Rejecting Smtp Connections from Specific Servers | Apple 10.6

Restricted SMTP Relay and SMTP Authentication Interaction

The following table describes the results of using restricted SMTP relay and SMTP authentication (see “SMTP Authentication” on page 64) in various combinations.

SMTP requires authentication	Restricted SMTP relay	Result
On	Off	All mail servers must
		authenticate before Mail
		service accepts mail for relay.
		Your local mail users must also
		authenticate to send mail out.

On	On	Approved mail servers can
		relay without authentication.
		Servers you haven’t approved
		can relay after authenticating
		with Mail service.

Off	On	Mail service can’t be used for
		open relay. Approved mail
		servers can relay (without
		authenticating).
		Servers that you haven’t
		approved can’t relay unless
		they authenticate, but they can
		deliver to your local mail users.
		Your local mail users don’t need
		to authenticate to send mail.
		This is the most common
		configuration.

Rejecting SMTP Connections from Specific Servers

Mail service can reject unauthorized SMTP connections from hosts on a disapproved- hosts list that you create. Mail traffic from hosts on this list is denied and the SMTP connections are closed after posting a 554 SMTP connection refused error.

To reject unauthorized SMTP connections from specific servers:

1In Server Admin, select a computer in the Servers list, then select Mail.

2Click Settings.

3Select the Relay tab.

4Click the “Refuse all messages from these hosts and networks” checkbox.

5Edit the list of servers by choosing one of the following: ÂÂ Click the Add (+) button to add a host to the list.

ÂÂ Click the Remove (-) button to delete the selected host from the list. ÂÂ Click the Edit (/) button to change the selected host from the list.

32

Chapter 2    Mail Service Setup

Image 32

Apple 10.6 Restricted Smtp Relay and Smtp Authentication Interaction, Rejecting Smtp Connections from Specific Servers

Contents

Mac OS X Server Apple Contents Mail Service Advanced Configuration Monitoring and Maintaining Mail Service Troubleshooting Mail Service Contents What’s in This Guide Preface To see the most recent server help topics Using Onscreen HelpTo get the most recent onscreen help for Mac OS X Server Document Road Map Getting Started Preface About This Guide Getting Documentation Updates Getting Additional Information Understanding Mail Service Mail Service Architecture Mail Transfer Agent Mac OS X Server Mail Screening Incoming Mail Location Where Mail Is StoredOutgoing Mail Location Dovecot Internet Message Access Protocol ImapLocal Delivery Agent User Interaction with Mail Service Post Office Protocol POP Wiki-Based Mailing Lists Using Mailing Lists with Mail ServiceMailman-Based Mailing Lists Using Network Services with Mail Service Mail service uses DNS like this Managing Mail Service Before You Begin To enable MX records Using Mail Service ToolsConfiguring DNS for Mail Service Setup Overview How User Account Settings Affect Mail Service To start the mail configuration assistant Configure outgoing Mail service Configure additional settings for Mail service Administering Mail Service Changing Mail Service SettingsTo enable Mail Service for administration To change Mail service settings from the command line General Setup Viewing Mail Service Settings from the Command LineConfiguring Outgoing Mail Service Understanding Smtp Authentication Requiring Smtp Authentication Enabling Smtp AccessTo enable Smtp access Relaying Smtp Mail Through Another Server To relay Smtp mail through another serverCopying Undeliverable Incoming Mail To keep a copy of undeliverable incoming mail Configuring Incoming Mail Service Enabling Imap AccessSaving Mail Messages for Monitoring and Archival Purposes To save all messages To enable Imap access Enabling POP AccessTo enable POP access Choosing No Incoming Mail Retrieval To restrict Smtp relay Restricting Smtp RelayTo change the local delivery directory Restricted Smtp Relay and Smtp Authentication Interaction Rejecting Smtp Connections from Specific Servers Rejecting Mail from Blacklisted Senders Filtering Smtp ConnectionsTo reject mail from blacklisted senders To filter Smtp connections Limiting Junk Mail and Viruses Connection Control Enabling Junk Mail Screening Bayesian Filters Mail Service FilteringTo enable junk mail screening Training the Junk Mail Filter Training the junk mail filter with users’ help To allow mail by language and locale Training the junk mail filter without user interactionFiltering Mail by Language and Locale To enable virus screening Enabling Virus Screening Server-Side Mail Rules To enable Sieve supportFrom the command line To enable a user’s mail quota Managing Mail QuotasLimiting Incoming Message Size Enabling Mail Quotas for Users Configuring Quota Warnings Configure Quota Violation ResponsesTo configure quota warnings To configure quota violation responses Mailing Lists Setting Up a Wiki-Based Mailing ListTo enable wiki-based mailing lists About Mailman Enabling Mailing Lists Setting Up a Mailman Mailing ListTo enable mailing lists Creating a Mailing List To create a list Setting a List’s Maximum Message Length To set a list’s maximum message lengthCreating a Mailing List Description To create a list description Customizing the Mailing List Welcome Message To customize a welcome messageCustomizing the Mailing List Unsubscribe Message To customize the subscriber welcome message To enable list moderation Setting Mailing List Message Bounce OptionsEnabling a Mailing List Moderator To set bounce options Designating a Mailing List as Private To set privacy optionsAdding Subscribers To add subscribers Administering Mailing Lists Viewing a Server’s Mailing ListsTo see the lists Viewing a Mailing List’s Information Designating a List Administrator To designate a list administratorAccessing Web-Based Administrator Options To access a list’s web-based options Designating a List Moderator To designate a list moderatorArchiving a List’s Mail To archive a list’s mail Working with Mailing List Subscribers Viewing Mailing List ArchivesAdding a Subscriber to a List Removing a List Subscriber Changing Subscriber Posting Privileges To add or remove a subscriber’s posting privilegesSuspending a Subscriber To suspend a user’s subscription to a list List Subscriber Options Subscribing to a Mailing List Via MailTo subscribe via mail Subscribing to a Mailing List Via Web Unsubscribing from a Mailing List Via Web Setting and Changing Your Mailing List PasswordUnsubscribing from a Mailing List Via Mail To disable list delivery Changing Digest ModeDisabling List Mail Delivery To toggle digest mode Where to Find More Information Setting Additional Subscriber OptionsTo access additional options Choosing Mime or Plain Text Digests Setting Mail Service Logging Options Setting the Mail Service Log DetailArchiving Mail Service Logs by Schedule To set the Mail service log detail Client-Specific Configuration for Mail Service Configuring Mail Client Applications Using Webmail Vacation NoticesTo use WebMail How a user modifies their vacation notices Designating Authorized Mail Service Users Use this chapter to tune Mail service beyond a basic setupSecuring User Access to Mail Service To enable a user’s mail access using Workgroup Manager Using Workgroup Manager for Mail Service AccessUsing Access Control Lists for Mail Service Access To enable mail access using ACLs Choosing Authentication for Mail ServiceSmtp Authentication To allow less secure authentication Imap and POP AuthenticationTo allow secure Smtp authentication To set secure Imap and POP authentication To set less secure Imap and POP authentication Securing Mail Service with SSL Configuring SSL for mail transport Configuring SSL Transport for Smtp Connections Configuring SSL Transport for Imap and POP ConnectionsTo configure SSL transport for Smtp connections To configure SSL transport for Imap and POP connections Generate a Certificate Signing Request CSR Enter a key size, and then press Return Enter s, and then press Return Following output appears Accessing Server Certificates from the Command Line Creating a Password File from the Command Line Creating the Password File in the Keychain Enabling Virtual Hosting Mail Service Virtual HostTo enable virtual hosting To add or remove virtual hosts Adding or Removing Virtual HostsAssociating Users to the Virtual Host Postmaster@server.com At the prompt, enter the following command Creating Additional Mail Addresses for Users To create a Mac OS X Server-style alias To forward a user’s mail Setting Up Forwarding Mail Addresses for a UserTo create a Postfix-style alias Working with Mail Service Data Storage To specify where mail is stored on the serverViewing the Location of the Mail Store Specifying the Location of the Mail Store Creating Additional Mail Store Locations To split the mail store Maximum Number of Mail Messages Per Volume Backing Up and Restoring Mail Messages Setting Up Mail Server Clustering with Xsan Configuring Additional Mail Service Support for 8-Bit MimeConfiguring Mail Clustering To disable the default conversion To start or stop the service Use this chapter to monitor and maintain Mail serviceStarting or Stopping Mail Service Reloading Mail Service To reload Mail service from the command lineHolding Outbound Mail To hold outbound mail Allowing Administrator Access to Mail Folders Creating an Administration AccountTo create a mail administrator account Blocking Inbound Mail Connections Monitoring Mail Service Activity Viewing an Overview of Mail Service ActivityViewing Mail Service Logs To see an overview of Mail service activity To view a Mail service log Reclaiming Disk Space Used by Mail Service Log ArchivesViewing the Mail Connections List To view a list of connected mail users Viewing Mail Accounts Monitoring the Outgoing Mail QueueChecking the Outgoing Mail Queue Clearing Messages from the Outgoing Mail Queue To try to resend an outgoing message Viewing Mail Service StatisticsRetrying Undelivered Outgoing Messages Computer responds with the following output Troubleshooting Mail Service Improving Performance When a Disk Is Full When Mail Is UndeliverableWhere to Find More Information Forwarding Undeliverable Incoming Mail Books Internet Service Settings Appendix D87.cert.pem Mailimapsieveproxyservers Emptyarray D87.key.pem Default ALL+RC4@STRENGTH 100 101 Mailpostfixsendercanonicalmaps 102 Strength 103 ALL!EXPORT+RC4@STRENGTH 104 105 Mailpostfixdisablemimeinput Processing 106 Begin Certificate 107 108 109 110 111 Options 112 Connect GET Post 113 114 115 116 117 118 119 120 TZ Mailconfig Lang 121 122 Begin RSA Private KEY 123 MAILER-DAEMON 124 Ratedelay Mailpostfixsmtprandomize Yes Addresses 125 126 127 Vacation Notification Script 128 129 Self-Defined ForwardingBasic Sort and Antijunk Mail Filter 130 131 IndexDisks 132 See also Mailman, subscribers Mailman 133 134