 Difference Between Relay Control and Sender Policy SMTP Settings [message #146624] |
Wed, 18 September 2019 13:34  |
 |
jcooper
Messages: 113
Registered: May 2009
Location: Syracuse, NY
|
|
|
|
These two settings, one under SMTP Server and one under Security, both seem to address authentication requirements for SMTP. Don't they do the same thing? Why would I check one and not the other?
Thanks,
Jeff
[img]/index.php?t=getfile&id=5043&private=0[/img][im g]/index.php?t=getfile&id=5042&private=0[/img]
|
|
|
|
| Re: Difference Between Relay Control and Sender Policy SMTP Settings [message #146632 is a reply to message #146624] |
Wed, 18 September 2019 23:42  |
Bud Durland
Messages: 586
Registered: December 2013
Location: Plattsburgh, NY
|
|
|
|
Relaying is sending messages to a domain other than the one the server is responsible for. If your domain is 'Example.com', and someone makes an SMTP connection to it and tries to send to 'john.doe<_at_>SomeOtherDomain.com', that is relaying. The first screen shot sets the rules in order for someone to do that. There are (generally) 3 options -- the user is connecting from a trusted IP address, the user has successfully authenticated via SMTP, or has recently successfully authenticated via POP3. Once one of those rules is met, they can send, regardless of the 'sending' domain. The 'trusted IP' rule is often useful for in-house servers or devices that need to send mail, but cannot do SMTP authentication. None of the rules would come into play if the destination domain is 'Example.com'.
The second screen shot defines what happens when the sender connects to SMTP, and claims "This e-mail is from 'Jane<_at_>Example.com'", and is basically the server responding with a "Oh really? Prove it". This is meant to be a defense against incoming spam that is using a spoofed e-mail address.
Hope this helps.
|
|
|
|
|
|
Members
Search
Help
Register
Login
Home
