<< Click here to display Table of Contents >> Navigation: Security Menu > Security Settings > Sender Authentication:

SMTP Authentication

Contents

SMTP Authentication

Don't apply IP Shield to authenticated sessions

When this control is active, the IP Shield restrictions will not apply to authenticated users. Mail will be accepted from an authenticated user regardless of the IP address from which he or she connects. Further, when a user doesn't authenticate and access is refused, the message returned to the SMTP client will be "Authentication required" in order to give the user a clue that he can fix the problem by configuring the mail client to use authentication before sending a message. This option is enabled by default.

Don't apply POP Before SMTP to authenticated sessions

If you are utilizing the POP Before SMTP security feature, you can click this option to make authenticated users exempt from this restriction. An authenticated user will not need to check his or her email before sending messages.

Authentication is always required when mail is from local accounts

When this option is enabled and an incoming message claims to be from one of MDaemon's domains, the account must first be authenticated or MDaemon will refuse to accept the message for delivery. This option is enabled by default.

...unless message is to a local account

If you are requiring authentication when a message is from a local sender, but wish to skip the authentication restriction when the recipient is local as well, then click this option. Note: this may be necessary in some situations where you require some of your users to use different mail servers for outgoing and incoming mail.

Authentication is required for all SMTP sessions

This option forces AUTH for all SMTP sessions, which is useful in certain specialized configurations in which you are sure that all incoming connections can authenticate. If enabled, MDaemon will respond to 'DATA' with a 5xx error-code unless the session has been previously authenticated. This option will also honor the "Authentication credentials must match those of the email sender" setting specified below. This option is disabled by default.

This option should not be enabled unless you know that all legitimate incoming SMTP connections to your server will authenticate, which is an uncommon and specialized configuration. Enabling this option in other situations could unintentionally cause MDaemon to begin rejecting legitimate incoming messages.

Mail from 'Postmaster', 'abuse', 'webmaster' must be authenticated

Click this checkbox to require messages claiming to be from one of your "postmaster@...", "abuse@..." or "webmaster@..." aliases or accounts to be authenticated before MDaemon will accept them. Spammers and hackers know that these addresses might exist, and may therefore attempt to use one of them to send mail through your system. This option will prevent them and other unauthorized users from being able to do so. This option is mirrored on the Options screen of Aliases. Changing the setting here will change it there as well.

Authentication credentials must match those of the email sender

Use this option if you wish to require a sender to use only his own credentials for authentication. So, for example, user1@example.com would only be allowed to authenticate using the user1@example.com account credentials. If he attempted to authenticate using user2@example.com then it would not be allowed, even if the user2@example.com credentials were valid. This option is enabled by default.

Global Authentication Password

Some configurations may require a global authentication password. If you require that then designate that password here.