Configuring Relay Control

Use Relay Control when you use external cloud services. This controls which outbound emails are permitted through the appliance, based on the IP and domain combination and the header. You will need to configure the headers here to match the headers on the external service.

When an email is received by the email appliance, if the information in the headers does not match, the email is discarded. If all the criteria match, the configured headers are removed from the email and it is processed. The email appliance looks at the IP and domain combination. Any domains linked to that IP that have not been configured to match it are discarded.

Relay Control enabled

Relay Control Settings:

Note You need to configure all the following fields. They are not case sensitive.
  • Domain Name: A domain that is allowed to send mail on behalf of your organization.
  • Mail Hosts: The sender's IP address or hostname. You can configure multiple IPs, including subnets (using CIDR) by using commas to separate the values. You can also use hostnames (you need to configure a PTR record so that the IP can be resolved using reverse DNS lookup).

    For example, 192.168.0.1,example.org,10.0.0.0/24

  • Header Name: The name of the header (this must match the name of the header configured on the external provider).
  • Header Value: The value of the header (this must match the value of the header configured on the external provider).

When Relay Control is enabled, the following checks are carried out to determine whether the mail direction is outbound:

  1. Mail is from a host on the Internal Mail Hosts list.
  2. Mail is from a domain on the Mail Domains list (the mail from part of the SMTP transaction is checked).
    Note If the first two checks are passed, mail is classified as outbound. If condition 1 is met, but condition 2 is not, check 3 is carried out.
  3. Mail is not to a domain on the Mail Domains list (the rcpt to part of the SMTP transaction is checked).

When Relay Control is enabled, but there are no values specified, the checks will still be carried out to determine the mail direction.

Relay Control disabled

When Relay Control is disabled, mail from hosts on the Internal Mail Hosts list will be treated as outbound. The other checks listed in the section above (2 and 3) will not be carried out.