Device Management Profile

Mail

The payload for configuring a mail account on the device.

Properties

allowMailDrop
boolean

If true, enables this account to use Mail Drop.

disableMailRecentsSyncing
boolean

If true, excludes this account from Recent Addresses syncing.

EmailAccountDescription
string

A user-visible description of the email account, shown in the Mail and Settings applications.

EmailAccountName
string

The full user name for the account. This name is shown in sent messages.

EmailAccountType
string
(Required)

Defines the protocol to be used for the account.

EmailAddress
string

The full email address for the account. If this string isn't present in the payload, the device prompts for it during profile installation.

IncomingMailServerAuthentication
string
(Required)

The authentication scheme for incoming mail. 

IncomingMailServerHostName
string
(Required)

The incoming mail server host name.

IncomingMailServerIMAPPathPrefix
string

The path prefix for the IMAP mail server.

IncomingMailServerPortNumber
integer

The incoming mail server port number. If no port number is specified, the default port for a given protocol is used.

IncomingMailServerUsername
string

The user name for the email account, usually the same as the email address up to the @ character. If the user name isn't present in the payload and the account is set up to require authentication for incoming email, the device prompts for this string during profile installation.

IncomingMailServerUseSSL
boolean

If true, enables SSL for authentication on the incoming mail server.

IncomingPassword
string

The password for the incoming mail server. This password is used only with encrypted profiles.

OutgoingMailServerAuthentication
string
(Required)

The authentication scheme for outgoing mail.

OutgoingMailServerHostName
string
(Required)

The outgoing mail server host name.

OutgoingMailServerPortNumber
integer

The outgoing mail server port number. If no port number is specified, ports 25, 587, and 465 are used, in that order.

OutgoingMailServerUsername
string

The user name for the email account, usually the same as the email address up to the @ character. If the user name isn't present in the payload and the account is set up to require authentication for outgoing email, the device prompts for this string during profile installation.

OutgoingMailServerUseSSL
boolean

If true, enables SSL authentication on the outgoing mail server.

OutgoingPassword
string

The password for the outgoing mail server. This password is used only with encrypted profiles.

OutgoingPasswordSameAsIncomingPassword
boolean

If true, the user is prompted only once for the password, which is used for both outgoing and incoming mail.

PreventAppSheet
boolean

If true, prevents this account from sending mail in any app other than the Apple Mail app.

PreventMove
boolean

If true, prevents messages from being moved out of this email account and into another account. It also prevents forwarding or replying from an account other than one the message was sent to.

SMIMEEnabled
boolean

If true, enables S/MIME encryption. In iOS 10.0 and later, this key is ignored.

SMIMEEnableEncryptionPerMessageSwitch
boolean

If true, displays the per-message encryption switch in the Mail Compose UI.

SMIMEEnablePerMessageSwitch
boolean

If true, displays the per-message encryption switch in the Mail Compose UI.

As of iOS 12.0, this key is deprecated. Use SMIMEEnableEncryptionPerMessageSwitch instead.

SMIMEEncryptByDefault
boolean

If true, enables S/MIME encryption by default.

SMIMEEncryptByDefaultUserOverrideable
boolean

If true, the user can turn encryption by default on/off, and encryption is on.

SMIMEEncryptionCertificateUUID
string

The UUID of the identity certificate used to decrypt messages sent to this account. The public certificate is attached to outgoing mail to allow encrypted mail to be sent to this user. When the user sends encrypted mail, the public certificate is used to encrypt the copy of the mail in their Sent mailbox.

SMIMEEncryptionCertificateUUIDUserOverrideable
boolean

If true, the user can select the S/MIME encryption identity, and encryption is on.

SMIMEEncryptionEnabled
boolean

If true, enables S/MIME encryption for this account.

SMIMESigningCertificateUUID
string

The payload UUID of the identity certificate used to sign messages sent from this account.

SMIMESigningCertificateUUIDUserOverrideable
boolean

If true, the user can select the signing identity.

SMIMESigningEnabled
boolean

If true, enables S/MIME signing for this account.

SMIMESigningUserOverrideable
boolean

If true, the user can turn S/MIME signing on or off in Settings.

Discussion

Specify com.apple.mail.managed as the payload type.

Profile Availability

Device Channel

iOS

User Channel

macOS, Shared iPad

Allow Manual Install

iOS, macOS

Requires Supervision

-

Requires User Approved MDM

-

Allowed in User Enrollment

iOS, macOS

Allow Multiple Payloads

iOS, macOS, Shared iPad

See Also

Mail

object ExchangeActiveSync

The payload for configuring Exchange ActiveSync accounts. 

object ExchangeWebServices

The payload for configuring an Exchange Web Services account for Contacts, Mail, Notes, Reminders, and Calendar.