Email relays are typically used by larger organizations to distribute a high volume of mail to several internal mail servers. You can use the SMTP relay for this purpose. You can configure separate SMTP relays for incoming and outgoing email. Before you can configure the SMTP relay, you must configure your Smoothwall to allow traffic through to the relay.
- Non-standard SMTP checks: Non-standard SMTP checking checks email that doesn't adhere to the SMTP message format and contains badly formatted or bogus information about the sender and recipient.
- External email relay: All outbound email is attempted to be delivered directly to the appropriate server by default. You can relay all outgoing email to another mail relay.
- Antimalware with the SMTP Relay: You can scan relayed email for malware and take appropriate action as specified by the antimalware settings configured.
Use this page to allow traffic through the relay, turn on antimalware and configure how to relay mail.
Prerequisite
Add an access rule so for the SMTP service :
- On the NETWORK menu, under the Firewall submenu, click Smoothwall access.
- Within a suitable section, click Add. In the Add Smoothwall access rule dialog box, enter the SMTP service Name.
- From the Services list, select SMTP (25) and click Save changes.
For a detailed description of using access rules, including how to configure them, see our help topic, Adding new Smoothwall access rules.
Allowing traffic to the SMTP relay
Note: For the non-standard SMTP checks to work, Smoothwall must be operating as the MX record for the recipient domain. To alter your domain's MX record, you will need to access your domain’s DNS server settings. Refer to your email server documentation or your email provider to find out how to alter the MX record. It should be set to your Smoothwall’s external IP address.
- On the EMAIL menu, under the SMTP submenu, click Relay.
- Under the SMTP relay section:
- To turn on relaying after configuring incoming and outgoing relaying, select the Enable mail relay option.
- From the Maximum email size list, select the maximum email size that you want to accept. Any email larger than this limit are rejected.
- From the Maximum bounce size list, select the maximum size of an email, in kilobytes, used in a bounce email.
- From the Time to hold undeliverable mail list, select the amount of time an email is held in the queue if it can't be sent. Smoothwall periodically attempts to resend all email that's held in the queue.
- To capture outgoing email and relay it, select the Enable transparent SMTP relay option.
- Under the Antimalware section:
- To turn on the antimalware scanning for relayed email, select the Enable antimalware scanning option.
- From the Action to perform on malware list, select what to do if malware is found in relayed email.
- Drop (discard) email: Discard the email, without notifying the sender or intended recipient.
- Bounce email (warn sender): Return the email to the sender, along with a warning message.
- Neutralize email: Send a warning email to the recipient, with the original email as an attachment.
- Allow email delivery: Allow the email to be delivered, and the malware is logged.
- under the Transparent SMTP interfaces section:
- Select the Interface names that SMTP traffic is transparently captured from.
- Port 1.57 Solutions
- Port 3 S2 Imaging Network
- Port 4 S4/S8 Imaging Network
- Port 5 S10/S14 Imaging Network
- Enter any IP addresses to the IP exception list, subnets or ranges that should not be transparently proxied.
- Select the Interface names that SMTP traffic is transparently captured from.
- Click Advanced »:
- Under the SMTP name section:
- To use Smoothwall’s SMTP hostname when relaying email, select the Use system hostname option.
- When relaying email, select the User defined hostname option and enter a name to use a different host name.
- Under the External mail relay section:
- To turn on sending outgoing email to another relay within an existing email infrastructure, select the Enable relay host option.
- Enter the Relay host IP address or host name of the relay.
- Enter the Username and Password for the remote relay.
- under the Non-standard SMTP checking section:
- To make sure that the initial communication between a connecting SMTP client and the email relay are valid, select the Use strict HELO checks option.
- To make sure that the sender domain is formatted correctly and has a real IP address, select the Sender domain validity option.
- To make sure that all recipient domains are formatted correctly and have real IP addresses, select the Recipient domain validity option.
- To see if the sender of incoming email is falsely using an internally relayed domain in their From address, select the External sender domain spoofing option. Emails are rejected if the sender’s email address purports to be from a domain listed on the incoming page, but the sender’s IP address can't be found on the outgoing page.
- Under the SMTP name section:
- Under the SMTP relay section:
- To restart the module, click Save and restart.