Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » How to configure KMS so that it can receive bSMTP mail?
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
How can I configure (and test) KMS so that it can receive email from our ISP’s batch-SMTP connection?

Probably a dumb question, but I can’t get my head around it… sorry! ;)

As of Wednesday next week mail will be delivered to KMS using bSMTP. (The MX records point towards our ISP so they can scan for viruses and spam after which they forward the message to our KMS with bSMTP.)

Problem/ignorance/my stupidy:
When I currently try connecting to KMS from the Internet via SMTP (by telnetting to port 25), it will deny me access. Sure, that’s because in ‘SMTP Server settings’ -> ‘Relay Control’ I do not allow relaying from anywhere other then the local LAN. But what has relaying have to do with receiving mail? Is there something else I need to enable?

So how can I configure (and test) KMS so that it can receive email from our ISP’s bSMTP connection?

Background:
Up until now our KMS has retrieved its messages by POP3-ing our 'old' mail server for each user. (This old server received mail using some proprietary means, very 80's style :-) Now all users are migrated, the old mail server is no longer needed, so I'd like to remove this link in the chain.


  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Ah, after some more searching I've found a hint to the answer here http://www.kerio.com/manual/kms/en/ch16s02.html :
Quote:

Anyone can connect to the SMTP server to send messages to local domains. However, only authorized users will be allowed to send email to other domains.

Still, I've configured KMS exactly as figure 16.2 on the above link and any connection to port 25 is denied by KMS, even before KMS could have determined if the mail was going to it's local domain or not...
Quote:

Microsoft Telnet> open
( to ) webmail.okura.nl 25
Connecting To webmail.okura.nl...
554 5.7.1 Access denied

  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
Check configuration of SMTP service in Configuation/Services. You have probably restricted access to SMTP service only to certain group of IP addresses.
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
< deleted loads of nonsens :) >

Hm, I was looking at the incorrect options. Now I understand better. Under services you can specify who actually can connect to the SMTP service and under the Relay Options you specify the subset of these users that can use KMS to send mail to domains other than the local.

I was confused, because if you add an IP address to the Relay Options 'Allow relay only for', that IP is able to connect to the SMTP service, even though based on the SMTP Service settings it should not be able to even connect. Hm.

[Updated on: Thu, 13 April 2006 20:00]

  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
One more question:
Because our mail will get delivered by bSMTP, all our incoming mail is essentially coming from a single IP address.

Is the option SMTP Server -> Security Options -> 'Max. number of messages per hour' has any bearing on this? Or is this option only applicable to relayed mail (not locally delivered mail)?

Should I add the ISP's mailserver do the 'Do not apply these limits to IP address group'?
  •  
Kerio_jthomas

Messages: 511
Karma: 1
Send a private message to this user
Yes, the 'Max. number of messages per hour' will be applied to any addresses except those you have whitelisted. We commonly see this problem with people who use a seperate spam/antivirus proxy server.

What you are trying to describe (anyone can connect on port 25, relaying is denied) is default Kerio behavior. This has to be the case, else how would email from other domains be delivered to you? You should not have to configure anything special to make this work.

Make sure:

* Under Services -> SMTP, you do not have it limited to some particular group of IPs.

* If you are having messages delivered in bulk to Kerio, make sure the sender waits for the SMTP greeting before trying to send mail, or you will run into the SpamRepellant feature. You may need to whitelist that server.

* Check your firewall....


Joshua Thomas
Technical Support Manager
2350 Mission College Blvd, Suite 400
Santa Clara, CA 95054
Phone: (408) 496-4500
Fax: (408) 496-6902
http://www.kerio.com/support.html

  •  
Kerio_jthomas

Messages: 511
Karma: 1
Send a private message to this user
winkelman wrote on Thu, 13 April 2006 10:35



I was confused, because if you add an IP address to the Relay Options 'Allow relay only for', that IP is able to connect to the SMTP service, even though based on the SMTP Service settings it should not be able to even connect. Hm.


Yes, the Relay Options have precedence over the SMTP Service settings. AFAIK.

Joshua Thomas
Technical Support Manager
2350 Mission College Blvd, Suite 400
Santa Clara, CA 95054
Phone: (408) 496-4500
Fax: (408) 496-6902
http://www.kerio.com/support.html

  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Thanks Joshua, with your help all is fine now.

In the end it was straightforward enough, but sometimes you can stare at something for too long and then some external pointers are very helpful :)
Previous Topic: Archiving by domain
Next Topic: local ip information in header
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Nov 24 14:23:16 CET 2017

Total time taken to generate the page: 0.00480 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.