Digi Email Systems documentation

Digi Email Systems documentation

Roles, permissions and access boundaries

What System Admin, Owner Admin, Domain Admin and an ordinary user can do.

Main roles

  • System Admin — global settings, users, modules, licence, mail flow, security, workers, migrations and integrations.
  • Owner Admin — resources assigned to a specific organisation.
  • Domain Admin — users, mailboxes, identities, DKIM and settings only within assigned domains.
  • User — own mail, contacts, calendar, tasks, rules and explicitly shared mailboxes.

Administration versus mail access

An administrator can create or disable a mailbox without having permission to read its messages. Access to another mailbox requires a separate permission: basic sharing, delegation, Send As or Send On Behalf.

Least privilege

Grant only the permission required and only for as long as needed. For a team mailbox, prefer mailbox-scoped permissions instead of a system role. When a user's job changes, review sharing and delegation entries, not only the account role.

Every permission change should leave a traceable actor, target object and outcome in the audit log.

Digital Eco Systems

Choose which optional categories you allow. You can change or withdraw your choice at any time. Cookie Policy

Necessary

Required for security, sessions, language preferences and storing the consent choice.

Technologies used
  • digitaleco-admin-session — Digital Eco Systems
    Maintains a secure administration session after sign-in. · Until sign-out or session expiry.
  • digitaleco-consent-state — Digital Eco Systems
    Stores the selected consent categories on this device. · Until the choice is changed or withdrawn, up to 12 months.
Functional

Remember additional preferences and features that are not strictly necessary.

Analytics

Help us understand how the public site is used and are not enabled before consent.

Marketing

Used to measure or personalise promotion and are disabled by default.