The SMTP server defines who can send outgoing messages via Kerio Connect and what actions they can perform.
If an unprotected SMTP server is accessible from the Internet, anyone can connect and send email messages through Kerio Connect. For example, spammers can use the company's SMTP server to send out spam messages, and as a result, the company could be added to spam blacklists. This article describes the steps to configure the SMTP server.
NOTE: Kerio Connect does not check messages from the allowed IP addresses with SPF, Caller ID, and SpamAssassin.
Step by step guide
Configuring the SMTP server
To specify who can send messages from outside the server:
- In the administration interface, go to the Configuration > SMTP Server > Relay Control section.
- Choose the Allow relay only for option.
- To specify a group of IP addresses from which users can send outgoing messages, check the Users from IP address group option and the IP address group from the drop-down list.
- To always require authentication when sending outgoing messages, check the option Users authenticated through SMTP for outgoing mail. When this option is enabled, users from the allowed IP address group must also authenticate.
NOTE: If both the Users from IP address group and Users authenticated through SMTP options are chosen, and the SMTP authentication fails, Kerio Connect does not verify whether the user belongs to the allowed IP address and users cannot send outgoing messages.
- To allow users who have previously authenticated through POP3 to send outgoing messages from the same IP address, check the Users previously authenticated through POP3 option and specify the time allowed for the SMTP relay.
- Click Apply.
Sending outgoing messages through multiple servers
NOTE: New in Kerio Connect 9!
In Kerio Connect 8 and older, users can define only a single SMTP relay server.
Kerio Connect can deliver messages:
- Directly to destination domains using their MX records (the default SMTP relay server rule)
- Through multiple SMTP servers. For example, Kerio Connect can use different SMTP relay servers for different domains in Kerio Connect.
To define an SMTP relay server:
- In the administration interface, go to Configuration > SMTP Server > the SMTP Delivery tab.
- Click Add.
- Enter a description for the server.
- To use only a single SMTP server to send messages, check Always use this relay server.
- To specify rules for the SMTP server:
- Check the option Use this server if.
- Define a rule for the sender or recipient.
- Enter the relay server hostname and the server port.
- If the server requires authentication, check the option Relay server requires authentication and enter the username and password, then specify the authentication method.
- Click OK.
- Click Apply.
Kerio Connect processes the rules from the top down. The first server that matches is used to send the message. To change the order of the rules, choose a rule and use the arrows on the right side to move it up or down.
To temporarily disable a rule, uncheck the box next to the rule name.
Sometimes a legitimate message can be rejected. This may happen, for example, when a salesperson sends multiple messages to customers and exceeds the limits set for the SMTP server. Adjust the settings on the Security Options tab.