Configuring SMTP Connection Settings

Views:

Configure SMTP connection settings to control which MTAs and mail user agents are allowed to connect to the server.

Note

Connection control settings take priority over mail relay settings.

Procedure

Go to Administration → Mail Settings → Connections.

Specify the SMTP Interface settings.

Option

Description

Port

Specify the listening port of the SMTP service.

You can specify up to two ports.

WARNING

If you manually changed the Postfix configuration to add a second port, adding another port from the management console overrides your manual configuration, which might cause system instability.

Disconnect after { } minutes of inactivity

Specify a time-out value.

Simultaneous connections

Click No limit or Allow up to { } connections and specify the maximum allowed connections.

Specify the Connection Control settings.

Select a connections deny list or permit list.
- Select Accept all, except the following list to configure the deny list.
- Select Deny all, except the following list to configure the permit list.

Select an option and then specify the IP addresses.

Option	Description
Single computer	Specify an IPv4 or IPv6 address, and then click [ >> ] to add it to the list.
Group of computers	Select the IP version. Type the Subnet address. If IPv4 was selected, type the Subnet mask. Click [ >> ] to add it to the list.
Import from File	Click to import an IP list from a file. The following list shows sample content of an IP list text file: 192.168.1.1 192.168.2.0:255.255.255.0 192.168.3.1:255.255.255.128 192.168.4.100 192.168.5.32:255.255.255.192

Specify the Transport Layer Security settings.

See Configuring TLS Settings.
Click Save.

Configuring TLS Settings

Transport Layer Security (TLS) provides a secure communication channel between hosts over the Internet, ensuring the privacy and integrity of the data during transmission.

For details about TLS settings, see Transport Layer Security (TLS).

Note

Deep Discovery Email Inspector supports TLS 1.2 and earlier versions.

Procedure

Go to Administration → Mail Settings → Connections.
Go to the bottom of the page to the section titled Transport Layer Security.
Select Enable incoming TLS.

This option allows the Deep Discovery Email Inspector SMTP Server to provide Transport Layer Security (TLS) support to SMTP email relays, but does not require that email relays use TLS encryption to establish the connection.
Select Only accept SMTP connections through TLS for Deep Discovery Email Inspector to only accept secure incoming connections.

This option enables the Deep Discovery Email Inspector SMTP server to accept messages only through a TLS connection.

Click a Browse button next to one of the following:

Option	Description
CA certificate	The CA certificate verifies an SMTP email relay. However, Deep Discovery Email Inspector does not verify the email relay and only uses the CA certificate for enabling the TLS connection.
Private key	The SMTP email relay creates the session key by encrypting a random number using the Deep Discovery Email Inspector SMTP server's public key. The Deep Discovery Email Inspector SMTP server then uses the private key to decrypt the random number in order to establish the secure connection. This key must be uploaded to enable a TLS connection.
SMTP server certification	SMTP email relays can generate session keys with the Deep Discovery Email Inspector SMTP server public key. Upload the key to enable a TLS connection.

Select Enable outgoing TLS.
Click Save.

Keywords: TLS,SMTP connections,transport layer security,administration,message delivery settings,transport layer