Overview

Kerio instant messaging service is based on XMPP open technology for real-time communication. The instant messaging (IM) service runs in Kerio Connect automatically. This article covers the steps to configure it properly.

Step-By-Step Guide

Here are the steps to check if instant messaging is accessible:

1. From the administration interface, go to Configuration > Instant Messaging.

2. Click the option Check Service Accessibility.

   

3. Make sure to open these ports on the firewall (both directions):

   • 5222 - for the IM service
   • 5223 - for secured IM service
   • 5269 - if sending outside of the domain is allowed
   • DNS records must be configured for the domain. For additional information, refer to Configuring DNS for instant messaging

Securing Instant Messaging

The recommended option is to secure instant messaging by using TLS (Transport Layer Security):

• Choose a security policy to require an encrypted connection or secure authentication, go to Configuration > Security > Security Policy tab. 
  (For Kerio Connect 8.1 and older: Configuration > Advanced Options > Security Policy tab.)

  

• Use an unsecured instant messaging service (port 5222). You can also only enable the secure instant messaging service (port 5223) and use SSL.

Limiting Access to Instant Messaging

To restrict access to any users, define User Access Policies to:

1. Disable access to IM.
2. Restrict IM access to specific addresses.
   

   

3. To display which users are connected to the IM server, go to the Active Connections section in the administration interface.

   

Contact List

Once users log in to an IM client, their account will display a list containing contacts of users from their domain (Colleagues). The list of users that appear in Chat is not based on the Global Address List (GAL). Kerio Connect creates the contact list on all users of the domain, even if not published on the GAL.

If a user is having problems with their contact list (e.g., if they've incorrectly deleted any users), you can restore their contact list by following these steps:

1. In the administration interface, go to section Accounts > Users.

2. Select the user and right-click to open the dropdown menu. 
   Go to More Actions > Restore IM Contact List.

   

3. Click Continue Anyway to confirm.

   

Maximum size of the automatic contact list

The maximum number of users in the automatic contact list is set to 300. The users who exceed this number are not included in the Colleagues contact list. Also, their contact list will appear empty.

To change the maximum size of the contact list:

1. Stop the Kerio Connect engine.

2. In Kerio Connect installation folder, open the mailserver.cfg file.

3. Edit the following line:

   <variable name="RosterMaximum">300</variable>

   To disable the automatic contact list completely, set the RosterMaximum value to 0 (zero).

4. Save the file.

5. Start the Kerio Connect engine.

6. After increasing the RosterMaximum value, you need to perform Restore IM Contacts list operation for the affected users.

7. (Optional) In the cases of AD bounded users, you might try to remove the user (keeping the folders), then re-add the user from the AD.

Kerio Connect saves information about exceeding the maximum number of users in the warning log.

 Troubleshooting

If any problem regarding instant messaging occurs, consult the Debug log (right-click the Debug log area and enable Messages > Instant Messaging).

If you rename a domain, users must re-configure their IM clients. All previous changes to their contact list will be lost.

Related Articles

• Enabling chat
• Services in Kerio Connect
• Configuring DNS for instant messaging