SMTP Blocks are an effective method for temporarily preventing a domain or indiviual user from sending email from the server. For example, if a particular account is sending an abnormal amount of email, you can add their address to the SMTP Blocks list and they will be unable to send email until you remove them. Users and/or domains can be left on the list for whatever time you deem appropriate. This action can be an effective stop-gap versus actually deleting the user and/or domain from the server, giving users or Domain Admininstrators the ability to clean up their act before having their mail server privileges revoked.
NOTE: SMTP Blocks are enabled against a message's Return Path versus using the FROM address because the Return Path is generally more difficult to spoof than simply the FROM: address.
To access the SMTP Blocks, log into SmarterMail as a System Administrator and click on the Settings icon. Then click on Security in the navigation pane and select the SMTP Blocks tab.
To create a new block, click on New. When adding or editing an entry, the following configuration settings will be available, based on the Block Type chosen:
- Block Type - Whether the block affects an email address or an entire domain, or an EHLO domain. An "EHLO domain" is the return value given when SmarterMail sends the EHLO or HELO command. A standard EHLO domain is the fully qualified domain name set up for the mail server you're wanting to block. (E.g., "mail.your_domain.com".) However, it IS possible that it will be something different based on whether the command is sent by the SmarterMail web interface or an email client. For example, it may be the local IP address of the sending machine. Therefore, there is no well-established rule for what should be entered until some testing is done by the System Administrator.
- Blocked Address - The complete email address of the user, the domain name or the value used for the EHLO domain.
- Direction - For user/domain (non-EHLO domain) blocks, this refers to the types of messages that should be blocked from sending: Inbound, Outbound or All Messages.
- Description - A friendly name or brief description of the block.
Note: SMTP blocking does NOT occur immediately when the EHLO command is given. Instead, a "soft" block is used and SmarterMail will fail any authentication attempts or RCPT TO commands. This is because if the failure occurs right after the EHLO commaned, any person attempting to spam from a mail server could figure out what the problem is and change the domain given with the command on each send. A "soft" failure should, instead, make the spammer believe he is using an incorrect password.
One of the primary reasons SmarterMail is so popular is that it's very easy for a system administrator to manage. Not only is SmarterMail's administration all web-based, many of the functions available for administrators can be exported from one machine and imported into another SmarterMail installation. This makes it easy for administrators to have a consistent set of security settings, antispam settings and more across all of the SmarterMail servers in use.
To import or export settings, simply click the Actions (...) button and select either option. When exporting, the settings are saved as a JSON file to the location specified in File Explorer. When importing files, a modal window opens and the corresponding JSON file can be dragged-and-dropped right in the modal or the file can be selected using File Explorer.
(c) 2002-2021 SmarterTools Inc.