Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » outside filtering
  •  
badams7

Messages: 42
Karma: 0
Send a private message to this user
Trying to figure out if this can be done in Kerio.

I have several postfix servers operating in the below fassion. I am hoping Kerio can do something similar.

Some customers are running outside filtering services for SPAM/AV.

I want to set the Kerio mail server to only accept email from the ip address space of the SPAM/AV service.

However, all of the endusers need to be able to connect and auth through port 25.

This poses a problem where spammers can make direct connections to the server and bypass the outside filtering (many spammers disregard MX records).

In postfix, we use two different methods.

1) We force the end-users to SMTP auth on port 465 or 587 and only allow the spam/av subnet.

2) We configure postfix to only allow outside email from auth'd connections and subnets from the spam/av service.

This is accomplished by permitting sasl authenticated users, checking client access (cidr map), and rejecting everything else.

We prefer option 2 because it does not require the client to change anything. In addition, this allows us to host domains that do not use the spam/av service. We can add their domain to a check_recipient_access map to allow direct connections for their domain only.

Does anyone know how to accomplish something similar in Kerio?
Previous Topic: Read receipt tracking in KOC
Next Topic: public Calendar How To?
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 25 01:20:28 CET 2017

Total time taken to generate the page: 0.00332 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.