IBM AH0QXML User Guide - Page 71
Inbound relay enforcement
![]() |
View all IBM AH0QXML manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 71 highlights
Table 4-4 Avoid these inbound relay configurations Allow to Deny to Allow from Deny from Result of inbound relay setting xyz.com abc.com All hosts, except abc.com can relay mail to any destination. abc.com can relay to any destination, except xyz.com. xyz.com * All hosts can relay mail to any destination except xyz.com xyz.com abc.com All hosts can relay mail to any destination. * abc.com All hosts, except abc.com, can relay mail to any destination xyz.com abc.com All hosts, except abc.com, can relay mail to any host. abc.com can relay mail to xyz.com 4.4.2 Inbound relay enforcement New to Domino 6 are the inbound relay enforcement configurations. These options allow tighter control over the hosts that are allowed to relay off your Domino server. You can choose whether the Domino server performs relay checking for all hosts, external hosts only, or disable relay checking all together. Enabling anti-relay enforcement allows you to further exclude certain hosts from being checked against your inbound relay controls options. You could choose to perform checking on all hosts and yet, exclude certain hosts (whether external or internal) from being checked by explicitly entering these hostnames or IP addresses in the "Exclude these connecting hosts from anti-relay checks." Domino 6 enables "Anti-relay enforcement checking for all External Hosts" by default. If you choose not to make adjustments to the default settings, you can rest assured that your server will perform inbound relay checking for external hosts. Using the "Exceptions for authenticated users" field, you can choose to allow or deny your POP or IMAP users to relay. This new field allows authenticated users to use the Domino server as a relay for messages to the Internet. POP or IMAP users have to configure their mail client to authenticate again with Domino SMTP Server. Name and password authentication must be enabled on the Domino Server. After the SMTP Listener task determines the user has been authenticated, it treats the connection as if it originated from a local user and exempts it from inbound relay controls. This is especially helpful when a POP or IMAP user accesses the Domino server by way of an Internet Service Provider. Domino would normally treat this inbound connection as a remote connection, perform anti-relay checks, and fail the relay attempt due to the address not being recognized as local. Chapter 4. Domino 6 Server anti-spam features 59
![](/manual_guide/products/ibm-ah0qxml-user-guide-c7a8df4/71.png)