Mail Server Security Options

<< Click to Display Table of Contents >>

Navigation:  The ThinkAutomation Mail Server >

Mail Server Security Options

Security

The security tab is used to configure the mail server security options.

 

mailserveroptions-trustedhosts

 

In this section you define your 'Trusted Hosts', 'Whitelists' and 'Blacklists'.

 

Trusted Hosts

Trusted Hosts are IP addresses of PC's that you trust. Connections from these IP addresses will be allowed to 'relay' through the mail server. That is, they will be allowed to send email to anyone via the mail server.

 

By default ThinkAutomation adds all Internal Addresses to the trusted hosts list. An Internal Address is an IP address that is inside your network. By default all External IP addresses will NOT be allowed to relay. This is called a closed relay. It prevents spammers from outside your network sending emails via your mail server.

 

You can add your own IP external IP addresses to the trusted hosts list. Select the Trusted Hosts button, then click the Add button.

 

Whitelists

mailserveroptions-whitelists

 

The Whitelists are lists of IP Addresses, Email Addresses and Words that the mail server considers good.

 

When the mail server receives an incoming email it first checks if the senders IP address or from address is in the IP or Email whitelist. If so, the email is accepted without further checks. It then checks the body text. If the body contains one or more of the words contained in the Words whitelist, then it is accepted without further checks.

 

Select the IP Addresses, Email Addresses or Words list from the buttons on the left hand side. Then click Add to add a new item.

 

All items can contain wildcards, so for example: '*@parker-software.com' would accept any email ending with '@parker-software.com'.

 

Blacklists

mailserveroptions-blacklists

 

These are the opposite of Whitelists. Any incoming email containing an item in any of the blacklists will be blocked.

 

In addition to IP Addresses, Email Addresses and Words, you can blacklist File Types (by specifying the file extension) and email from Geographical Locations. For locations you can specify the Country and/or City. When an email arrives, ThinkAutomation looks up the physical location of the senders IP address using 'geo-ip'.

 

The Whitelist overrides the Blacklist. So if an email arrives containing an item on the Whitelist then it will be allowed, regardless of whether it contains items on the Blacklist.

 

Security Options

The Security Options tab is used to define settings that control the security checks performed on incoming email messages that the mail server receives. These checks are not performed on emails from Trusted Hosts or that are Whitelisted.

 

mailserveroptions-security

 

Automatically Whitelist Outgoing Email Addresses

 

If you enable this option then the 'to' addresses of all outgoing emails will be added to the incoming email Whitelist. This means that if you send an email to someone via the ThinkAutomation mail server, then their address will be whitelisted and they will be allowed to send you emails from then on that will never be blocked.

 

Automatically Whitelist IP Addresses That Successfully Authenticate Via POP3 or IMAP

 

If this option is enabled then the IP address of any email client that successfully authenticates with the mail server will be whitelisted.

 

Enable Greylisting

 

If this option is enabled then the ThinkAutomation mail server will reject the first SMTP connection from an IP address that is not whitelisted. The sender must re-try after 2 minutes. This is an anti-spam mechanism. Most spammers won't retry, so this is an effective way of reducing spam. Once the sender re-tries, their IP address will be stored for 30 days and they won't be asked to re-try again within that period. For more information about Greylisting see: http://en.wikipedia.org/wiki/Greylisting

 

Reject If Sender Has No MX Record Or Reverse DNS

 

If this option is enabled then ThinkAutomation will lookup the MX and reverse DNS records for the senders IP address. If no records are found the email will be rejected.

 

Use RBL (Real Time Blackhole Lists)

 

Real time blackhole lists are publicly accessible lists of IP addresses of known spammers. If this option is enabled, ThinkAutomation will lookup the senders IP address and check if it exists on any of the lists specified in the RBL Servers To Query. If any of these RBL Servers return a match then the incoming email will be blocked.

For more information about RBL see: http://en.wikipedia.org/wiki/DNSBL

 

Maximum Message Size

 

You can define the maximum size of messages you will allow the mail server to receive. Specify the value in Kilobytes (10,000 = 10 Mb)

ThinkAutomation © Parker Software 2016