The SMTP server defines who can send outgoing messages via Kerio Connect and what actions they can perform.
If an SMTP server is accessible from the Internet, anyone can connect and send email messages through Kerio Connect. For example, spammers can use the company's SMTP server to send out spam messages, and the company might be added to spam blacklists.
Configuring SMTP Server
To specify who can send messages from outside of the Kerio Connect server, please follow the steps below:
- In the administration interface, go to Configuration > SMTP Server > Relay Control.
- Select the Allow relay only for option.
- To specify a group of IP addresses from which users can send outgoing messages, check the Users from IP address group option and select the desired group.
- To only enable authenticated users to send outgoing messages, check the option Users authenticated through SMTP for outgoing mail. When this option is enabled, users from the allowed IP address group must also be authenticated.
Note: If the Users from IP address group and Users authenticated through SMTP options are selected and the SMTP authentication fails, Kerio Connect does not verify whether the user belongs to the allowed IP address. As a result, users cannot send outgoing messages.
- To allow users who have previously authenticated through POP3 to send outgoing messages from the same IP address, check the Users previously authenticated through POP3 from the same IP address option and specify the desired time.
- Click Apply.
Sending Outgoing Messages Through Multiple Servers
In Kerio Connect 8 and older versions, users can define only a single SMTP relay server. In Kerio Connect 9, users can send outgoing messages via multiple servers.
Kerio Connect can deliver messages:
- Directly to destination domains by using their MX records (the default SMTP relay server rule).
- Through multiple SMTP servers. For example, Kerio Connect can use different SMTP relay servers for different domains in Kerio Connect.
To define an SMTP relay server, please follow the steps below:
- In the administration interface, go to Configuration > SMTP Server > SMTP Delivery.
- Click Add.
- Enter a description for the server.
- To use a single SMTP server to send messages, check Always use this relay server.
- To specify rules for the SMTP server:
- Check the option Use this server if.
- Define a rule for senders or recipients.
- Enter the relay server hostname and port.
- If the server requires authentication, check the option Relay server requires authentication and enter the username and password, then specify the authentication method.
- Click OK.
Kerio Connect processes the rules from the top down. The first matching server is used to send the message. To change the order of the rules, select a rule and use the arrows on the right side to move it up or down.
Note: Setting up two SMTP rules with the Always use this relay server condition will not work correctly - Kerio Connect cannot use two SMTP rules in the failover mode. The purpose of setting up multiple SMTP rules is to use a specific server for a specific sender/recipient domain.
To temporarily disable a rule, uncheck the box next to the rule name.
Sometimes a legitimate message can be rejected. This may happen when a salesperson sends multiple messages to customers and exceeds the limit configured on the SMTP server. You can adjust the settings in the Security Options tab.
If you are using 3rd party email provider (e.g., Gmail, Exchange, etc.) as an SMTP relay, it is recommended to contact both teams (Kerio Connect support and 3rd party email provider support) to align the configuration.
- Securing the SMTP server
- Limiting the Size of Incoming Messages Delivered via SMTP
- SMTP Status and Reply Codes