Restricting smtp relay – Apple Mac OS X Server (version 10.2.3 or later) User Manual
Page 422
422
Chapter 9
m Log and optionally reject an SMTP connection from a server whose DNS name doesn’t
match a reverse-lookup of its IP address. For instructions, see “Checking for Mismatched
SMTP Server Name and IP Address” on page 423.
m Reject SMTP connections from servers that are blacklisted as open relays by an Open
Relay Behavior-modification System (ORBS) server. For instructions, see “Rejecting Mail
From Blacklisted Senders” on page 424.
m Allow or deny SMTP connections from specific IP addresses by using the firewall service
of Mac OS X Server. For instructions, see “Filtering SMTP Connections” on page 425.
Restricting SMTP Relay
Your mail service can restrict SMTP relay by allowing only approved servers to relay mail. You
create the list of approved servers. Approved servers can relay through your mail service
without authenticating. Servers not on the list cannot relay mail through your mail service
unless they authenticate first. All servers, approved or not, can deliver mail to your local mail
users without authenticating.
Your mail service can log connection attempts made by servers not on your approved list.
To restrict SMTP relay:
1
In Server Settings, click the Internet tab.
2
Click Mail Service and choose Configure Host Settings.
3
Click the Incoming Mail tab.
4
Select “only hosts in this list” and then edit the list of servers.
Click Add to add a server to the list.
Click Remove to delete the currently selected server from the list.
When adding to the list, you can use a variety of notations.
Enter a single IP address, such as 192.168.123.55.
Enter an IP address range, such as 192.168.40-43.*.
Enter an IP address/netmask, such as 192.168.40.0/255.255.248.0.
Enter a host name, such as mail.example.com
Enter an Internet domain name, such as example.com
5
Optionally select “Log recipient rejections to error log.”
6
Click Save.
LL0395.Book Page 422 Wednesday, November 20, 2002 11:44 AM