How to allow unauthenticated relay from a certain subnet

Article updated on 28 July, 2008

Description

In certain situations, authentication cannot be enabled for the SMTP protocol. This article describes how to allow a certain IP subnet to send without authenticating while leaving authentication enabled to prevent spamming

Error cause

Users receive a "Relay Denied" error while sending messages without authentication.

Resolution

If you cannot enable authentication for the entire server user base, you need to have a certain IP range or subnet that can be allowed remote delivery. This range will be used as the criteria on which delivery to remote domains will be allowed.

NOTE: This rule will apply to the entire server and has to be defined by the server administrator.
  1. Log into the webadmin interface as the "admin" user account.
  2. Go to "Security & Filtering".
  3. Select "Acceptance & Routing".
  4. Go to the "Advanced Settings" tab.
  5. Click on "Add acceptance / routing rule".
  6. Assign a name to the rule in the "Name" field.
  7. In the "Conditions" section, select: "Remote address" -> "IP".
  8. Click the "Add condition" button.
  9. Select the "Range" option and enter the IP range or subnet.
  10. In the "Actions" section, select: "Delivery" -> "Remote".
  11. Click the "Add action" button.
  12. Select the "Allow delivery for all users" option.
  13. Click the "Save Configuration" button.
Now, the email system will allow the remote delivery of messages without authentication only from the range defined in the rule.

NOTE: Any other user connecting from a different IP address not covered by this rule, will still have to use authentication.

Applies to

Releases: Mail Server 5.0.X, Mail Server 6.0.X
OS: Linux, Windows, FreeBSD, OpenBSD, NetBSD, Solaris
Distros: RPM based distros, RPM based distros with gcc3, RPM based distros with gcc4, Slackware, Debian, Ubuntu, Gentoo, FreeBSD 5.4, NetBSD 3.0, OpenBSD 3.8, OpenBSD 3.9, Solaris 10 x86, FreeBSD 6.1, Mandriva Linux, DEB based distros with gcc4, Yellow Dog, Solaris 10 SPARC, Debian 3.1, FreeBSD 6.x, OpenBSD 4.1, Fedora PPC, OpenBSD 4.2


Rate this article

1
2
3
4
5
(Best)

Comments

Enter your name: *
Your email address: *
Comments: *
Enter the code below:
  captcha
Fields marked with * are required

Back to Knowledgebase