RT 4.0.25 Documentation

This version has reached its end of life and is out of support. Please contact us for upgrade assistance.

RT Config

Go to latest version →



Base configuration


$rtname is the string that RT will look for in mail messages to figure out what ticket a new piece of mail belongs to.

Your domain name is recommended, so as not to pollute the namespace. Once you start using a given tag, you should probably never change it; otherwise, mail for existing tickets won't get put in the right place.


You should set this to your organization's DNS domain. For example, fsck.com or asylum.arkham.ma.us. It is used by the linking interface to guarantee that ticket URIs are unique and easy to construct. Changing it after you have created tickets in the system will break all existing ticket links!

$CorrespondAddress, $CommentAddress

RT is designed such that any mail which already has a ticket-id associated with it will get to the right place automatically.

$CorrespondAddress and $CommentAddress are the default addresses that will be listed in From: and Reply-To: headers of correspondence and comment mail tracked by RT, unless overridden by a queue-specific address. They should be set to email addresses which have been configured as aliases for rt-mailgate.


Domain name of the RT server, e.g. 'www.example.com'. It should not contain anything except the server name.


If we're running as a superuser, run on port 80. Otherwise, pick a high port for this user.

443 is default port for https protocol.


If you're putting the web UI somewhere other than at the root of your server, you should set $WebPath to the path you'll be serving RT at.

$WebPath requires a leading / but no trailing /, or it can be blank.

In most cases, you should leave $WebPath set to "" (an empty value).


$Timezone is the default timezone, used to convert times entered by users into GMT, as they are stored in the database, and back again; users can override this. It should be set to a timezone recognized by your server.


Set @Plugins to a list of external RT plugins that should be enabled (those plugins have to be previously downloaded and installed).


Set(@Plugins, (qw(RT::Extension::SLA RT::Authen::ExternalAuth)));

Database connection


Database driver being used; case matters. Valid types are "mysql", "Oracle" and "Pg".

$DatabaseHost, $DatabaseRTHost

The domain name of your database server. If you're running MySQL and on localhost, leave it blank for enhanced performance.

DatabaseRTHost is the fully-qualified hostname of your RT server, for use in granting ACL rights on MySQL.


The port that your database server is running on. Ignored unless it's a positive integer. It's usually safe to leave this blank; RT will choose the correct default.


The name of the user to connect to the database as.


The password the $DatabaseUser should use to access the database.


The name of the RT database on your database server. For Oracle, the SID and database objects are created in $DatabaseUser's schema.


If you're using PostgreSQL and have compiled in SSL support, set $DatabaseRequireSSL to 1 to turn on SSL communication with the database.


The default is to log anything except debugging information to syslog. Check the Log::Dispatch POD for information about how to get things by syslog, mail or anything else, get debugging info in the log, etc.

It might generally make sense to send error and higher by email to some administrator. If you do this, be careful that this email isn't sent to this RT instance. Mail loops will generate a critical log message.

$LogToSyslog, $LogToScreen

The minimum level error that will be logged to the specific device. From lowest to highest priority, the levels are:

    debug info notice warning error critical alert emergency

Many syslogds are configured to discard or file debug messages away, so if you're attempting to debug RT you may need to reconfigure your syslogd or use one of the other logging options.

Logging to your screen affects scripts run from the command line as well as the STDERR sent to your webserver (so these logs will usually show up in your web server's error logs).

$LogToFile, $LogDir, $LogToFileNamed

Logging to a standalone file is also possible. The file needs to both exist and be writable by all direct users of the RT API. This generally includes the web server and whoever rt-crontool runs as. Note that rt-mailgate and the RT CLI go through the webserver, so their users do not need to have write permissions to this file. If you expect to have multiple users of the direct API, Best Practical recommends using syslog instead of direct file logging.

You should set $LogToFile to one of the levels documented above.


If set to a log level then logging will include stack traces for messages with level equal to or greater than specified.

NOTICE: Stack traces include parameters supplied to functions or methods. It is possible for stack trace logging to reveal sensitive information such as passwords or ticket content in your logs.


On Solaris or UnixWare, set to ( socket => 'inet' ). Options here override any other options RT passes to Log::Dispatch::Syslog. Other interesting flags include facility and logopt. (See the Log::Dispatch::Syslog documentation for more information.) (Maybe ident too, if you have multiple RT installations.)

Incoming mail gateway


This regexp controls what subject tags RT recognizes as its own. If you're not dealing with historical $rtname values, or historical queue-specific subject tags, you'll likely never have to change this configuration.

Be very careful with it. Note that it overrides $rtname for subject token matching and that you should use only "non-capturing" parenthesis grouping. For example:

Set($EmailSubjectTagRegex, qr/(?:example.com|example.org)/i );

and NOT

Set($EmailSubjectTagRegex, qr/(example.com|example.org)/i );

The setting below would make RT behave exactly as it does without the setting enabled.


$OwnerEmail is the address of a human who manages RT. RT will send errors generated by the mail gateway to this address. This address should not be an address that's managed by your RT instance.


If $LoopsToRTOwner is defined, RT will send mail that it believes might be a loop to $OwnerEmail.


If $StoreLoops is defined, RT will record messages that it believes to be part of mail loops. As it does this, it will try to be careful not to send mail to the sender of these messages.


$MaxAttachmentSize sets the maximum size (in bytes) of attachments stored in the database. This setting is irrelevant unless one of $TruncateLongAttachments or $DropLongAttachments (below) are set.


If this is set to a non-undef value, RT will truncate attachments longer than $MaxAttachmentSize.


If this is set to a non-undef value, RT will silently drop attachments longer than MaxAttachmentSize. $TruncateLongAttachments, above, takes priority over this.


$RTAddressRegexp is used to make sure RT doesn't add itself as a ticket CC if $ParseNewMessageForTicketCcs, above, is enabled. It is important that you set this to a regular expression that matches all addresses used by your RT. This lets RT avoid sending mail to itself. It will also hide RT addresses from the list of "One-time Cc" and Bcc lists on ticket reply.

If you have a number of addresses configured in your RT database already, you can generate a naive first pass regexp by using:

    perl etc/upgrade/generate-rtaddressregexp

If left blank, RT will compare each address to your configured $CorrespondAddress and $CommentAddress before searching for a Queue configured with a matching "Reply Address" or "Comment Address" on the Queue Admin page.

$CanonicalizeEmailAddressMatch, $CanonicalizeEmailAddressReplace

RT provides functionality which allows the system to rewrite incoming email addresses. In its simplest form, you can substitute the value in CanonicalizeEmailAddressReplace for the value in CanonicalizeEmailAddressMatch (These values are passed to the CanonicalizeEmailAddress subroutine in RT/User.pm)

By default, that routine performs a s/$Match/$Replace/gi on any address passed to it.


Set this to 1 and the create new user page will use the values that you enter in the form but use the function CanonicalizeUserInfo in RT/User_Local.pm


If $ValidateUserEmailAddresses is 1, RT will refuse to create users with an invalid email address (as specified in RFC 2822) or with an email address made of multiple email addresses.


@MailPlugins is a list of authentication plugins for RT::Interface::Email to use; see rt-mailgate


$UnsafeEmailCommands, if set to 1, enables 'take' and 'resolve' as possible actions via the mail gateway. As its name implies, this is very unsafe, as it allows email with a forged sender to possibly resolve arbitrary tickets!

$ExtractSubjectTagMatch, $ExtractSubjectTagNoMatch

The default "extract remote tracking tags" scrip settings; these detect when your RT is talking to another RT, and adjust the subject accordingly.


Some email clients create a plain text version of HTML-formatted email to help other clients that read only plain text. Unfortunately, the plain text parts sometimes end up with doubled newlines and these can then end up in RT. This is most often seen in MS Outlook.

Enable this option to have RT check for additional mail headers and attempt to identify email from MS Outlook. When detected, RT will then clean up double newlines. Note that it may clean up intentional double newlines as well.

Outgoing mail


$MailCommand defines which method RT will use to try to send mail. We know that 'sendmailpipe' works fairly well. If 'sendmailpipe' doesn't work well for you, try 'sendmail'. Other options are 'smtp' or 'qmail'.

Note that you should remove the '-t' from $SendmailArguments if you use 'sendmail' rather than 'sendmailpipe'

For testing purposes, or to simply disable sending mail out into the world, you can set $MailCommand to 'testfile' which writes all mail to a temporary file. RT will log the location of the temporary file so you can extract mail from it afterward.

On shutdown, RT will clean up the temporary file created when using the 'testfile' option. If testing while the RT server is still running, you can find the files in the location noted in the log file. If you run a tool like rt-crontool however, or if you look after stopping the server, the files will have been deleted when the process completed. If you need to keep the files for development or debugging, you can manually set UNLINK => 0 where the testfile config is processed in lib/RT/Interface/Email.pm.


$SetOutgoingMailFrom tells RT to set the sender envelope to the Correspond mail address of the ticket's queue.

Warning: If you use this setting, bounced mails will appear to be incoming mail to the system, thus creating new tickets.

If the value contains an @, it is assumed to be an email address and used as a global envelope sender. Expected usage in this case is to simply set the same envelope sender on all mail from RT, without defining $OverrideOutgoingMailFrom. If you do define $OverrideOutgoingMailFrom, anything specified there overrides the global value (including Default).

This option only works if $MailCommand is set to 'sendmailpipe'.


$OverrideOutgoingMailFrom is used for overwriting the Correspond address of the queue as it is handed to sendmail -f. This helps force the From_ header away from www-data or other email addresses that show up in the "Sent by" line in Outlook.

The option is a hash reference of queue name to email address. If there is no ticket involved, then the value of the Default key will be used.

This option only works if $SetOutgoingMailFrom is enabled and $MailCommand is set to 'sendmailpipe'.


$DefaultMailPrecedence is used to control the default Precedence level of outgoing mail where none is specified. By default it is bulk, but if you only send mail to your staff, you may wish to change it.

Note that you can set the precedence of individual templates by including an explicit Precedence header.

If you set this value to undef then we do not set a default Precedence header to outgoing mail. However, if there already is a Precedence header, it will be preserved.


$DefaultErrorMailPrecedence is used to control the default Precedence level of outgoing mail that indicates some kind of error condition. By default it is bulk, but if you only send mail to your staff, you may wish to change it.

If you set this value to undef then we do not add a Precedence header to error mail.


$UseOriginatorHeader is used to control the insertion of an RT-Originator Header in every outgoing mail, containing the mail address of the transaction creator.


By default, RT sets the outgoing mail's "From:" header to "SenderName via RT". Setting $UseFriendlyFromLine to 0 disables it.


sprintf() format of the friendly 'From:' header; its arguments are SenderName and SenderEmailAddress.


RT can optionally set a "Friendly" 'To:' header when sending messages to Ccs or AdminCcs (rather than having a blank 'To:' header.

This feature DOES NOT WORK WITH SENDMAIL[tm] BRAND SENDMAIL. If you are using sendmail, rather than postfix, qmail, exim or some other MTA, you _must_ disable this option.


sprintf() format of the friendly 'To:' header; its arguments are WatcherType and TicketId.


By default, RT doesn't notify the person who performs an update, as they already know what they've done. If you'd like to change this behavior, Set $NotifyActor to 1


By default, RT records each message it sends out to its own internal database. To change this behavior, set $RecordOutgoingEmail to 0

If this is disabled, users' digest mail delivery preferences (i.e. EmailFrequency) will also be ignored.

$VERPPrefix, $VERPDomain

Setting these options enables VERP support http://cr.yp.to/proto/verp.txt.

Uncomment the following two directives to generate envelope senders of the form ${VERPPrefix}${originaladdress}@${VERPDomain} (i.e. rt-jesse=fsck.com@rt.example.com ).

This currently only works with sendmail and sendmailpipe.


By default, RT forwards a message using queue's address and adds RT's tag into subject of the outgoing message, so recipients' replies go into RT as correspondents.

To change this behavior, set $ForwardFromUser to 1 and RT will use the address of the current user and remove RT's subject tag.

Email dashboards


The email address from which RT will send dashboards. If none is set, then $OwnerEmail will be used.


Lets you set the subject of dashboards. Arguments are the frequency (Daily, Weekly, Monthly) of the dashboard and the dashboard's name.


A list of regular expressions that will be used to remove content from mailed dashboards.

Sendmail configuration

These options only take effect if $MailCommand is 'sendmail' or 'sendmailpipe'


$SendmailArguments defines what flags to pass to $SendmailPath If you picked 'sendmailpipe', you MUST add a -t flag to $SendmailArguments These options are good for most sendmail wrappers and work-a-likes.

These arguments are good for sendmail brand sendmail 8 and newer: Set($SendmailArguments,"-oi -t -ODeliveryMode=b -OErrorMode=m");


$SendmailBounceArguments defines what flags to pass to $Sendmail assuming RT needs to send an error (i.e. bounce).


If you selected 'sendmailpipe' above, you MUST specify the path to your sendmail binary in $SendmailPath.

SMTP configuration

These options only take effect if $MailCommand is 'smtp'


$SMTPServer should be set to the hostname of the SMTP server to use


$SMTPFrom should be set to the 'From' address to use, if not the email's 'From'


$SMTPDebug should be set to 1 to debug SMTP mail sending

Other mailers


@MailParams defines a list of options passed to $MailCommand if it is not 'sendmailpipe', 'sendmail', or 'smtp'

Web interface


This determines the default stylesheet the RT web interface will use. RT ships with several themes by default:

  web2            The default layout for RT 3.8
  aileron         The default layout for RT 4.0
  ballard         Theme which doesn't rely on JavaScript for menuing

This value actually specifies a directory in share/html/NoAuth/css/ from which RT will try to load the file main.css (which should @import any other files the stylesheet needs). This allows you to easily and cleanly create your own stylesheets to apply to RT. This option can be overridden by users in their preferences.


Use this to select the default queue name that will be used for creating new tickets. You may use either the queue's name or its ID. This only affects the queue selection boxes on the web interface.


When a queue is selected in the new ticket dropdown, make it the new default for the new ticket dropdown.


Hide all links and portlets related to Reminders by setting this to 0


Set @CustomFieldValuesSources to a list of class names which extend RT::CustomFieldValues::External. This can be used to pull lists of custom field values from external sources at runtime.


Set $CanonicalizeRedirectURLs to 1 to use $WebURL when redirecting rather than the one we get from %ENV.

Apache's UseCanonicalName directive changes the hostname that RT finds in %ENV. You can read more about what turning it On or Off means in the documentation for your version of Apache.

If you use RT behind a reverse proxy, you almost certainly want to enable this option.


A list of JavaScript files to be included in head. Removing any of the default entries is not suggested.

If you're a plugin author, refer to RT->AddJavaScript.


Path to the jsmin binary; if specified, it will be used to minify JSFiles. The default, and the fallback if the binary cannot be found, is to simply concatenate the files.

jsmin can be installed by running 'make jsmin' from the RT install directory, or from http://www.crockford.com/javascript/jsmin.html


A list of additional CSS files to be included in head.

If you're a plugin author, refer to RT->AddStyleSheets.


This determines how user info is displayed. 'concise' will show one of either NickName, RealName, Name or EmailAddress, depending on what exists and whether the user is privileged or not. 'verbose' will show RealName and EmailAddress.

$WebBaseURL, $WebURL

Usually you don't want to set these options. The only obvious reason is if RT is accessible via https protocol on a non standard port, e.g. 'https://rt.example.com:9999'. In all other cases these options are computed using $WebDomain, $WebPort and $WebPath.

$WebBaseURL is the scheme, server and port (e.g. 'http://rt.example.com') for constructing URLs to the web UI. $WebBaseURL doesn't need a trailing /.

$WebURL is the $WebBaseURL, $WebPath and trailing /, for example: 'http://www.example.com/rt/'.


$WebImagesURL points to the base URL where RT can find its images. Define the directory name to be used for images in RT web documents.


$LogoURL points to the URL of the RT logo displayed in the web UI. This can also be configured via the web UI.


$LogoLinkURL is the URL that the RT logo hyperlinks to.


$LogoAltText is a string of text for the alt-text of the logo. It will be passed through loc for localization.


$LogoImageHeight is the value of the height attribute of the logo img tag.


$LogoImageWidth is the value of the width attribute of the logo img tag.


What portion of RT's URL space should not require authentication. The default is almost certainly correct, and should only be changed if you are extending RT.


What portion of RT's URLspace should be accessible to Unprivileged users This does not override the redirect from /Ticket/Display.html to /SelfService/Display.html when Unprivileged users attempt to access ticked displays.


By default, RT clears its database cache after every page view. This ensures that you've always got the most current information when working in a multi-process (mod_perl or FastCGI) Environment. Setting $WebFlushDbCacheEveryRequest to 0 will turn this off, which will speed RT up a bit, at the expense of a tiny bit of data accuracy.


The GD module (which RT uses for graphs) ships with a built-in font that doesn't have full Unicode support. You can use a given TrueType font for a specific language by setting %ChartFont to (language => the absolute path of a font) pairs. Your GD library must have support for TrueType fonts to use this option. If there is no entry for a language in the hash then font with 'others' key is used.

RT comes with two TrueType fonts covering most available languages.


RT stores dates using the UTC timezone in the DB, so charts grouped by dates and time are not representative. Set $ChartsTimezonesInDB to 1 to enable timezone conversions using your DB's capabilities. You may need to do some work on the DB side to use this feature, read more in docs/customizing/timezones_in_charts.pod.

At this time, this feature only applies to MySQL and PostgreSQL.

Home page


$DefaultSummaryRows is default number of rows displayed in for search results on the front page.


$HomePageRefreshInterval is default number of seconds to refresh the RT home page. Choose from [0, 120, 300, 600, 1200, 3600, 7200].


$HomepageComponents is an arrayref of allowed components on a user's customized homepage ("RT at a glance").


Historically, ACLs were checked on display, which could lead to empty search pages and wrong ticket counts. Set $UseSQLForACLChecks to 1 to limit search results in SQL instead, which eliminates these problems.

This option is still relatively new; it may result in performance problems in some cases, or significant speedups in others.


On the display page of a ticket from search results, RT provides links to the first, next, previous and last ticket from the results. In order to build these links, RT needs to fetch the full result set from the database, which can be resource-intensive.

Set $TicketsItemMapSize to number of tickets you want RT to examine to build these links. If the full result set is larger than this number, RT will omit the "last" link in the menu. Set this to zero to always examine all results.


$SearchResultsRefreshInterval is default number of seconds to refresh search results in RT. Choose from [0, 120, 300, 600, 1200, 3600, 7200].


$DefaultSearchResultFormat is the default format for RT search results


$DefaultSelfServiceSearchResultFormat is the default format of searches displayed in the SelfService interface.


Full text search (FTS) without database indexing is a very slow operation, and is thus disabled by default.

Before setting Indexed to 1, read docs/full_text_indexing.pod for the full details of FTS on your particular database.

It is possible to enable FTS without database indexing support, simply by setting the Enable key to 1, while leaving Indexed set to 0. This is not generally suggested, as unindexed full-text searching can cause severe performance problems.


If $DontSearchFileAttachments is set to 1, then uploaded files (attachments with file names) are not searched during content search.

Note that if you use indexed FTS then named attachments are still indexed by default regardless of this option.


When query in simple search doesn't have status info, use this to only search active ones.


When only one ticket is found in search, use this to redirect to the ticket display page automatically.

Ticket display


This determines if the 'More about requestor' box on Ticket/Display.html is shown for Privileged Users.


This can be set to Active, Inactive, All or None. It controls what ticket list will be displayed in the 'More about requestor' box on Ticket/Display.html. This option can be controlled by users also.


By default, the 'More about requestor' box on Ticket/Display.html shows the Requestor's name and ticket list. If you would like to see extra information about the user, this expects a Format string of user attributes. Please note that not all the attributes are supported in this display because we're not building a table.

Example: Set($MoreAboutRequestorExtraInfo,"Organization, Address1")


By default, the 'More about requestor' box on Ticket/Display.html shows all the groups of the Requestor. Use this to limit the number of groups; a value of undef removes the group display entirely.


Should the ticket create and update forms use a more space efficient two column layout. This layout may not work in narrow browsers if you set a MessageBoxWidth (below).


When displaying a list of Ticket Custom Fields for editing, RT defaults to a 2 column list. If you set this to 1, it will instead display the Custom Fields in a single column.


If set to 1, RT will prompt users when there are new, unread messages on tickets they are viewing.


If set to 1, the owner drop-downs for ticket update/modify and the query builder are replaced by text fields that autocomplete. This can alleviate the sometimes huge owner list for installations where many users have the OwnTicket right.


If set to 1, the owner drop-downs for the query builder are always replaced by text field that autocomplete and $AutocompleteOwners is ignored. Helpful when owners list is huge in the query builder.


Specifies which fields of RT::User to match against and how to match each field when autocompleting users. Valid match methods are LIKE, STARTSWITH, ENDSWITH, =, and !=.


Should unprivileged users be allowed to autocomplete users. Setting this option to 1 means unprivileged users will be able to search all your users.


Enable this to redirect to the created ticket display page automatically when using QuickCreate.

Support implicit links in WikiText custom fields? Setting this to 1 causes InterCapped or ALLCAPS words in WikiText fields to automatically become links to searches for those words. If used on Articles, it links to the Article with that name.


Set $PreviewScripMessages to 1 if the scrips preview on the ticket reply page should include the content of the messages to be sent.


If $SimplifiedRecipients is set, a simple list of who will receive any kind of mail will be shown on the ticket reply page, instead of a detailed breakdown by scrip.


If set to 1, this option will skip ticket menu actions which can't be completed successfully because of outstanding active Depends On tickets.

By default, all ticket actions are displayed in the menu even if some of them can't be successful until all Depends On links are resolved or transitioned to another inactive status.



Set this to 1 to display the Articles interface on the Ticket Create page in addition to the Reply/Comment page.


Set this to 1 to hide the search and include boxes from the Article UI. This assumes you have enabled Article Hotlist feature, otherwise you will have no access to Articles.

Message box properties

$MessageBoxWidth, $MessageBoxHeight

For message boxes, set the entry box width, height and what type of wrapping to use. These options can be overridden by users in their preferences.

When the width is set to undef, no column count is specified and the message box will take up 100% of the available width. Combining this with HARD messagebox wrapping (below) is not recommended, as it will lead to inconsistent width in transactions between browsers.

These settings only apply to the non-RichText message box. See below for Rich Text settings.


Wrapping is disabled when using MessageBoxRichText because of a bad interaction between IE and wrapping with the Rich Text Editor.


Should "rich text" editing be enabled? This option lets your users send HTML email messages from the web interface.


Height of rich text JavaScript enabled editing boxes (in pixels)


Should your users' signatures (from their Preferences page) be included in Comments and Replies.


Should your users' signatures (from their Preferences page) be included in Comments. Setting this to false overrides $MessageBoxIncludeSignature.

Transaction display


By default, RT shows newest transactions at the bottom of the ticket history page, if you want see them at the top set this to 0. This option can be overridden by users in their preferences.


When set, defers loading ticket history until the user clicks a link. This should end up serving pages to users quicker, since generating all the HTML for transaction history can be slow for long tickets.


By default, RT hides from the web UI information about blind copies user sent on reply or comment.


If TrustHTMLAttachments is not defined, we will display them as text. This prevents malicious HTML and JavaScript from being sent in a request (although there is probably more to it than that)


Always download attachments, regardless of content type. If set, this overrides TrustHTMLAttachments.


Controls the units (kilobytes or bytes) that attachment sizes use for display. The default is to display kilobytes if the attachment is larger than 1024 bytes, bytes otherwise. If you set $AttachmentUnits to 'k' then attachment sizes will always be displayed in kilobytes. If set to 'b', then sizes will be bytes.


If $PreferRichText is set to 1, RT will show HTML/Rich text messages in preference to their plain-text alternatives. RT "scrubs" the HTML to show only a minimal subset of HTML to avoid possible contamination by cross-site-scripting attacks.


$MaxInlineBody is the maximum attachment size that we want to see inline when viewing a transaction. RT will inline any text if the value is undefined or 0. This option can be overridden by users in their preferences.


By default, RT shows images attached to incoming (and outgoing) ticket updates inline. Set this variable to 0 if you'd like to disable that behavior.


Normally plaintext attachments are displayed as HTML with line breaks preserved. This causes space- and tab-based formatting not to be displayed correctly. By setting $PlainTextPre messages will be displayed using <pre>.


Set $PlainTextMono to 1 to use monospaced font and preserve formatting; unlike $PlainTextPre, the text will wrap to fit width of the browser window; this option overrides $PlainTextPre.


If $SuppressInlineTextFiles is set to 1, then uploaded text files (text-type attachments with file names) are prevented from being displayed in-line when viewing a ticket's history.


MakeClicky detects various formats of data in headers and email messages, and extends them with supporting links. By default, RT provides two formats:

* 'httpurl': detects http:// and https:// URLs and adds '[Open URL]' link after the URL.

* 'httpurl_overwrite': also detects URLs as 'httpurl' format, but replaces the URL with a link.

See share/html/Elements/MakeClicky for documentation on how to add your own styles of link detection.

Application logic


If $ParseNewMessageForTicketCcs is set to 1, RT will attempt to divine Ticket 'Cc' watchers from the To and Cc lines of incoming messages that create new Tickets. This option does not apply to replies or comments on existing Tickets. Be forewarned that if you have any addresses which forward mail to RT automatically and you enable this option without modifying $RTAddressRegexp below, you will get yourself into a heap of trouble.


Set $UseTransactionBatch to 1 to execute transactions in batches, such that a resolve and comment (for example) would happen simultaneously, instead of as two transactions, unaware of each others' existence.


When this feature is enabled a user needs ModifyTicket rights on both tickets to link them together; otherwise, ModifyTicket rights on either of them is sufficient.


Should RT redistribute correspondence that it identifies as machine generated? A 1 will do so; setting this to 0 will cause no such messages to be redistributed. You can also use 'privileged' (the default), which will redistribute only to privileged users. This helps to protect against malformed bounces and loops caused by auto-created requestors with bogus addresses.


Should rejection notes from approvals be sent to the requestors?


Should approval tickets only be viewed and modified through the standard approval interface? Changing this setting to 1 will redirect any attempt to use the normal ticket display and modify page for approval tickets.

For example, with this option set to 1 and an approval ticket #123:


is redirected to


Extra security

This is a list of extra security measures to enable that help keep your RT safe. If you don't know what these mean, you should almost certainly leave the defaults alone.


If set to a true value, the ExecuteCode right will be removed from all users, including the superuser. This is intended for when RT is installed into a shared environment where even the superuser should not be allowed to run arbitrary Perl code on the server via scrips.


If set to a false value, framekiller javascript will be disabled and the X-Frame-Options: DENY header will be suppressed from all responses. This disables RT's clickjacking protection.


If set to a false value, the HTTP Referer (sic) header will not be checked to ensure that requests come from RT's own domain. As RT allows for GET requests to alter state, disabling this opens RT up to cross-site request forgery (CSRF) attacks.


If set to a false value, RT will allow the user to log in from any link or request, merely by passing in user and pass parameters; setting it to a true value forces all logins to come from the login box, so the user is aware that they are being logged in. The default is off, for backwards compatability.


This is a list of hostname:port combinations that RT will treat as being part of RT's domain. This is particularly useful if you access RT as multiple hostnames or have an external auth system that needs to redirect back to RT once authentication is complete.

 Set(@ReferrerWhitelist, qw(www.example.com:443  www3.example.com:80));

If the "RT has detected a possible cross-site request forgery" error is triggered by a host:port sent by your browser that you believe should be valid, you can copy the host:port from the error message into this list.

Simple wildcards, similar to SSL certificates, are allowed. For example:

    *.example.com:80    # matches foo.example.com
                        # but not example.com
                        #      or foo.bar.example.com

    www*.example.com:80 # matches www3.example.com
                        #     and www-test.example.com
                        #     and www.example.com

Authorization and user configuration


If $WebExternalAuth is defined, RT will defer to the environment's REMOTE_USER variable.


If $WebExternalAuthContinuous is defined, RT will check for the REMOTE_USER on each access. If you would prefer this to only happen once (at initial login) set this to a false value. The default setting will help ensure that if your external authentication system deauthenticates a user, RT notices as soon as possible.


If $WebFallbackToInternalAuth is defined, the user is allowed a chance of fallback to the login screen, even if REMOTE_USER failed.


$WebExternalGecos means to match 'gecos' field as the user identity); useful with mod_auth_pwcheck and IIS Integrated Windows logon.


$WebExternalAuto will create users under the same name as REMOTE_USER upon login, if it's missing in the Users table.


If $WebExternalAuto is set to 1, $AutoCreate will be passed to User's Create method. Use it to set defaults, such as creating Unprivileged users with { Privileged = 0 }> This must be a hashref.


$WebSessionClass is the class you wish to use for managing sessions. It defaults to use your SQL database, except on Oracle, where it defaults to files on disk.


By default, RT's user sessions persist until a user closes his or her browser. With the $AutoLogoff option you can setup session lifetime in minutes. A user will be logged out if he or she doesn't send any requests to RT for the defined time.


The number of seconds to wait after logout before sending the user to the login page. By default, 1 second, though you may want to increase this if you display additional information on the logout page.


By default, RT's session cookie isn't marked as "secure". Some web browsers will treat secure cookies more carefully than non-secure ones, being careful not to write them to disk, only sending them over an SSL secured connection, and so on. To enable this behavior, set $WebSecureCookies to 1. NOTE: You probably don't want to turn this on unless users are only connecting via SSL encrypted HTTPS connections.


Default RT's session cookie to not being directly accessible to javascript. The content is still sent during regular and AJAX requests, and other cookies are unaffected, but the session-id is less programmatically accessible to javascript. Turning this off should only be necessary in situations with odd client-side authentication requirements.


$MinimumPasswordLength defines the minimum length for user passwords. Setting it to 0 disables this check.



An array that contains languages supported by RT's internationalization interface. Defaults to all *.po lexicons; setting it to qw(en ja) will make RT bilingual instead of multilingual, but will save some memory.


An array that contains default encodings used to guess which charset an attachment uses, if it does not specify one explicitly. All options must be recognized by Encode::Guess. The first element may also be '*', which enables encoding detection using Encode::Detect::Detector, if installed.


The charset for localized email. Must be recognized by Encode.

Date and time handling


You can choose date and time format. See the "Output formatters" section in perldoc lib/RT/Date.pm for more options. This option can be overridden by users in their preferences.

Some examples:

Set($DateTimeFormat, "LocalizedDateTime"); Set($DateTimeFormat, { Format = "ISO", Seconds => 0 });> Set($DateTimeFormat, "RFC2822"); Set($DateTimeFormat, { Format = "RFC2822", Seconds => 0, DayOfWeek => 0 });>


Set this to 1 if your local date convention looks like "dd/mm/yy" instead of "mm/dd/yy". Used only for parsing, not for displaying dates.

$AmbiguousDayInPast, $AmbiguousDayInFuture

Should an unspecified day or year in a date refer to a future or a past value? For example, should a date of "Tuesday" default to mean the date for next Tuesday or last Tuesday? Should the date "March 1" default to the date for next March or last March?

Set $AmbiguousDayInPast for the last date, or $AmbiguousDayInFuture for the next date; the default is usually correct. If both are set, $AmbiguousDayInPast takes precedence.


Use this to set the default units for time entry to hours instead of minutes. Note that this only effects entry, not display.

GnuPG integration

A full description of the (somewhat extensive) GnuPG integration can be found by running the command `perldoc RT::Crypt::GnuPG` (or `perldoc lib/RT/Crypt/GnuPG.pm` from your RT install directory).


Set OutgoingMessagesFormat to 'inline' to use inline encryption and signatures instead of 'RFC' (GPG/MIME: RFC3156 and RFC1847) format.

If you want to allow people to encrypt attachments inside the DB then set AllowEncryptDataInDB to 1.

Set RejectOnMissingPrivateKey to false if you don't want to reject emails encrypted for key RT doesn't have and can not decrypt.

Set RejectOnBadData to false if you don't want to reject letters with incorrect GnuPG data.


Options to pass to the GnuPG program.

If you override this in your RT_SiteConfig, you should be sure to include a homedir setting.

Note that options with '-' character MUST be quoted.


Lifecycle definitions

Each lifecycle is a list of possible statuses split into three logic sets: initial, active and inactive. Each status in a lifecycle must be unique. (Statuses may not be repeated across sets.) Each set may have any number of statuses.

For example:

    default => {
        initial  => ['new'],
        active   => ['open', 'stalled'],
        inactive => ['resolved', 'rejected', 'deleted'],

Status names can be from 1 to 64 ASCII characters. Statuses are localized using RT's standard internationalization and localization system.


You can define multiple initial statuses for tickets in a given lifecycle.

RT will automatically set its Started date when you change a ticket's status from an initial state to an active or inactive status.


Active tickets are "currently in play" - they're things that are being worked on and not yet complete.


Inactive tickets are typically in their "final resting state".

While you're free to implement a workflow that ignores that description, typically once a ticket enters an inactive state, it will never again enter an active state.

RT will automatically set the Resolved date when a ticket's status is changed from an Initial or Active status to an Inactive status.

deleted is still a special status and protected by the DeleteTicket right, unless you re-defined rights (read below). If you don't want to allow ticket deletion at any time simply don't include it in your lifecycle.

Statuses in each set are ordered and listed in the UI in the defined order.

Changes between statuses are constrained by transition rules, as described below.

Default values

In some cases a default value is used to display in UI or in API when value is not provided. You can configure defaults using the following syntax:

    default => {
        defaults => {
            on_create => 'new',
            on_resolve => 'resolved',

The following defaults are used.


If you (or your code) doesn't specify a status when creating a ticket, RT will use the this status. See also "Statuses available during ticket creation".


When tickets are merged, the status of the ticket that was merged away is forced to this value. It should be one of inactive statuses; 'resolved' or its equivalent is most probably the best candidate.


When an approval is accepted, the status of depending tickets will be changed to this value.


When an approval is denied, the status of depending tickets will be changed to this value.


When a reminder is opened, the status will be changed to this value.


When a reminder is resolved, the status will be changed to this value.

Transitions between statuses and UI actions

A Transition is a change of status from A to B. You should define all possible transitions in each lifecycle using the following format:

    default => {
        transitions => {
            ''       => [qw(new open resolved)],
            new      => [qw(open resolved rejected deleted)],
            open     => [qw(stalled resolved rejected deleted)],
            stalled  => [qw(open)],
            resolved => [qw(open)],
            rejected => [qw(open)],
            deleted  => [qw(open)],

Statuses available during ticket creation

By default users can create tickets with a status of new, open, or resolved, but cannot create tickets with a status of rejected, stalled, or deleted. If you want to change the statuses available during creation, update the transition from '' (empty string), like in the example above.

Protecting status changes with rights

A transition or group of transitions can be protected by a specific right. Additionally, you can name new right names, which will be added to the system to control that transition. For example, if you wished to create a lesser right than ModifyTicket for rejecting tickets, you could write:

    default => {
        rights => {
            '* -> deleted'  => 'DeleteTicket',
            '* -> rejected' => 'RejectTicket',
            '* -> *'        => 'ModifyTicket',

This would create a new RejectTicket right in the system which you could assign to whatever groups you choose.

On the left hand side you can have the following variants:

    '<from> -> <to>'
    '* -> <to>'
    '<from> -> *'
    '* -> *'

Valid transitions are listed in order of priority. If a user attempts to change a ticket's status from new to open then the lifecycle is checked for presence of an exact match, then for 'any to open', 'new to any' and finally 'any to any'.

If you don't define any rights, or there is no match for a transition, RT will use the DeleteTicket or ModifyTicket as appropriate.

Labeling and defining actions

For each transition you can define an action that will be shown in the UI; each action annotated with a label and an update type.

Each action may provide a default update type, which can be Comment, Respond, or absent. For example, you may want your staff to write a reply to the end user when they change status from new to open, and thus set the update to Respond. Neither Comment nor Respond are mandatory, and user may leave the message empty, regardless of the update type.

This configuration can be used to accomplish what $ResolveDefaultUpdateType was used for in RT 3.8.

Use the following format to define labels and actions of transitions:

    default => {
        actions => [
            'new -> open'     => { label => 'Open it', update => 'Respond' },
            'new -> resolved' => { label => 'Resolve', update => 'Comment' },
            'new -> rejected' => { label => 'Reject',  update => 'Respond' },
            'new -> deleted'  => { label => 'Delete' },

            'open -> stalled'  => { label => 'Stall',   update => 'Comment' },
            'open -> resolved' => { label => 'Resolve', update => 'Comment' },
            'open -> rejected' => { label => 'Reject',  update => 'Respond' },

            'stalled -> open'  => { label => 'Open it' },
            'resolved -> open' => { label => 'Re-open', update => 'Comment' },
            'rejected -> open' => { label => 'Re-open', update => 'Comment' },
            'deleted -> open'  => { label => 'Undelete' },

In addition, you may define multiple actions for the same transition. Alternately, you may use '* -> x' to match more than one transition. For example:

    default => {
        actions => [
            'new -> rejected' => { label => 'Reject', update => 'Respond' },
            'new -> rejected' => { label => 'Quick Reject' },
            '* -> deleted' => { label => 'Delete' },

Moving tickets between queues with different lifecycles

Unless there is an explicit mapping between statuses in two different lifecycles, you can not move tickets between queues with these lifecycles. This is true even if the different lifecycles use the exact same set of statuses. Such a mapping is defined as follows:

    __maps__ => {
        'from lifecycle -> to lifecycle' => {
            'status in left lifecycle' => 'status in right lifecycle',

Administrative interface


RT can show administrators a feed of recent RT releases and other related announcements and information from Best Practical on the top level Configuration page. This feature helps you stay up to date on RT security announcements and version updates.

RT provides this feature using an "iframe" on /Admin/index.html which asks the administrator's browser to show an inline page from Best Practical's website.

If you'd rather not make this feature available to your administrators, set $ShowRTPortal to a false value.


In the admin interface, format strings similar to tickets result formats are used. Use %AdminSearchResultFormat to define the format strings used in the admin interface on a per-RT-class basis.

Development options


RT comes with a "Development mode" setting. This setting, as a convenience for developers, turns on several of development options that you most likely don't want in production:

  • Disables CSS and JS minification and concatenation. Both CSS and JS will be instead be served as a number of individual smaller files, unchanged from how they are stored on disk.

  • Uses Module::Refresh to reload changed Perl modules on each request.

  • Turns off Mason's static_source directive; this causes Mason to reload template files which have been modified on disk.

  • Turns on Mason's HTML error_format; this renders compilation errors to the browser, along with a full stack trace. It is possible for stack traces to reveal sensitive information such as passwords or ticket content.

  • Turns off caching of callbacks; this enables additional callbacks to be added while the server is running.


What abstract base class should RT use for its records. You should probably never change this.

Valid values are DBIx::SearchBuilder::Record or DBIx::SearchBuilder::Record::Cachable


@MasonParameters is the list of parameters for the constructor of HTML::Mason's Apache or CGI Handler. This is normally only useful for debugging, e.g. profiling individual components with:

    use MasonX::Profiler; # available on CPAN
    Set(@MasonParameters, (preamble => 'my $p = MasonX::Profiler->new($m, $r);'));

RT has rudimentary SQL statement logging support; simply set $StatementLog to be the level that you wish SQL statements to be logged at.

Enabling this option will also expose the SQL Queries page in the Configuration -> Tools menu for SuperUsers.

Deprecated options


RT-3.4 backward compatibility setting. Add/Delete Link used to record one transaction and run one scrip. Set this value to 1 if you want only one of the link transactions to have scrips run.


This option has been deprecated. You can configure this site-wide with "Lifecycles" (see "Labeling and defining actions").

← Back to index