Identify the levels of security and access control needed to ensure the integrity of your mail server. IMail Server provides several ways to secure your e-mail server; for example:
Mail relay occurs when IMail Server (or any SMTP server) accepts mail destined for another host and delivers it to that host. A message that originates on a computer other than the IMail Server host and destined for another host must pass through the IMail Server (i.e., IMail Server must relay the message). If your users (on the local network) use a POP3 or IMAP mail client to send mail via the local IMail Server, then IMail Server needs to relay mail for them. IMail Server allows for the following mail relay options (listed in order from most secure to least secure):
If you select this option your server may be blacklisted for running an open relay. To prevent this you should select Relay mail for (Addresses).
No mail relay is the best option if you are unable to use Relay mail for (Addresses) because your users dial up using dynamic IP addresses.
Local mail (destined for the IMail Server host or originating from the IMail Server host) does not use the relay function.
Note: During installation, you can select from four options: Relay for select addresses, No mail relay, Relay mail for anyone, and when upgrading: Do not change my existing local mail relay settings. After installation, you can change the relay setting in the Services tab > SMTP Settings page in IMail Server.
For more information on Mail Relay options and other security features, see the IMail Administrator Help.
For secure data communication, SMTP Authentication lets you verify each user who attempts to send mail through your mail server, as long as SMTP Authentication is enabled on the IMail Server. Users need to set their mail clients to do an SMTP login; for example, in Microsoft Outlook on the Tools > Accounts > Mail > Properties > Servers tab select the option My outgoing mail server requires authentication.
SMTP Authentication is used in the following cases:
IMail Server and Web Client uses the Microsoft Internet Information Services (IIS) Secure Sockets Layer (SSL) feature to encrypt communications between the IMail Web Client and Server. To learn more about using SSL with IIS, see the IIS help information.
User's email accounts today are constantly under attack by hackers and spammers. Once an account has been successfully compromised the victim's email account is used to send out spam, viruses and/or malware which can slow down the IMail Server, and then become blacklisted by other mail servers.
The SMTP Service has the capability to set limitations for a users outbound messages by disabling or throttling a user's messages once the Maximum Count within a certain Time Interval has been met, with an ability to also notify the IMail System Administrators when the limitations have been met.
Hacked Account Mail Regulator (HAMR) limits can be configured and customized at multiple levels: System wide, Domain wide or even individually by user. Be reminded that individual user settings will override System and Domain settings; and Domain settings will override System settings. Reset buttons reside at the domain and system levels to clear out any user settings.
The Account Harvesting feature allows the IMail Administrator to control user authentication to prevent attempts by a client to continuously try and gain access and attain user names and passwords. This feature is enabled during the IMail Server installation for SMTP, IMAP and POP3 services.
For more information on Account Harvesting Prevention configurations go to the IMail Web Administrator or Console Administration > Services select one of the services (SMTP, IMAP or POP3) and click on the Mail Administrator Help.