Configuring advanced MTA settings

To modify the advanced settings of MTA:

1. In the application web interface window, select the Settings → Built-in MTA → Advanced Settings section.
2. In the SMTP greeting text field, type the text that will accompany code 220 in the SMTP greeting (smtpd_banner).

   Default value: $myhostname ESMTP MTA.

3. In the Maximum connection attempts field, specify the maximum number of connection attempts by one remote SMTP client to the service of the SMTP server per minute (smtpd_client_connection_rate_limit).

   Specify 0 if no limit is required.

   Default value: 0 (no limit).

4. In the Maximum simultaneous connection attempts field, specify the maximum number of simultaneous connection attempts by one remote SMTP client to the SMTP server (smtpd_client_connection_count_limit).

   Specify 0 if no limit is required.

   Default value: 50.

5. In the Maximum mail delivery requests field, specify the maximum number of message delivery requests from one remote SMTP client to the SMTP server per minute (smtpd_client_message_rate_limit), regardless of whether this mail server accepts these messages or not.

   Specify 0 if no limit is required.

   Default value: 0 (no limit).

6. In the Maximum SMTP session length field, specify the maximum period of time during which a request has to be received from the remote SMTP client and a response sent by the SMTP server (smtpd_timeout). In the drop-down list next to the field, select units of measurement.

   The default value is 30 seconds.

7. In the Maximum queue lifetime for a message field, specify the time period for storing messages in the queue with a transient error status (maximal_queue_lifetime), after which time the messages are considered undeliverable. In the drop-down list next to the field, select units of measurement.

   Default value: 3 days.

8. In the Maximum queue lifetime for a bounce message field, specify the time period for storing bounce messages in the queue with a transient error status (bounce_queue_lifetime), after which time the messages are considered undeliverable. In the drop-down list next to the field, select units of measurement.

   Default value: 3 days.

9. If necessary, in the BCC addresses field, specify the email addresses to which you want BCCs of messages received by the Mail transfer agent (MTA) to be sent (always_bcc). BCCs are not sent for messages on which a Reject or Delete message action is taken as a result of a scan. The maximum number of addresses is 100.

   If sending a BCC is configured in both the MTA advanced settings and the rule settings, and the as a result of scanning by application modules, the message is delivered to recipients, the MTA sends a BCC of the original message and a BCC of each BCC that is sent when a rule is triggered.

10. Use the Check addresses format for RFC 821 compliance toggle switch to enable or disable the checking of email addresses in SMTP MAIL FROM and RCPT TO to verify that such addresses are in angle brackets and do not contain RFC 822 comments and phrases (strict_rfc821_envelopes).

    This scanning prevents receipt of messages from poor-quality software.

    By default, this authentication is enabled.

11. Use the Disable recipient verification SMTP VRFY toggle switch to enable or disable SMTP VRFY command (disable_vrfy_command).

    The SMTP VRFY command prevents specific services from collecting email addresses.

    By default, this authentication is disabled.

12. In the EHLO keywords not sent by SMTP server in response settings group, select check boxes next to those case insensitive EHLO commands, which your SMTP server will not announce in response to an EHLO request from an external SMTP client (smtpd_discard_ehlo_keywords).

    Default values: dsn, etrn.

13. If you want KSMG to reject a message delivery request if the domain from the RCPT TO header does not contain MX and A records of the DNS server, or the MX record is distorted (for example, a zero-length MX host address is specified), set the Reject messages for unknown recipient domains toggle switch to Enabled.

    By default, request rejection is enabled.

14. In the Reject messages for recipients drop-down list, select one of the following modes of SMTP Recipient Address Verification:

    SMTP verification of email addresses involves verifying the existence of recipient email addresses.

    • Do not reject.

      Recipient verification is not performed.

    • Reject for unverified recipients.

      The application rejects the message if the recipient's server is unavailable or rejects the request (reject_unverified_recipient).

    • Reject for recipients not in valid list.

      The application rejects the message if the recipient address is not present in the list of allowed addressed.

    Default value: Reject for unverified recipients.

    SMTP Recipient Address Verification is not performed when KSMG receives messages from trusted network hosts.

    If SMTP verification of recipient addresses is disabled, a delivery failure notification is sent when an attempt is made to deliver a message to a nonexistent address. This increases the volume of email traffic and may increase the load on the mail server.

15. If you selected the Reject for recipients not in valid list mode of SMTP verification of recipient addresses, under List of valid recipient addresses, create a list of addresses.

    The list is necessary to check if the message recipient exists. It is used when receiving messages for local domains. Addresses from all specified sources form a common list. If the recipient address is not found in the list of allowed addresses, the message is rejected.

    1. If you want to add addresses of users and groups from the LDAP cache to the list of allowed recipient addresses, enable the Use addresses of users and groups from LDAP cache toggle switch.

       This setting is available if at least one LDAP server connection is configured.

    2. If you want to add addresses of contacts from the LDAP cache to the list of allowed recipient addresses, select the Use contact addresses from LDAP cache check box.

       This setting is available if getting email addresses of LDAP contacts is enabled for at least one LDAP server connection.

    3. If you want to specify the allowed recipient addresses manually, in the Use these addresses field, enter your addresses in the following format: user@your-dn1.com; @your-dn2.com.

       The maximum number of addresses is 500.

    4. If you want to import allowed recipient addresses from a file, in the Use addresses from file line, click Import file to open a window, and in that window, upload the TXT file into the application. To do so, either:
       • Drag the file with allowed recipient addresses to the highlighted area.
       • Click Browse, select your file with allowed recipient addresses and click Open.

       The maximum number of addresses in a file is 100,000. Addresses must be separated by line breaks.

       Example: user22@your-dn1.com @your-dn2.com

    5. click Import.

       The number of allowed recipients from the imported file is displayed in the Use addresses from file line together with date and time of import.

       If an error is detected in the selected file, the file is not imported. A message is displayed with the first 10 addresses that failed the check.

    6. If you want to replace the imported file with a different file, click Manage file to open a window, and in that window, upload a new file into the application and click Replace. If necessary, you can download the imported file by clicking Export file with recipient addresses.

       You can download the imported file to your computer by clicking the icon or delete the file from the application by clicking the trash bin icon.

16. Click Save.

Advanced MTA settings are configured.