Difference between revisions of "SMTP Interface Settings"
| (One intermediate revision by one user not shown) | |||
| Line 44: | Line 44: | ||
== Level 2 == | == Level 2 == | ||
| + | |||
| + | '''TCP/IP bind address (listen address)''' - Sometimes this needs to be set to the server's IP address rather then 0.0.0.0. This may need to be done if the server has more then one nic. | ||
| + | |||
| + | '''Maximum scan threads''' - Keep in mind GWAVA communicates with the GWIA and will only be able to access the amount of messages that the GWIA can accept or send at one time. If the GWIA is set to 16 threads for incoming and 8 for outgoing then GWAVA would need to have at least 24 threads available. The default is 32. Also, if these are raised the server will need to be able to handle the load. | ||
| + | |||
| + | '''Trusted outbound relay servers''' - Make sure any IP that would be the GWAVA server's IP isn't in here, such as: 127.0.0.1 or a wildcard that this server would fall under: 10.1.1.*. | ||
| + | |||
| + | '''Do not allow AUTH LOGIN''' - Before suggesting that a company enable this, explain that anything that requires the 'auth login' option will not be able to use it. Some companies use this for their cell phones to send email in. | ||
| + | |||
| + | '''Greylist''', '''Conceal 5xx rejection''' and '''Store & forward''' have been known to have a few bugs in them. Don't recommend to turn these on unless the customer needs it. | ||
Latest revision as of 21:45, 17 June 2014
[edit] Level 1
These are the optional settings for the SMTP Interface and what they do:
TCP/IP bind address (listen address) - The IP Address that the GWVSMTP process will use to BIND to. This IP will accept port 25 (default) communication. To change the port that GWVSMTP uses enter in an IP address followed by a colon then port number, eg 10.1.1.100:26. By default, it is set to bind on 0.0.0.0 (all Ethernet interfaces).
Client thread timeout (seconds) - This is the time that GWVSMTP will wait when listening for data. If no bytes are received in the time frame, the connection will be closed.
Maximum number of threads - The maximum number of threads that GWVSMTP will spawn. These are the number of active connections that GWAVA will handle at a given time.
Trusted outbound relay servers - These are the servers that GWAVA will use as trusted outbound relays. If a server on this list connects to GWVSMTP, their connections will be treated as outbound messages.
Connection greeting (banner) - This is the Greeting that GWAVA will use when an SMTP conversation is started up.
EHLO hostname (e.g. server.domain.com) - The EHLO Hostname can be anything. This setting allows the administrator to set it to something specific.
SMTP outbound encryption - The Encryption level for outbound messages. There are 4 options: None, TLS if available, TLS Required, and SSL. These different options provide data encryption but only if the receiving server is set up to use them.
Destination message relay server - The host that GWAVA should use when routing outbound mail.
Destination relay auth username - The username that GWAVA will use for authenticating to the message relay server.
Destination relay auth password - The password for the user.
NOOP interval (seconds) - The interval that GWAVA will use to keep connections open with the internal SMTP Server.
Listen for SSL connections - GWAVA has the ability to listen for SSL connections. This is done by listening on port 465 and only accepting secure communication.
Store & forward - If the internal server is down, GWAVA can queue the message and keep processing them until that server becomes available.
Replace closing banner - Change the closing banner on SMTP conversations.
Advertise 8BITMIME (inbound) - Advertise the 8BITMIME option for email systems that needs support for 8BITMIME.
Do not advertise STARTTLS on EHLO - Do not advertise STARTTLS on EHLO prevents sending email servers from starting TLS sessions.
Do not allow AUTH LOGIN - Do not advertise AUTH LOGIN to prevent users from authenticating to your SMTP Server which could result in spammers being able to relay mail off of your SMTP server.
Conceal 5xx rejection - GWAVA will mask the rejection notification to prevent the sender from knowing that a message was blocked. This has 3 options: None, All, On Quarantine. The recommended option here is the On Quarantine. The message will be stored in the GWAVA quarantine but the sender will think the message was delivered.
Greylist - This option will temporarily put senders in a wait list. They will need to try to connect again at a later time to deliver the message. This has 3 options: None, All, On RBL hit. The recommended option is to leave this at None.
Bandwidth metering - If a senders connection is too slow and using too many threads, GWAVA can terminate those threads by putting a minimum threshold on those connections.
[edit] Level 2
TCP/IP bind address (listen address) - Sometimes this needs to be set to the server's IP address rather then 0.0.0.0. This may need to be done if the server has more then one nic.
Maximum scan threads - Keep in mind GWAVA communicates with the GWIA and will only be able to access the amount of messages that the GWIA can accept or send at one time. If the GWIA is set to 16 threads for incoming and 8 for outgoing then GWAVA would need to have at least 24 threads available. The default is 32. Also, if these are raised the server will need to be able to handle the load.
Trusted outbound relay servers - Make sure any IP that would be the GWAVA server's IP isn't in here, such as: 127.0.0.1 or a wildcard that this server would fall under: 10.1.1.*.
Do not allow AUTH LOGIN - Before suggesting that a company enable this, explain that anything that requires the 'auth login' option will not be able to use it. Some companies use this for their cell phones to send email in.
Greylist, Conceal 5xx rejection and Store & forward have been known to have a few bugs in them. Don't recommend to turn these on unless the customer needs it.
