<< Click here to display Table of Contents >> Navigation: Security Menu > Security Settings > Screening:

Host Screen

Contents

The Host Screen is located at: Security » Security Settings » Screening. It is used to define which remote hosts will be allowed to connect to your local IP addresses. You may specify a list of hosts and configure the server to allow only connections from those hosts, or you can configure it to refuse connections from the listed hosts. Host screening compares the EHLO and PTR values determined during the SMTP session with the values specified here.

New Host Screen Item

To create a new Host Screen entry, click New. This will open the New Host Screen Item dialog for creating the entry.

Local IP

Use this drop-down list to choose the local IP address to which this Host Screen entry will apply. Choose "All IPs" if you wish it to apply to all of your local IP addresses.

Remote host (* and # wildcards ok)

Enter the remote host that you wish to add to the list, associated with the Local IP designated above.

Accept connections

Selecting this option means that the specified remote host will be allowed to connect to the associated local IP address.

Refuse connections

Selecting this option means that the specified remote host will NOT be allowed to connect to the associated local IP address. The connection will be refused or dropped.

Remove

To remove an entry, select the entry in the list and click Remove.

Default Action

To specify the default action for connections from remote hosts that have not been defined, select an IP address from the list and click accept or refuse. Once a default action has been specified, you can change it by selecting the "<default>" node beneath the IP address and then selecting the new default setting.

When this option is chosen, connections from any host not specifically defined on the Host Screen will be accepted.

refuse

When this option is chosen, connections from any host not specifically defined on the Host Screen will be refused.

The Host Screen will never block trusted or local hosts.

IP & Host Screening Options

Apply IP Screen to MSA connections

Use this option to apply IP Screening to connections made to the server's MSA port. Normally this is not necessary. This setting is disabled by default.

Apply Host Screen to MSA connections

Use this option to apply Host Screening to connections made to the server's MSA port. Normally this is not necessary. This setting is disabled by default.

Drop connection on Host Screen refusal

When this option is enabled, the connection will be dropped immediately upon a Host Screen refusal.

Drop connection after EHLO (Do not wait for authentication)

Enable this option if you wish to drop banned connections immediately following EHLO/HELO. Normally you would wait for authentication. This setting is disabled by default.