LiquidFiles Documentation


LiquidFiles tries to behave as extension to your email system, and lots of basic concepts and security is mimic'd on this fundamental architectural decision.

With an email system, you have your users that can send emails to anyone on the Internet (assuming your not using a secret internal military email system), and users on the Internet can send emails to your users. Furthermore, users on the Internet cannot send emails to other users on the Internet through your email system.

LiquidFiles starts with this exact assumption. You have internal/local users, that can send files to anyone on the Internet. And you have external users that can send files back to you. External users cannot send files to other external users.

If we look at an example system at, we can see the following users configured:


In this simple example, following the principle that local users can send to anyone, and external users can send to everyone except external users, we can see that:

  • — can send to everyone except Sending to would be the equivalent of an external user on the Internet emailing another external user on the Internet using your email server.
  • ‐ same as, can send to anyone on the system except
  • — can't send files to anyone, but can login and download files sent to him.
  •, & — can send files to everyone.

Sending to users not on the system

Ok, so what about Lenny works at the Power Plant and has a email address, but is not yet on the system. With the current configuration, local users (homer@, burns@ & smithers@) can send to, but not anyone else.

If we want to enable external users to send to anyone, we can enable that by editing the External Users Group in Admin → Groups. If we scroll down a little bit on that page, we can see this:


By configuring the "Limit Recipient Domains" to include and, we have now enabled users in the External Users group to send files to anyone in those domains, regardless if they are added on the LiquidFiles system or not.

The check box below is what makes External Users being able to send to all users currently on the system that are configured as local users.

Limiting Local Users

The same configuration can also be applied to any other group of users. Lets say that you want to create a closed system, you can configure "Limit Recipient Domains" on the Local Users group to be the same as in the example above, and If you do, this will limit homer@ from sending files to, but he can still send to and

With these settings, you can be as creative as you need to be, and you're not limited to the default groups on the LiquidFiles system either. Lets say that you want have the ability to send to other users, but not to anyone else. You can simply create a new group, "Restricted Power Plant Users", set the "Limit Recipient Domains" to and add carl@ to that group. Please see the Groups documentation for instructions how to automatically assign users to groups.

External Users

Configuration wise, and external user is simply a user that belongs to a group that has the "External" check box enabled in the Admin → Groups → Edit:


External users are specifically for users external to the organisation. You cannot configure internal users as external and have them send files.

What would happen if you add to the list of "Limit Recipient Domains" to the External Users group? It would disable completely. An external user can never send to their own domain, regardless of setting. There is no setting in LiquidFiles that would enable to be able to send to as long as is configured as an external user. If you add to the Limit Recipient Domains for external users and login as, you will see the following:


This means that if you have a situation where external users needs to collaborate with each other, they will need to be configured as local users (or any other group that is not configured as external users). An example of this would be if your accounting and auditing department is collaborating with a few users, and everyone needs to be able to send files to everyone. You will then need to configure the users as local users, or setup a new group for them and set the Limit Recipient Domains to and so that they can send to yours and their company, but not to anyone else. To round it of, the suggested configuration would also include to automatically assign users that belong to the domain to this group. Please see the Groups documentation for instructions how to automatically assign users to groups.