Terms & Acronyms
Term | Definition |
ActiveSync/ Exchange ActiveSync (EAS) |
A protocol that is used for synchronizing the email, calendars, contacts, and tasks with mobile devices with various operating systems. The ActiveSync protocol is based on HTTP(S). |
Address Book | The list of contacts that are available in Kerio Connect. |
Anti-spam | Standalone extension for advanced Spam Filtering using Bitdefender's online scanning service. |
Anti-spoofing | Method of security protection: The users should authenticate to send messages from the local domain. |
Apache SpamAssassin | Apache SpamAssassin is a computer program used for e-mail spam filtering. It uses a variety of spam-detection techniques, including DNS-based and fuzzy-checksum-based spam detection, Bayesian filtering, external applications, blacklists, and online databases. |
API | Application Programming Interface - In computer programming, API is a set of subroutine definitions, communication protocols, and tools for building software. In general terms, it is a set of clearly defined methods of communication among various components. |
Auto Provisioning | Auto Provisioning, also called self-service provisioning, is the ability to deploy an information technology or telecommunications service by using pre-determined procedures that are carried out electronically without requiring human intervention. |
AV | Antivirus: A standalone extension, purchased separately. |
BD | Bitdefender: A third-party library/provider used in the Kerio Antivirus module. |
CalDAV | The Calendaring extension to CalDAV is an open protocol designed specifically for synchronization and scheduling of calendaring-based applications. |
CardDAV | The vCard extensions to CardDAV is an open protocol explicitly designed for the synchronization of vCard data used by contact management applications. |
Chat/Instant Messaging | A Kerio Connect feature connecting domain users instantly. |
Configuration files | Examples include mailserver.cfg, users.cfg, and timezone.xml. |
DB | Database files (e.g., config_1.db, .carddav.db, .caldav.db, and .pushimap.db). |
Demilitarized Zone (DMZ) | A DMZ is a security method that separates internal LAN networks from external networks. |
Denial of service (DoS) | A DoS attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting the services of a host connected to the Internet. |
DHCP | The Dynamic Host Configuration Protocol (DHCP) protocol automatically gives IP addresses and additional configuration to hosts in a network. |
Directory Service |
A Directory Service (AD, OD, LDAP) is a customizable information store that functions as a single point from which users can locate resources and services distributed throughout the network. This customizable information store also gives administrators a single point for managing their objects and their attributes.
|
DKIM | DomainKeys Identified Mail: An authentication method that signs outgoing messages from Kerio Connect with a special signature for identification. |
DMARC | Domain-based Message Authentication, Reporting & Conformance: An email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols. |
DNS | The Domain Network System (DNS) protocol helps Internet users and network devices discover websites using human-readable hostnames instead of numeric IP addresses. |
Domain | A unique identifier used to recognize the server to which messages should be delivered. It is the name that is followed by @ sign. |
DomainKeys Identified Mail (DKIM) |
DKIM is an email sender verification method designed to prevent spoofing (a fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver). DKIM uses the Internet domain name system to validate the sender’s identity.
|
EAS |
Exchange ActiveSync (EAS) is a protocol developed and licensed by Microsoft. EAS is designed primarily for over-the-air mobile device synchronization of email, contacts, calendars, tasks, and notes with the Microsoft Exchange server. Nevertheless, it also interfaces with other messaging systems.
|
Email Header |
In an e-mail, the body (content text) is always preceded by Email Header lines that identify particular routing information of the message, including the sender, recipient, date, and subject. Some headers are mandatory, such as the FROM, TO, and DATE headers. Others are optional, but very commonly used, such as SUBJECT and CC. Other headers include the sending time stamps and the receiving time stamps of all mail transfer agents that have received and sent the message.
|
EML file | The email source file containing the email headers. |
ETRN | Extended Turn (ETRN): ETRN is an extension to SMTP that enables you to forward messages to another SMTP server. |
EWS |
Exchange Web Services (EWS) is a protocol developed by Microsoft and used by many email-based applications to enable collaborative capabilities. EWS is designed primarily for communication with Microsoft Exchange server, but can also be used with other messaging systems.
|
FQDN | A Fully Qualified Domain Name is a domain name that specifies its exact location in the tree hierarchy of the DNS. |
Fulltext | This is a search that stores the entries related to the body of the email. |
Greylisting | Kerio Connect feature. Kerio servers double-check the sender's headers and delay delivery if it's untrustworthy. In other words, instead of simply blocking or allowing an email, a greylist delays delivery to the recipient, replying to the sending server with a “try again later” message. |
Group Policy |
Group Policy (GP) is a feature of the Microsoft Windows NT family of operating systems that controls the working environment of user accounts and computer accounts. GP provides centralized management and configuration of operating systems, applications, and users' settings in an Active Directory environment.
|
HTTP/S | The Hypertext Transfer Protocol (HTTP/S) exchanges of hypertext documents in HTML. HTTPS is HTTP secured by SSL. |
iCal | Calendar data exchange standard. |
IMAP |
Internet Mail Access Protocol (IMAP): IMAP is used by email clients to retrieve email messages from a server over a TCP/IP connection. IMAP permits complete management of an email box by multiple email clients. Therefore, clients generally leave messages on the server until the user explicitly deletes them.
|
Internet Hostname | DNS name of the server with Kerio Connect installed, usually in the format of mail.domain.com. |
Intrusion Prevention System (IPS) | IPS is a system that monitors a network for malicious activities such as security threats or policy violations. The primary function of an IPS is to identify suspicious activity, and then log information, attempt to block the activity, and then finally to report it. |
IPSec | Internet Protocol Security (IPSec) is a network protocol used to encrypt and secure data sent over a network. |
IPv4 |
Internet Protocol version 4 (IPv4) is the underlying technology that makes it possible for us to connect our devices to the web. Whenever a device accesses the internet, it is assigned a unique, numerical IP address such as 99.48.227.227. The process of sending data from one computer to another through the web requires transferring a data packet across the network containing the IP address of both devices.
|
IPv6 | Internet Protocol version 6 (IPv6) is the sixth revision to the Internet Protocol and the successor to IPv4. It functions similarly to IPv4 in that it provides the unique, numerical IP address necessary for internet-enabled devices to communicate, but utilizes 128-bit addresses instead. |
KADE | Kerio Active Directory Extension. |
KAssist (Kerio Assist) |
A tool to provide reporting information about your system and Kerio Connect. |
KCC | Kerio Connect Client: The standalone application, the UI is almost identical to Webmail. |
KEMT | Kerio Exchange Migration Tool. |
Kerberos | An authentication protocol that is used for client-to-server communication. |
Kerio Connect Engine | Main Kerio Connect process/daemon (called Mailserver) that is used to launch all other related processes. |
Kerio Index Search | SQLite database search used for multiple other headers (e.g., Subject, From, To, or CC). |
KIMT | Kerio IMAP Migration Tool. |
Kmsrecover | Kerio Connect built-in tool that helps to restore the data from backups. |
KODE | Kerio Open Directory Extension. |
KOFF | Kerio Outlook Connector (Offline Edition): Kerio Outlook plugin for MAPI account setup. |
L2TP | Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used with IPSec. |
LAN/WAN | Local Area Network (LAN) and Wide Area Networks (WAN) are commonly used to describe a private, protected network versus public untrusted Internet. |
LDAP | The Lightweight Directory Access Protocol (LDAP) protocol enables users to access centrally managed contacts. |
Log4j Zero-Day Vulnerability | A zero-day vulnerability (CVE-2021-44228) has been discovered in Apache Log4j which, if exploited, could permit a remote attacker to execute arbitrary code on vulnerable systems. |
Mailserver | Common name for any email server/provider (e.g., Gmail or O365), including Kerio Connect itself. |
Mailstore | The location of the Kerio Connect store. |
MAPI | Messaging Application Programming Interface: An API for Microsoft Windows, which allows programs to become email-aware. |
Microsoft Outlook | Microsoft Outlook is a personal information manager from Microsoft, available as a part of the Microsoft Office suite. Although often used mainly as an email application, it also includes a calendar, task manager, contact manager, note-taking, journal, and web browsing. |
MTA | A mail/message transfer agent (MTA) is software that transfers emails between the computers of a sender and a recipient. |
Multi-factor authentication/2-Step Verification/2-Factor Authentication | Multi-factor authentication/2-Step Verification/2-Factor Authentication is a method of confirming a user's claimed identity. A computer user is granted access only after successfully presenting two or more pieces of evidence to an authentication mechanism |
Multi-server | This is a type of installation created as a distributed architecture solution designed for easy scalability. |
NAT | Network Address Translation (NAT) is a routing technology that is commonly used to share an internet connection with the entire network of computers. |
NNTP | The Network News Transfer Protocol (NNTP) is a transfer protocol for discussion groups over the Internet. |
NTLM | The NT LAN Manager (NTLM) security protocols provide authentication for Windows networks. |
Opened Folders | The reference number of all currently opened folders for a specific user. |
Packet Dump & Packet Capture |
A network trace, also called a Packet Dump, is a computer networking term for intercepting a data packet that is crossing or moving over a specific computer network.
|
POP/POP3 | Post Office Protocol - Used for incoming emails, POP3 is the current version. POP downloads the entire e-mail into the local computer and deletes the data on the server after downloading it. This feature is especially helpful in a server with less free memory. |
Re-Indexing | A process to rebuild user's or folder index files (index.fld). |
S/MIME |
Secure Multipurpose Internet Mail Extensions (S/MIME): This is the standard for email encryption and identity verification. S/MIME uses a personal certificate that is typically validated by a certificate signing authority such as Comodo and GeoTrust. An identity certificate is attached by the sender's email program to confirm their identity. If the recipient's email program also supports the S/MIME standard, they can use the sender's certificate to encrypt their reply message.
|
SMTP | Simple Mail Transfer Protocol: Common technology used for intercommunication between email clients and servers. |
SNMP | The Simple Network Management Protocol (SNMP) gathers and organizes information about devices in IP Networks and changing device behavior. |
Sophos | This is a legacy third-party provider for the Antivirus module, which was replaced by Bitdefender in the 9.2.2 version. |
Spam rating |
Spam rating is the procedure to test each message with all the enabled tests and filters. After testing, the next step is to assign a score/rating to the message to distinguish how safe it is. Based on the resulting spam score, Kerio Connect marks the message as spam or delivers it as a legitimate message.
|
Spam Repellent | Kerio Connect feature that works by introducing an artificial delay to the SMTP greeting. |
SpamAssassin | This is an advanced feature for Spam-Filtering Protection. |
SpamTitan/ GFI MailSecurity |
The third-party provider used as an additional layer of Spam Filtering, which means the customer is using Kerio Cloud. |
SPF | Sender Policy Framework and Caller-ID: Kerio Connect features that allow filtering out messages with fake sender addresses. |
SSH | The Secure Socket Shell (SSH) protocol provides administrators with a secure way to access remote machines. |
SSL | Secure Socket Layer (SSL) is an encryption technology that is the basis for secure communication over the internet. |
Support Information | A brief overview of the system on which Kerio Connect is running. This includes logs, system, network, disk information, and more. |
System Health | A UI screen for administration that shows the basic usage of CPU, RAM, and Storage. |
TCP/IP | Transfer Control Protocol/Internet Protocol (TCP/IP) is the group of standards that different computers use to be able to talk to each other on the internet. |
TLS | Transport Layer Security (TLS) provides the same type of encryption services as SSL. However, TLS is designed to be more secure and accommodating to modern-day applications. |
Updater Service | This is a tool that checks the updates for the Kerio Connect engine and components, including KCC and KOFF. |
VA | Virtual Appliance: Kerio Connect installed in VMware environment. |
VLAN | A Virtual Local Area Network (VLAN) is a type of network that creates isolation from other networks without the use of additional hardware. This type of configuration requires compatibility between networking equipment in the form of a networking standard called IEEE 802.1Q. |
VPN | Virtual Private Networking (VPN) enables remote employees to securely access resources inside the business network as if they were physically inside the premises. |
Webmail | Email client accessible via the web browser. |
Wi-Fi | Wireless Fidelity (Wi-Fi) is technology for radio wireless local area networking of devices based on the IEEE 802.11 standard. |
XMPP | The Extensible Messaging and Presence Protocol (XMPP) or Jabber is a standards-based protocol designed for real-time communication over the Internet. XMPP is primarily used for instant messaging and presence statuses (available, away, do not disturb, etc.). |