Logout

Alt-N Discussion Groups > MDaemon Discussion Groups > MDaemon Support > Archive > Mdaemon and SecurityGateway

 [F] Alt-N Discussion Groups  / MDaemon Discussion Groups  / MDaemon Support  / Archive  /

Mdaemon and SecurityGateway

[Deus, Javier Meilán]
Javier Meilán …
Newbie
Newbie
Posts: 43
Javier Meilán Deus - 06:15am, Jun 15 2021

I don't know if the forum is correct, but I ask the question.

I have the Mdaemon mail server and the EmailGateway server.
What I need is that the Email Mdaemon server can only receive incoming emails from the gateway.

There is some configuration document, some KB.

  All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items

Arron Caruth - Jun 15, 2021 8:17 am (#1 Total: 2)  

Guest User  

Photo of Author
Posts: 1

The best option, if it is possible in your environment, would be to configure your firewall and/or router to simply not allow connections to MDaemon on port 25 from any IP address other than Security Gateway.  

You could also configure MDaemon to not listen on port 25, if you do this don't forget to update the Domain mail server configuration to use the same port MDaemon is listening on for inbound SMTP traffic.

Another option would be to use Host Screening to block all connections, except for the Security Gateway.  To do this you need to know what value Security Gateway is passing for the EHLO value during the SMTP session. You can find this value(s) in SecurityGateway under Setup | Users / Mail Configuration / Email Protocol.  The HELO domain name is the value you are looking for.  Security Gateway allows this value to be configured per domain, so you also need to check each domain to make sure it is not using a unique value.  You can find the per-domain settings by going to Setup | Users / Accounts / Domains & Users / Select the domain / Edit, check the HELO string field.

 Then in MDaemon go to Security / Security Manager / Screening / Host Screen.  Click New and in the Remote Host field enter "*" and make sure the refuse connections option is selected, then click OK.

Click New again, this time in the Remote Host field enter the value that SecurityGateway is using in its EHLO string, select "Accept Connections" and click OK.  Now use the Up/Down buttons to move this entry to be above the entry with the "*".

If you are using webmail or ActiveSync, there are a couple of things to be aware of.  First, webmail defaults to sending mail to localhost on port 25, so if you reconfigure the ports or block port 25 in MDaemon, you need to reconfigure webmail.  You can do this by editing the domains.INI file in the C:\MDaemon\WorldClient directory.  You'll want to change the SMTPHost and SMTPPort values to fit your configuration.  Be sure to check the entire file as there could be domain-specific settings.

ActiveSync doesn't use SMTP to send an email and there is no way to change how ActiveSync behaves when it comes to sending an email. Messages sent using ActiveSync are placed into the Inbound queue in MDaemon and are then routed by MDaemon.


--
Arron Caruth
Vice President of Product Development
o: 817-601-3222    e: Arron.Caruth@mdaemon.com

MDaemon Technologies
Simple Secure Email
Visit us on www.mdaemon.com | Facebook | LinkedIn | YouTube
Sent using the MDaemon Email Server

On Tue, 15 Jun 2021 06:15:09 -0500, "lists-md-support@mdaemon.com (Javier Meilán Deus)" <lists-md-support@mdaemon.com> wrote:
I don't know if the forum is correct, but I ask the question.

I have the Mdaemon mail server and the EmailGateway server.
What I need is that the Email Mdaemon server can only receive incoming emails from the gateway.

There is some configuration document, some KB.


View/reply at Mdaemon and SecurityGateway
--MD-SUPPORT--------------------------------------------------------------
This list is for questions and discussion about MDAEMON. To unsubscribe 
from this mailing list send an email to md-support-unsubscribe@mdaemon.com .
--POWERED BY MDAEMON!-----------------------------------------------------

--------------------------------------------------------------------------
These forums are provided by MDaemon Technologies for user-to-user 
support and discussion.  MDaemon staff members may participate in the 
forums periodically but please recognize that this is not the official
method of receiving technical support. To receive personal technical 
support please use the form here:
http://www.mdaemon.com/Support/RequestSupport/
--------------------------------------------------------------------------

--MD-SUPPORT--------------------------------------------------------------
This list is for questions and discussion about MDAEMON. To unsubscribe 
from this mailing list send an email to md-support-unsubscribe@mdaemon.com .
--POWERED BY MDAEMON!-----------------------------------------------------

--------------------------------------------------------------------------
These forums are provided by MDaemon Technologies for user-to-user 
support and discussion.  MDaemon staff members may participate in the 
forums periodically but please recognize that this is not the official
method of receiving technical support. To receive personal technical 
support please use the form here:
http://www.mdaemon.com/Support/RequestSupport/
--------------------------------------------------------------------------

Javier Meilán Deus - Jun 16, 2021 8:58 am (#2 Total: 2)  

 

Photo of Author
Javier Meilán …
Newbie
Newbie
Posts: 43
Thanks, I have opted for the second option, it seemed to me the most correct way to do it.

Thanks for the help.



  All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items



 Content:

Read New | Search

 Guest:

Email to Admin



You are visiting as a Guest user.