- Solution Overview
- Security Layers
- Services Architecture
- Administration Tools Overview
- Clustered Operations
- Integrating with Other Solutions
The SMTP Receiving module in Axigen establishes the dialogue with other entities via SMTP / ESMTP protocols, receives the mail message (if all conditions set by you are fulfilled) and forwards the mail message to the Processing module.
SMTP Receiving Service Overview
This module protects the mail server against attacks and ensures a good functionality (adjusted to the processing power of the hardware, the bandwidth, and other factors) due to functions as configurable listeners, thread and client management, user authentication and a built-in SPF authentication procedure.
In Axigen, at SMTP Receiving level, specific anti-spam tests can be performed, thus ensuring basic email sorting before reaching the queue. The SMTP Receiving module accepts connections as specified by SMTP listeners defined in the configuration file, receives the message and performs the enabled anti-spam tests (e.g. SPF, MX, reverse DNS checks) at the appropriate SMTP event.
Listeners can be defined and managed to add extra flexibility and configurability to this service. For that, global access limitations, SSL Settings and access lists can be enforced on the address used by this service for binding.
Access rules allow you to control connection to this service by defining simple access lists for specific Networks / IP Ranges / IP’s. Service level access rules are automatically applied to all its listeners and will override for this service any existing Global Access rules.
Authentication is a method for preventing non-desirable actions by granting access to Axigen server's SMTP Receiving features to authenticated users only.
The Axigen server supports authentication, meaning it can be instructed to accept only connections/messages from authenticated entities. However, not all mail clients support this feature. If your mail client does not support SMTP authentication, this feature will not be available.
SMTP Receiving authentication parameters allow you to specify the authentication methods to be used for secured or unsecured connections. The available types are: Normal login, Plain, Login, CramMD5, DigestMD5, and GSSAPI.
Message Acceptance Rules
At SMTP-connection level message acceptance rules can be configured and implemented to best suit security requirements. Incoming connections established via SMTP and the message flow can be easily managed, using already established policies, to help save space and resources for email processing.
Flow control parameters can be adjusted to fine tune the server’s performance and avoid overloading it. Global access limitations to this listener can be enforced by setting the total number of simultaneous connections, concurrent connections from each remote IP address, number of new connections to the listener made in a time period interval, number of total connections from each remote IP address on a time interval period. The default interval for this time period is set to 1 minute.
As an additional security enhancement, the SMTP Policy system can call external Milter type filters. More information on functions defined for using external Milter filters are available in the AntiSpam and AntiVirus sections.
All Axigen main services can log different types of events. You can specify what events are logged, where and how they are logged.
Email Loop Protection
To prevent looping emails from increasing your mail server's traffic set a number of maximum received headers for received emails.
To protect the server, the number of failed / wrong commands received from SMTP clients during one session can be limited. When these limits are exceeded, incomplete connections or connections that are not RFC compliant will be dropped thus freeing important bandwidth.
If you do not specify a limit for the maximum number of (authentication) errors allowed for an SMTP client's session, security risks may arise.
The Axigen mail server is designed to run on different machine configurations and operating systems, on networks with various traffic loads, structures, domain configurations, user rights etc. That is why, depending on all these variables, you can adapt the workload to the server’s processing power to improve its performance or avoid overload by setting the minimum and maximum number of threads that can be opened at a specific moment of time.