User Tools

Site Tools


reference:smtp_general

SMTP -> General tab

This page is reached from ServicesSMTP Server, then the General tab.

This page lets you set general settings for the SMTP service component of VPOP3. The SMTP service is how users send outgoing mail, and how incoming SMTP messages arrive.

Service Name

This sets the display name of the SMTP service in VPOP3. Usually this is set to SMTP Server. There is usually no need to change this unless you have VPOP3 Enterprise and choose to create extra SMTP services with different settings.

Bindings

The service Bindings are which IP addresses & ports the VPOP3 SMTP service will listen on for connections. The default is for it to listen on any available IP address on port 25 which is the standard port for SMTP transmission.

Press the Edit Bindings button to change the bindings.

Encryption

The Encryption option tells VPOP3 what sort of encryption should be used on SMTP connections to VPOP3. This option is only available in VPOP3 Enterprise, if an SSL certificate is available.

The three options are:

  • None/TLS - in this case VPOP3 supports TLS encryption, but will also allow unencrypted sessions from the email client
  • TLS - VPOP3 requires TLS encryption, and will not allow unencrypted sessions
  • SSL - VPOP3 requires SSL encryption

See here for the different types of encryption.

Bandwidth Throttling

The Bandwidth Throttling setting lets you set bandwidth throttling options for this service. For more details, see our blog.

Require SMTP Authentication

If this option is checked, then VPOP3 will require users to authenticate when sending mail via VPOP3. This applies to all connections, unless it is overridden for specific IP addresses in the IP Access Restrictions tab.

In most cases nowadays this option is recommended to be enabled, especially if you are going to be wanting users to send mail from across the Internet (eg from mobile phones etc)

VPOP3 supports both 'AUTH LOGIN' and 'AUTH CRAM-MD5' authentication methods.

So that incoming SMTP mail does not require authentication, the Do not require SMTP authentication for internal/incoming mail option below will allow that to work.

Require POP3 then SMTP authentication

This option enables an alternative method of SMTP authentication. 'Proper' SMTP authentication was not standardised until 1999, so prior to that, authentication was 'guessed' by saying that if you collected mail using POP3, then sent mail from the same IP address within a few minutes, the mail server would assume that you were the same user who had collected mail just prior.

You can tell VPOP3 how long to allow between the POP3 login and the SMTP connection starting. The default is 5 minutes.

If you enable both SMTP authentication and POP3 then SMTP authentication, then either method is allowed.

Require Encrypted authentication

If this box is checked, then VPOP3 will only accept an encrypted authentication method. This could be CRAM-MD5 authentication, or plain text authentication over an encrypted channel (SSL or TLS). Using this will discourage users from sending their passwords in plain text.

Do not require SMTP authentication for internal/incoming mail

If this box is checked, then incoming or internal mail does not need to be authenticated, even if authentication would otherwise be required. In most cases this setting should be enabled to allow incoming SMTP mail to work.

SMTP Anti-Relay Protection

This should be usually set to Check Client IP Address.

This option has other methods which are still available due to historical reasons, but the Check Client IP Address option is the safest, along with good IP Access Restriction settings.

Email relaying is the name given to the act of sending a message to a server for that server to send on to another server. You would usually want to allow your local users to do this, and anyone else not to be able to do it.

  • No Checks - if this option is chosen, then VPOP3 will restrict who can access the VPOP3 SMTP service at all using the IP Access Restrictions. Anyone who can access the VPOP3 SMTP service can relay mail through VPOP3. This can occasionally be useful if you trust everyone who you want to be able to access the VPOP3 SMTP service. Do NOT use this if you allow incoming SMTP mail to arrive from any server.
  • Check from LAN - if this option is chosen, then VPOP3 will allow any IP address which is NOT linked to a dial-up adapter to be able to relay mail through VPOP3. This was useful in the days when people used dial-up adapters to connect to the Internet, but now it is rarely useful.
  • Check FROM address - if this option is chosen, then VPOP3 will allow people to relay mail through VPOP3 if the FROM address matches a local email address. Since this is extremely easy to forge, it is no real protection against unwanted relaying
  • Check Client IP Address - if this option is chosen, VPOP3 will allow ALL IP addresses to send mail to local users, but only those IP addresses listed on the IP Access Restrictions tab will be able to relay mail. This is most useful as it will protect against unwanted relaying, whilst also allowing incoming SMTP to work.

Maximum Message Size

This sets the maximum size, in bytes, of messages which can be sent through VPOP3.

We do not recommend using a value over about 50,000,000 bytes, as that can cause issues for current versions of VPOP3.

Email in general was not designed for excessively large file transfers, and most mail servers will reject mail over between 20MB and 50MB (some will reject mail over 5MB).

Note that when sending binary attachments such as images, Word documents, etc, that the attachment will typically grow by about 33% due to the BASE64 encoding method required to send binary files over the text-only email system.

Reject unrecognised local recipinets

If this option is checked, then VPOP3 will send an SMTP rejection response if someone tries to send a message to an unrecognised local user.

If this option is not checked, then VPOP3 will accept the message, and then send a message back saying the message could not be delivered. This is not recommended as it can cause 'back-scatter'

reference/smtp_general.txt · Last modified: 2018/11/14 10:45 by 127.0.0.1