Show/Hide Toolbars

Navigation: » No topics above this level «

General

Scroll Prev Top Next More

To get to this page, to to ServicesSMTP Server → General

smtp_general_zoom50

Service Name is a name you have given to this SMTP server. It is most useful if you are using VPOP3 Enterprise and have created multiple SMTP services. The name doesn't matter. It is used in the settings (in the service tree at the left of this page) and in any error messages, so that you can tell which SMTP service is being referred to.

The Bindings section is described in the Service Bindings topic.

The Encryption option is only available in VPOP3 Enterprise when an SSL certificate is installed; VPOP3 Basic does not support encryption here. It can be None/STARTTLS, STARTTLS or SSL. SMTP supports two types of encryption, STARTTLS and SSL.

STARTTLS is the standard method. With this method, connections are usually made on the standard ports (25 or 587). The server indicates to the SMTP client that encryption is available, and the client sends a STARTTLS command to switch the session from plain text to the encrypted mode. No sensitive data (authentication details, message details, etc) is transmitted while the session is in plain text mode. None/STARTTLS means that VPOP3 offers encryption to the client, but will allow unencrypted connections. STARTTLS means that VPOP3 offers encryption to the client, and requires it to be used.

SSL is a deprecated method. With this method, the connection is made on a port other than port 25 (usually port 465) and starts off encrypted. This means that the SMTP client must know that the session is encrypted before it connects, otherwise it won't be able to establish a connection successfully.

If you are using the SMTP service for incoming SMTP on port 25, you should use the None/STARTTLS option. Some remote SMTP servers may not support encryption, so using STARTTLS will cause them to be unable to send you mail. Using SSL on port 25 is strongly discouraged.

If you are setting up an SMTP service on port 587 for SMTP Submission, then you should use the STARTTLS option to be standards compliant, but most email clients will work without encryption if you have a reason not to use it.

Bandwidth Throttling allows you to set limits on how fast data will be transferred through this SMTP service. This allows you to prevent it taking up all your available bandwidth. See the Bandwidth Throttling topic for more information.

The Require SMTP Authentication option tells VPOP3 that SMTP clients must log in using SMTP authentication before messages can be sent. This is usually a good idea as it allows VPOP3 to be configured to control/log users' activity. In some cases, email clients may not support SMTP authentication. In that case, you could turn this option off, but a better way may be to use the Allow Unauth option in the IP Access Restrictions tab, to allow specific computers to send without authentication. If you want to allow remote users to send mail through VPOP3, or to restrict which users can send mail from certain IP addresses, then you must enable SMTP authentication (or POP3 then SMTP authentication).

The Require POP3 then SMTP authentication option tells VPOP3 to support a deprecated alternative to SMTP authentication. This option tracks which IP addresses have logged in using the POP3 protocol, and then allows those IP addresses to send mail for a few minutes after that POP3 login. This option is generally not required nowadays because most email clients support proper SMTP authentication, but it is present because people required authentication in the days before the SMTP authentication standard was designed.

If you have both Require SMTP Authentication and Require POP3 then SMTP authentication enabled, then VPOP3 requires one or the other, not both, in order to send mail.

The Require encrypted authentication option means that VPOP3 will not accept login details if the password was sent in plain text. This means it will accept an encrypted form such as CRAM-MD5 authentication, or any authentication over an encrypted connection. Any attempt to log in using a plain text authentication method over an unencrypted connection will cause VPOP3 to reject the login, even if the login details are correct. This is useful for preventing network snooping or certain man-in-the-middle attacks from being able to access users' login details.

The Do not require SMTP authentication for internal/incoming mail option tells VPOP3 that even if authentication is required (see above), then incoming/internal messages will be accepted without the session being authenticated first.

If you are using the SMTP service for incoming SMTP, then you must enable this option, because you can't give a VPOP3 username/password to everyone who might possibly send you messages.

The SMTP Anti-Relay Protection option lets you tell VPOP3 how to detect whether it is can be used for relaying outgoing mail. Generally the Check Client IP Address option is the correct one to use, unless you are sure it should be something else!

There are four options here:

No Checks - VPOP3 will allow any computer which is allowed to connect (using the IP Access Restrictions) to send mail. This will not work for incoming SMTP mail, as you would have to give every computer access to connect so they can connect to send you your messages, but doing so would allow them to send outgoing mail, so VPOP3 will be an open-relay, which is a BAD THING.

Check from LAN - VPOP3 will check that the connection is coming over the network adapter (not a dial-up adapter). This is generally not a very useful check nowadays (it was useful in the days when people used modems).

Check FROM address - VPOP3 checks that the FROM address in the message being sent is a local address. This is easy to fake, so is generally not a useful check nowadays.

Check Client IP Address - VPOP3 checks the sending computer's IP address against the IP Access Restrictions. If the IP address is allowed there, then the computer is allowed to send outgoing email. All other IP addresses are allowed to send incoming mail, but not outgoing mail.

The Maximum Message Size setting lets you tell VPOP3 how big the largest message to be sent should be. We recommend this shouldn't be over about 50MB (50000000 bytes). This is a hard limit, and other limits which can be set (eg in SMTP Rules or per-user settings) will be limited by this size as well. Note that if you send attachments, they will generally grow by about 33% when put into an email, so a 20MB attachment will increase in size to about 26.7MB when sent as an email. Also note that any SMTP servers outside of VPOP3 may have a lower limit than VPOP3, so you may still have problems sending large attachments even if VPOP3 allows it.

Reject unrecognised local recipients tells VPOP3 to give an SMTP 'reject' response when a message is sent to an unrecognised recipient. This is strongly recommended and is the default option. If you don't use this option you may encounter unwanted error messages as the VPOP3 administrator, and VPOP3 may generate ''backscatter', which is a BAD THING.

The Log data for this service option tells VPOP3 to log session data to a log file SMTPSVR.LOG (see the Diagnostics settings for more information. It is equivalent to turning on 'Log SMTP Server Connections' on that page).

If you think this help topic could be improved, please send us constructive feedback