Smtp authentication, Restricted smtp relay – Apple Mac OS X Server (Administrator’s Guide) User Manual

374

Chapter 9

You can also take steps to prevent senders of junk mail from using your server as a relay
point. A relay point or open relay is a server that unselectively receives and forwards all mail
addressed to other servers. An open relay sends mail from any domain to any domain. Junk
mail senders exploit open relay servers to avoid having their own SMTP servers blacklisted as
sources of spam. You do not want your server blacklisted as an open relay, because other
servers may reject mail from your users.

Your mail service can do any of the following to reduce spam:

m require SMTP authentication

m restrict SMTP relay, allowing relay only by approved servers

m reject all SMTP connections from disapproved servers

m match the DNS name of every mail server to the reverse-lookup of its IP address

m reject mail from blacklisted servers

SMTP Authentication

If your mail service requires SMTP authentication, your server cannot be used as an open
relay by anonymous users. Someone who wants to use your server as a relay point must first
provide the name and password of a user account on your server. SMTP authentication
applies to mail relay, but does not apply to delivery of mail for local mail service users. Your
mail service always accepts mail for local delivery without SMTP authentication.

Your local mail users must also authenticate before sending mail. This means your mail users
must have mail client software that supports SMTP authentication or they will be unable to
send mail.

Restricted SMTP Relay

If your mail service allows SMTP relay only by approved mail servers, then the approved
servers can relay through your mail service without authenticating. You create the list of
approved servers. Servers not on the list cannot relay mail through your mail service unless
they authenticate first. All mail servers, approved or not, can deliver mail to your local mail
users without authenticating.