Mail servers accept messages for recipients that have their mailboxes hosted on the mail server itself. Any attempt to send a message to a non-local recipient (i.e.: a recipient on a different mail server) is called a 'relay'. It is critical to regulate who can send messages to others (non-local recipients) or the server will be identified as 'Open Relay'. The server is secured by configuring strict rules as to who can use the server to relay messages to non-local recipients.
For a server connected to the Internet, the recommended relay setting is to have "Allow relay for authenticated senders" enabled, and leave "Allow relay for local sender addresses" disabled. This is the default setting when MailEnable is installed, and will make everyone who wants to send email through the server provide a username and password.
To access the SMTP Relay options, open the Administration program, expand the Servers->Localhost->Connectors branch, right click on the SMTP icon, select Properties from the popup menu, and select the Relay tab.
Find below an explanation of the various relay settings.
|Allow relay for authenticated senders||This means that users who try to send mail out through the server need to enter a username and password (i.e. this option enables SMTP authentication). To set this is different for various mail clients, but in Microsoft Outlook Express and Microsoft Outlook for instance, this is in account properties via the "My server requires authentication" checkbox under the "Servers" tab. It is advisable to have this option enabled if privileged IP ranges are not being used.|
|Allow relay for privileged IP ranges||This will allow users with certain IP addresses to send email through the server. If the IP addresses of those users who are able to send email out through the server is known, then use this option. DO NOT select this if there is not a set a list of IP addresses, as this may inadvertently allow everyone access. Normally this option is not selected.|
|Allow relay for local sender addresses||This will allow users to send mail if their From address has a domain that you host on MailEnable. For instance, if you host example.com, and someone sends a mail that has their From address as firstname.lastname@example.org , the email will be sent. Unfortunately, spammers may still abuse this by pretending they are one of your users, so most servers will not use this option.|
How to test if a server is secured from abuse (Open Relay Test): Article ME020168
Has the server been spammed through open relay?: Article ME020339
How MailEnable determines who can relay: Article ME020034