Privacy MTA

Inbound Traffic and Security

This page allows you to select parameters for incoming e-mail traffic and security checks.

Settings

The first few choices allow you to specify a custom list of file extensions that will be used to prevent all attachments from being opened. As a shortcut, use the ADD often prohibited EXTENSIONS button on the right-hand side to add a number of often prohibited file extensions. You may also add any other file extension manually.

When an attachment is prohibited, you may activate notifications for both the administrator and the e-mail recipient by using the appropriate switch.

Privacy Rejection

The following choices allow you to reject e-mails: when there appears to be no sender or receiver, or when the sender is not authorised. This last option is important for preventing unauthorised remote connections from accessing the MTA and sending e-mail.

Protocol Examinations

With the third set of options, you may activate a few of regular checks of the SMTP protocol used by the MTA, such as checking for a client’s IP and domain, the presence of a FQDN in the address, and HELO greetings when a connection is established.

Outbound Flow

The Outbound Flow page determines which settings are applied to local domain communications.

General

These choices enable you to add the client’s IP and username to the e-mail header and need authentication to send emails on the one hand, and define a few parameters used by the MyNetworks  part of the MTA’s setup on the other.

Relay Host enables you to route all outgoing e-mail to a server other than Carbonio’s. If the Relay Host is unavailable, the Fallback Relay Host will be used.

Privacy Instances

The bottom of the page displays information about the enabled services on the Carbonio installation’s mail servers: antispam and antivirus, authentication, and DKIM.

Antivirus & Antispam

The Antivirus and Antispam options that show here are related to the Antispam and Antivirus engines.

Antispam

When an e-mail is tagged as spam, its subject can be prefixed with a certain string [SPAM] or ***SPAM*** a and can be either discarded (which means the e-mail is erased and the receiver will never get it) or delivered anyhow.

PrivacyThe two options on the left determine whether the email should be just designated as spam or instantly destroyed. The numbers for each selections (Low, Medium, and High) are related to SpamAssassin’s spam score: a score of 20 denotes 100% spam. By default (i.e., the Medium option), the Spam to Junk tolerance is 33%, while the Block Spam tolerance is 75%. This implies that an email with a spam score of 6.6 will be labelled as spam, but an email with a spam score of 15 will be removed instantly. By changing the value to Low or High, you may lower or raise the threshold for marking or deleting spam e-mails.

PrivacyYou may additionally examine outgoing traffic and validate DKIM for added security: If a domain is DKIM-enabled, e-mails originating from that domain that lack a DKIM signature are deemed forged and hence fraudulent.

Definitions of Antivirus

The default mirror for downloading signatures is db.us.clamav.net; additional servers or mirrors can be added by entering their URL in the left-hand side textfield and clicking the ADD button. Existing mirrors can be erased by clicking the REMOVE button after choosing them.

Similarly, you may manually add or delete a file with custom viral signatures by entering it into the textfield on the right and clicking the  ADD  or  REMOVE  button.

Privacy Following that, the frequency of signature updates from the mirror may be established and modified from a few seconds to many weeks.