User Tools

Site Tools


how_to:vpop3_sending_high_volumes_of_unrecognised_mails

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

how_to:vpop3_sending_high_volumes_of_unrecognised_mails [2018/11/14 10:45] (current)
Line 1: Line 1:
 +======SMTP Relay Protection in VPOP3======
 +SMTP Relay Protection should be used on ALL SMTP mail servers (such as VPOP3) which have a permanent connection to the Internet. You may also want to use it on servers which are only connected occasionally via a dial-up connection.
  
 +SMTP Relay Protection is needed because junk emailer'​s (SPAMMERS) often do network scans looking for unprotected mail servers and then use those to send their junk email out to other people on the Internet - so they are using your mail server without your permission.
 +
 +There are several ways of protecting VPOP3 against this type of abuse. In general the best way is to make VPOP3 check the IP address of the computer which is connecting to it against a list of allowed addresses. If the connecting computer is an allowed one, VPOP3 will let it send local or outgoing mail, otherwise it will just allow it to send mail to local users (this is needed for incoming SMTP connections).
 +
 +=====To protect VPOP3 2.0.0 and later=====
 +On the Services page, click on SMTP Server From the SMTP Anti-Relay Protection list choose Check Client IP Address. Then, in the '​Access Restrictions'​ box, enter the TCP/IP addresses you want to be able to send outgoing mail. For instance, to allow computers in the TCP/IP subnet 192.168.1.0 with subnet mask 255.255.255.0,​ add a line
 +
 +      192.168.1.0 255.255.255.0 ​
 +
 +Note: If you have a proxy server between the Internet and VPOP3, this should be EXCLUDED from the access restrictions range allowed by VPOP3, eg if the proxy server is 192.168.1.100,​ add a line
 +
 +      !192.168.1.100 255.255.255.255 ​
 +
 +If you don't do this, any incoming connections through the proxy server will be allowed, regardless of where the user's computer is - this is because all these connections will appear to be coming from the proxy server'​s IP address.
 +
 +=====To test the relay protection=====
 +Go [[http://​www.abuse.net/​relay.html|here]] to test the VPOP3 relay protection settings. This site is run by abuse.net who run the '​Network Abuse Clearinghouse'​
 +
 +{{tag>​security remote relay sending}}
how_to/vpop3_sending_high_volumes_of_unrecognised_mails.txt ยท Last modified: 2018/11/14 10:45 (external edit)