SpamTitan

SMTP Settings

Go to System Setup > Mail Relay > SMTP Settings for options to manage SMTP controls that are used to reject messages based on the SMTP properties of the connection and the originating IP address. These options allow you to screen messages before they are downloaded. This saves bandwidth and frees the spam engine from processing messages which could have been identified as spam earlier.

STG-SMTP-settings.jpg

Unsolicited commercial email (UCE) can be blocked by applying strict SMTP checks. This will block some UCE software that violates the SMTP protocol.

The table below describes the different control settings. Click Enable or Disable for each setting.

Setting

Description

Require HELO (EHLO):

Allows you to specify if you want the relay to require that connecting clients send a HELO (or EHLO) command at the beginning of an SMTP session. Requiring this will stop some UCE software. By default, SpamTitan does not require the use of HELO (EHLO).

Require Fully Qualified Hostname:

Enable to reject the request when the hostname in the client HELO (EHLO) command is not in fully-qualified domain form, as recommended by the RFC.

Require Resolvable Hostname:

Enable to reject the request when the hostname in the client HELO (EHLO) command has no DNS A or MX record.

Reject HELO Hostname Restrictions:

Allows you to list HELO hostname entries that will be rejected if used by the connecting client HELO (EHLO) command. For instance, nobody should HELO as localhost since we are localhost.

Allowed HELO Hostname Restrictions:

Can be used to allow connections from clients who may not adhere to the RFC. For example, if you are checking for HELO FQDNs and/or resolvable HELO hostnames and a particular client does not meet these requirements, you can enter that client's HELO entry here to allow the connection to be accepted.

Caution

The connection may still be rejected if, for example, the client fails an RBL check or recipient verification check.

Enforce RFC Compliance:

Enable to control how tolerant postfix is with addresses given in the MAIL FROM or RCPT TO SMTP commands. If enabled, postfix requires envelope addresses to be within angle brackets (<>) and without additional information as required by the RFC (default: disabled).

See https://tools.ietf.org/html/rfc821 icons8-external-link-32.png to view RFC 821 on SMTP.

Note

Sendmail is known to tolerate non-standard behavior. As such, being strict to the RFC not only stops unwanted mail, but it may also block legitimate mail from poorly-written mail applications.

Require Fully Qualified Domain Names:

Enable to reject connections if the address in the client MAIL FROM command is not in fully-qualified domain form, or if the address in the client RCPT TO command is not in fully-qualified domain form.

Reject Unknown Sender Domain:

Enable to reject the request when the sender mail address has no DNS A or MX record.