PSCS Wiki

User Tools

Site Tools

Trace:
how_to:allowing_mail_relay_through_vpop3

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
how_to:allowing_mail_relay_through_vpop3 [2009/05/18 11:58] mikehow_to:allowing_mail_relay_through_vpop3 [2018/11/14 10:45] (current) – external edit 127.0.0.1
Line 1: Line 1:
-=====How To Allow Mail Relay Through vPOP3=====+=====How To Allow Mail Relay Through VPOP3=====
  
 If you are allowing remote access into VPOP3 [[Allow Remote Access to VPOP3 Mailboxes|to collect mail]] then you may also want those remote users to be able to send their outgoing mail through VPOP3 as well. If you are allowing remote access into VPOP3 [[Allow Remote Access to VPOP3 Mailboxes|to collect mail]] then you may also want those remote users to be able to send their outgoing mail through VPOP3 as well.
Line 9: Line 9:
 In this case, you need to change the VPOP3 configuration to make it use the 'Authentication' extension to the SMTP protocol so that your remote users can log on before sending mail. This works fine as long as the remote users are using email client software which supports SMTP authentication. (Most modern email clients do, but some older ones don't). In this case, you need to change the VPOP3 configuration to make it use the 'Authentication' extension to the SMTP protocol so that your remote users can log on before sending mail. This works fine as long as the remote users are using email client software which supports SMTP authentication. (Most modern email clients do, but some older ones don't).
  
-To do this, go to the ''Services -> SMTP'' page in the VPOP3 settings.+To do this, go to the **Services -> SMTP** page in the VPOP3 settings.
  
-Click on ''Require SMTP Authentication'' and ''Do not require SMTP authentication for internal/incoming mail''+In the **SMTP Authentication** box, choose **Required**, and check the **Do not require SMTP authentication for internal/incoming mail** option.
  
-Make sure the ''SMTP Anti-Relay Protection'' method is set to ''Check Client IP Address''.+(In earlier versions you may need to check the **Require SMTP Authentication** and *Do not require SMTP authentication for internal/incoming mail** options instead.)
  
 +Make sure the **SMTP Anti-Relay Protection** method is set to **Check Client IP Address**.
 +
 +=====VPOP3 Version 5 or later=====
 +Go to the **SMTP Server -> IP Access Restrictions** tab
 +
 +{{:how_to:smtpaccessrestrict5.png?nolink|}}
 +
 +The default settings will have **Block - routers** and **Allow - Local Nets** entries. These will block the router itself from sending outgoing email, and anyone on the local network will be able to send outgoing mail.
 +
 +Now you have checked the **Require SMTP Authentication** box, local users will still be able to send mail, but only if they change their email client configuration to use SMTP authentication. If you wish, you may check the **Allow Unauth** box next to the **Local Nets** entry to allow your local users to send mail without authenticating. If you have added any other 'trusted' networks, eg other subnets on your office network, you may also choose to check the **Allow Unauth** box for those rules as well.
 +
 +Then, add another restriction to **Allow - Any**. Do NOT check the **No Auth** box for this entry. This lets any user send mail as long as they have authenticated first.
 +
 +If you wish, you can click on the cell in the **Users** column on the **Allow Any** row to select users who can send mail from the Internet. If you don't do this, then any user can send mail from the Internet. In the screenshot above, we have allowed the 'support' and 'webmaster' to send outgoing mail from the Internet.
 +
 +
 +=====VPOP3 Version 3 or 4=====
 +Go to the **SMTP Server -> IP Access Restrictions** tab
 +
 +If you still have your default access restrictions in play, you may check the **No Auth** box next to the network address for your local network. This will allow your local users to send mail without authenticating. (This is optional, you may wish to require your local users to authenticate as well, for extra security)
 +
 +Add another restriction to **Allow - Any**. Do NOT check the **No Auth** box for this entry. This lets any user send mail as long as they have authenticated first.
 +
 +{{:how_to:smtprelay1.png|}}
 +
 +You can optionally add VPOP3 account names to the **Allow Any** entry if you want to restrict the users who can send mail from the Internet, eg
 +
 +** Allow Any - fred bob**
 +
 +means that only the ''fred'' and ''bob'' user accounts can send mail from the Internet
 +
 +
 +=====VPOP3 Version 1.5=====
 You now need to modify the entries in the ''Access Restrictions'' box. If you currently have there something like: You now need to modify the entries in the ''Access Restrictions'' box. If you currently have there something like:
  
Line 37: Line 70:
 If you want all users (including local users) to have to authenticate with VPOP3 before sending mail, you can remove the ''noauth'' text at the end of the line allowing access from your local LAN. If you want all users (including local users) to have to authenticate with VPOP3 before sending mail, you can remove the ''noauth'' text at the end of the line allowing access from your local LAN.
  
-{{tag>security services remote}}+{{tag>security services remote relay}}
  
  
how_to/allowing_mail_relay_through_vpop3.1242644297.txt.gz · Last modified: 2018/11/14 10:44 (external edit)

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki