Configure email

Use this information to configure email services, including inbound and outbound email, subscriptions, and email clients.

Configure inbound and outbound email

The email subsystem allows you to configure the outbound and inbound SMTP email settings to interact with Community Edition.

You can run the email server process in the same JVM context as the repository.

Inbound SMTP configuration properties

The Inbound SMTP email subsystem type allows you to configure the behavior of the email server and service.

The following properties can be set for Inbound SMTP email in the file.

Property Description
email.inbound.unknownUser Specifies the user name to authenticate as when the sender address is not recognized, for example anonymous.
email.inbound.enabled Enables or disables the inbound email service, for example true. The service could be used by processes other than the email server (for example, direct RMI access), so this flag is independent of the email service.
email.server.enabled Enables the email server, for example true.
email.server.port Specifies the port number for the email server, for example 25.
email.server.domain Specifies the name or the IP address of the network to bind the email server to, for example
email.server.allowed.senders Provides a comma-separated list of email REGEX patterns of allowed senders. If there are any values in the list, then all sender email addresses must match. For example: .*\@alfresco\.com, .*\@alfresco\.org.
email.server.blocked.senders Provides a comma-separated list of email REGEX patterns of blocked senders. If the sender email address matches this, then the message will be rejected. For example: .*\@hotmail\.com, .*\@googlemail\.com.

Outbound SMTP configuration properties

The following properties can be configured for the Outbound SMTP subsystem type.

Note: You must set the Outbound email configuration for Alfresco Share invitations to work correctly. If you don’t set the email configuration, when you invite a user to a site, the user will not receive the assigned task notification.

The email service is exposed as a Spring bean, mailService, which is contained in the Outbound SMTP subsystem.

Configure the repository to send emails to an external SMTP server by overriding the default settings. Set the email property overrides in the file.

Property Description Specifies the host name of the SMTP host, i.e. the host name or IP address of the server to which email should be sent, for example
mail.port Specifies the port number on which the SMTP service runs (the default is 25). Typically, the TCP port number 25 is reserved for SMTP, but this can be changed by your email administrator.
mail.username Specifies the user name of the account that connects to the SMTP server.
mail.password Specifies the password for the user name used in mail.username.
mail.encoding Specifies UTF-8 encoding for email. Set this value to UTF-8 or similar if encoding of email messages is required.
mail.from.default Specifies the email address from which email notifications are sent. This setting is for emails that aren’t triggered by a user, for example, feed notification emails. If the current user doesn’t have an email address, this property is used for the from field by the MailActionExecutor.
mail.from.enabled If this property is set to false, then the value set in mail.from.default is always used. If this property is set to true, then the from field may be changed. This property may be required if your email server security settings insist on matching the from field with the authentication details.
mail.protocol Specifies which protocol to use for sending email. The value can be either smtp or smtps.
mail.header Optionally specifies the content transfer encoding for the message. If specified, the Content-Transfer-Encoding is set to the value you specify.

The following properties are for SMTP:

Property Description
mail.smtp.auth Specifies if authentication is required or not. Specifies the use of SMTPS authentication. If true, attempt to authenticate the user using the AUTH command. Defaults to false.
mail.smtp.timeout Specifies the timeout in milliseconds for SMTP.
mail.smtp.starttls.enable Specifies if the transport layer security needs to be enabled or not. Specifies the use of STARTTLS command. Set to true to enable the use of the STARTTLS command to switch the connection to a TLS-protected connection before issuing any login commands. Defaults to false.
mail.smtp.debug Specifies if debugging SMTP is required or not.

The following properties are for SMTPS:

Property Description
mail.smtps.starttls.enable Specifies if the transport layer security for SMTPS needs to be enabled or not.
mail.smtps.auth Specifies if authentication for SMTPS is required or not.

The following properties can be set to define a test message when the subsystem starts:

Property Description
mail.testmessage.send Defines whether or not to send a test message. Specifies the recipient of the test message.
mail.testmessage.subject Specifies the message subject of the test message.
mail.testmessage.text Specifies the message body of the test message.

The following property is for setting the email site invitation behavior:

Property Description You must set the outbound email configuration for Alfresco Share invitations to work correctly. This property allows you to control whether or not emails are sent out for site invites. If you haven’t configured the outbound email properties, set this property to false.

The following examples show which properties to set for two different email clients. Add these properties to the file.

The following example shows the properties that you need to set to configure Gmail:

# Sample Gmail settings

The following example shows the properties that you need to set to configure Zimbra:

# Sample Zimbra settings
Not authenticated.<your company>
# Set this value to UTF-8 or similar for encoding of email messages as required
# Set this value to 7bit or similar for Asian encoding of email headers as required
mail.from.default=<default from address>

Handle messages by target node type

Default behaviors for incoming email to different types of referenced nodes. You can modify or extend the default behaviors by adding in custom handlers.

Property Description
Folder(Space) Content added with emailed aspect.
Forum(Discussion) Content specialized to Post with emailed aspect; if email subject matches a topic, then add to topic, otherwise create new topic based on subject.
Topic(Post) Content specialized to Post with emailed aspect; if referenced node is a Post, add to Post’s parent Topic.
Document(Content) If discussion exists, same as for forums, otherwise add discussion with email as initial topic and post.

Groups and permissions for email

An email arriving at the Community Edition email server is unauthenticated. An authentication group, EMAIL_CONTRIBUTORS, must exist to allow permissions to be handled at a high level by the administrator.

When an email comes into the system, the only identification is the sender’s email address. The user is looked up based on the email address.

  • If a matching user isn’t found, then the current user is assumed to be unknown, if unknown exists.
  • If unknown doesn’t exist, then the email is rejected as authentication won’t be possible.
  • If the user selected isn’t part of email contributor’s group, then the email is rejected.

The current request’s user is set and all subsequent processes are run as the authenticated user. If any type of authentication error is generated, then the email is rejected. The authentication will also imply that the authenticated user may not have visibility of the target node, in which case the email is also rejected. Effectively, this means that the target recipient of the email doesn’t exist, at least not for the sender.

The current default server configuration creates the EMAIL_CONTRIBUTORS group and adds the admin user to this group.

Configure email client with IMAP

IMAP protocol support allows email applications that support IMAP (including Outlook, Apple Mail, Thunderbird, and so on) to connect to and interact with Community Edition repositories.

Each user has their own set of mailboxes stored in Community Edition, for example, they have their own INBOX. Users can manage emails in Community Edition, and the workflow, transformation, and permissions features are available.

In addition, sites can be nominated as IMAP Favorites. This means that the site contents show as a set of IMAP folders. Non-favorite sites are not shown.

A metadata extractor for IMAP emails (RFC822 messages) can extract values from the contents of the email message and store the values as properties.

Note: Be careful when deciding what mount points you provide. When an IMAP client mounts a mount point, it issues a LSUB "" * command. This retrieves the entire tree of folders below the mount point.

Enable IMAP protocol using

The IMAP protocol server is disabled by default. You need to enable the IMAP protocol server to start interaction between the email client and the repository.

  1. Open the file.

  2. Enable the IMAP server by setting the following property to true:

  3. Set the IMAP server to listen on a specific interface using the following property:

    where x.x.x.x is the IP address (or corresponding DNS address) of your external IP interface. Don’t use or localhost.

    By default, the IMAP server listens on all interfaces on the default IMAP port of 143. You can set this property to use an alternative port number, for example 144.

  4. Restart the Community Edition server.

Once the server has restarted, the new configuration will take effect. Since the IMAP server has only one instance, make your configuration changes to the <extension root> file. You can also make your changes to <extension root>\alfresco\extension\subsystems\imap\default\default for the IMAP subsystem configuration to take precedence.

IMAP subsystem properties

The following properties can be configured for the IMAP subsystem.

Enable IMAP protocol

The following properties control the IMAP subsystem:

Property Description
imap.server.enabled Enables or disables the IMAP subsystem, for example true.
imap.server.port IMAP has a reserved port number of 143. You can change it using this property. Replace this value with the IP address (or corresponding DNS name) of your external IP interface, for example <your-host-name>.

Configure the following properties of the sysAdmin subsystem:

Property Description
alfresco.protocol The protocol component of the Community Edition web application URL, for example, http. The host name of the Community Edition URL, which is externally resolved. Use ${localname} for the locally-configured host name.
alfresco.port The port number of the Community Edition URL, which is externally resolved. For example, 8080
alfresco.context The context path component of the Community Edition URL. Typically this is alfresco.

To configure the IMAP Home space, which is used to store user mailboxes in ARCHIVE mode, in particular the user’s INBOX, use the following properties:

Property Description Specifies the default location for the IMAP mount point. For example, ${}.
imap.config.home.rootPath Specifies the default location for the IMAP mount point. For example, /${spaces.company_home.childname}.

This property may also be configured using an XPath query syntax.

To add your own folder to this path, add the name of your folder path using the data model names. For example:

If your folder has a space in the name, include _x0020_ where the space should be. For example:

Stop and start the IMAP subsystem for the changes to take effect.
imap.config.home.folderPath Specifies the QName of the default location for the IMAP mount point. For example, cm:Imap Home.

Enable IMAPS

IMAPS is a secure IMAP that’s encrypted using SSL. IMAPS is assigned to port number 993 by default. When you’ve enabled the IMAP subsystem, you must configure the default Java keystore, and then enable IMAPS.

To configure the default Java keystore, use the following properties:

Property Description Specifies the keystore to be used Specifies the keystore password

To enable IMAPS, use the following properties:

Property Description
imap.server.imaps.enabled=true Specifies that IMAPS is enabled
imap.server.imaps.port=993 Specifies the IMAPS port number

Extract attachments

An IMAP message can contain a message and a set of attachments, and the IMAP server can split the attachments into separate content nodes. Use this property with caution if you have a large repository. See Troubleshooting IMAP for more information.

Property Description
imap.server.attachments.extraction.enabled=true Defines whether or not attachments are extracted.

IMAP mount points

IMAP mount points are used to control which folders are available using IMAP and the mode in which they are accessed. Modes are used to define the type of interaction available.

The IMAP integration offers the following access modes:

Property Description
Archive Allows emails to be written to and read from Community Edition by the IMAP client by drag and drop, copy/paste, and so on, from the email client.
Virtual Documents managed by Community Edition can be viewed as emails from the IMAP client. Documents are shown as virtual emails with the ability to view metadata and trigger actions on the document, using links included in the email body.
Mixed A combination of both archive and virtual modes, i.e. both document access and email management are available.

Add the IMAP composite property, imap.config.server.mountPoints along with the names of your IMAP mount points to the file. For each mount point specify the following settings:

  • beanName
  • store
  • rootPath
  • mode

By default, a single mount point called AlfrescoIMAP is defined in the MIXED mode for Company Home and you can change it or add more mount points.

imap.config.server.mountPoints.value.AlfrescoIMAP.mountPointName=Alfresco IMAP

In JMX dump, the same presentation looks like this:

** Object Name Alfresco:Type=Configuration,Category=imap,id1=default,id2=imap.config.server.mountPoints,id3=AlfrescoIMAP
** Object Type imap$default$imap.config.server.mountPoints$AlfrescoIMAP
mode           MIXED
modeName       MIXED
mountPointName Alfresco IMAP
rootPath       /app:company_home
store          workspace://SpacesStore
storeRef       workspace://SpacesStore

Note: Be careful when deciding what mount points you provide. When an IMAP client mounts a mount point, it issues a LSUB "" * command. This retrieves the entire tree of folders below the mount point.

Virtual view email format

The virtualized view uses presentation templates to generate the mail body and display document metadata, action links (for download, view, webdav, folder) and Start Workflow form (HTML view only).

The templates are stored in the repository in Company Home > Data Dictionary > Imap Configs > Templates. Separate templates are available to generate either a HTML or plain text body, based on the format request by the email client. The templates can be customized to change the metadata and actions available in the email body.

IMAP virtualized view

Mark sites as IMAP favorites

To have access to Alfresco Share sites using IMAP, the site(s) need to be added to your list of sites using Share IMAP Favorites.

  1. Select IMAP Favorites in the Share My Sites dashlet on your My Dashboard page:

    IMAP My Sites

  2. Refresh your IMAP view to see the new sites.

    IMAP Sites

    You can see the site added to the IMAP Sites folder.

    Note: If the folders don’t appear in your email client, you should confirm that:

    • The folder is in a site marked as an IMAP favorite.
    • Your email client is showing all folders, and not just the folders that you have subscribed to.
    • In your email client, look for a property like Reload IMAP folders.
    • In your email client, clear your IMAP cache.

Configure email templates using v1 REST APIs

Use this information to configure customized email templates for your registered applications using the v1 REST APIs.

There are a number of properties for configuring customized email templates when using the v1 REST APIs. Once you have developed your custom application, add the required properties in the global properties file ( to register your application. In this file you can also set the path to each email template and any linked assets (such as images and company logo) to use your own branding.

The shared-links and request-password-reset APIs provide a way to send email notifications. To view these APIs, navigate to:

One of the mandatory properties in the request body of these APIs, client, sets the name of your registered client application. Registering a client means you can create a unique email template for each client, and configure the required email template and assets using different properties.

The client registration is based on a predefined naming convention loaded from properties files. The naming convention must conform to the format:


Note: The client name (<client-name>) and property name (<propertyName>) must not contain a dot (.).

An example implementation is provided where Alfresco Share is registered as the default client for the shared-links and request-password-reset APIs. These properties are defined in alfresco/client/config/ but you can override them in

 # shared-link (quickShare) base url
 # shared-link email template path
 # reset password request email template path
 # reset password UI page url
 # reset password confirmation email template path

Note: Any property without a value is ignored, however, a client can’t be registered if all the properties of that client have no values.

Configure customized email templates

In Community Edition you can customize the emails that are sent by the v1 REST API when users share links to content and request a password change.

To customize an email template for your application, register the application as a new client, then create new email templates using your own branding by adding them to the Data Dictionary.

  1. Open Share, and click Repository on the toolbar.

  2. Click Data Dictionary then Email Templates.

    You can create a folder to store your customized email templates here.

  3. Add the required properties to

    Here’s an example implementation for the default Share client that uses the v1 REST APIs:


    Note: Any property without a value is ignored, however, a client can’t be registered if all the properties for that client have no values.

    Here’s the full list of property settings that you can configure. Note that the expected format of the email template paths (*TemplatePath) are similar:

    Property Description


    Define the template path as an XPATH, NodeRef or classpath
    Example: XPATH: app:company_home/app:dictionary/app: email_templates/cm:example-email.ftl

    NodeRef: workspace://SpacesStore/a371fc59-d5ea-4849-a45c-b00c0c0d00ab

    Class path: alfresco/templates/quickshare-email-templates/ myapp-template.ftl
    templateAssetsUrl The URL of the assets for the email template, such as images and logos, used in the HTML template. Example: ${shareUrl}/res/components/images/
    sharedLinkBaseUrl The base URL of a page where the registered application displays the shared content. Example: ${shareUrl}/s

    For example, to register the application myapp to send customized shared-link emails, add the following properties to

     repo.client-app.myapp.sharedLinkTemplatePath=myapp email template path
     repo.client-app.myapp.templateAssetsUrl=myapp email template assets url
     repo.client-app.myapp.sharedLinkBaseUrl=myapp url

    Note: If the template path isn’t a valid nodeRef or template, the fallback template for Share is used.

  4. Restart the Alfresco server.

You can view your registered clients by using a JMX client, located under the ClientsAppsConfigInformation MBean.

Edit this page

Suggest an edit on GitHub
This website uses cookies in order to offer you the most relevant information. Please accept cookies for optimal performance. This documentation is subject to the Alfresco documentation terms.