Manage allowed/blocked IPs - CIDR ranges supported

Rate limiting: - Login attempts per IP - Email sending per user - API requests per key

GeoIP Filtering¶

Geographic restrictions: - Enable/disable - Blocked countries - Allowed countries (whitelist mode) - Action (reject/quarantine)

SSL/TLS¶

Certificate info: - Current certificate - Expiration date - Issuer

Upload new certificate: - Certificate file (.crt) - Private key (.key) - Certificate chain (optional)

Backup & Maintenance¶

Backup Configuration¶

Schedule: - Daily/weekly/monthly - Backup time - Retention period

What to backup: - Configuration - Database - Logs - Quarantine

Storage: - Local path - Remote location (optional) - Encryption key

Maintenance Windows¶

Scheduled maintenance: - Day of week - Time - Duration - Tasks (updates, cleanup, optimization)

Logging¶

Log Levels¶

Per-component log levels: - System (default: info) - Authentication (default: info) - Email filtering (default: info) - Debug mode (temporary)

Levels: debug, info, warning, error, critical

Log Retention¶

Retention periods: - System logs (default: 30 days) - Auth logs (default: 90 days) - Email logs (default: 30 days) - Audit logs (default: 365 days)

Syslog Integration¶

Forward to syslog: - Enable/disable - Syslog server - Port and protocol - Facility

Notifications¶

Email Alerts¶

Alert recipients: - Admin email(s) - Security team email

Alert types: - System errors - Service failures - Security events - Disk space warnings - Queue backups

Report Schedule¶

Automated reports: - Daily summary - Weekly statistics - Monthly analysis - Send time - Recipients

Advanced¶

API Configuration¶

API access: - Enable/disable - Rate limiting - Allowed IPs - Key expiration

Clustering¶

Multi-server setup: - Enable clustering - Node role (main/child) - Sync settings - Child nodes list

Debug Mode¶

Temporary debug logging: - Enable for duration (1-24 hours) - Component selection - Auto-disable

Applying Changes¶

Most settings apply immediately.

Some require service reload: - Email processing - Spam filtering - Virus scanning

System prompts: "Reload services now?"

Manual reload:

sudo systemctl reload mb-filter

Configuration Backup¶

Export settings: - Settings → Export Configuration - Downloads JSON file

Import settings: - Settings → Import Configuration - Upload JSON file - Review changes - Apply

Use for: - Migrating to new server - Restoring after issue - Testing configuration changes

CLI Equivalent¶

Most settings available via CLI:

# View setting
sudo mb-config get spam.threshold.pass

# Change setting
sudo mb-config set spam.threshold.pass 6.5

# List all settings
sudo mb-config show

# Reload configuration
sudo mb-config reload

See Also¶

• System Configuration - Detailed config guide
• Spam Filtering - Spam settings
• Authentication - Auth settings
• Backup - Backup configuration