Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2761
Views
0
Helpful
2
Replies

Multi Tenant email

Go to solution
guibarati
Level 4
Level 4

‎05-11-2016 03:05 PM

If I have an ESA serving multiple tenants I have to add all the email senders on the relay list and have to allow them to send emails.

Is there a way to keep one tenant from sourcing their emails with the domain of the other tenant?

Thank you

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
exMSW4319
Level 3
Level 3

‎05-12-2016 03:05 AM

Presuming the customers have different, static, IP addresses then a simple content rule with two conditions will do the job. There would be more efficient ways of doing it using sender groups and message filters if you want to get into that level of detail, or if you need to limit any one tenant.

Envelope Sender: mail-from != "tenant.tld$" AND

Remote IP / Host: remote-ip == "10.1.2.3" <-- tenant's IP

add action as appropriate

If you have a large number of tenants then this may not be viable either way; I can't give you any clear idea of what a reasonable upper limit would be with rules or filters.

Tenants need to understand that they cannot spoof other domains, which isn't a bad condition to impose. There may also be issues with auto-replies from some groupware.

If you've got multiple tenants on the same IP then strictly speaking any misbehaviour is the problem of the system administrator upstream, though you've still got to worry about them ruining your reputation. If you're accepting mail for a whole collection of senders on a range of addresses or heaven forbid public dynamic space without some extra authentication then that makes you a relay and you'll be surprised how few people will want to receive your mail.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
exMSW4319
Level 3
Level 3

‎05-12-2016 03:05 AM

Presuming the customers have different, static, IP addresses then a simple content rule with two conditions will do the job. There would be more efficient ways of doing it using sender groups and message filters if you want to get into that level of detail, or if you need to limit any one tenant.

Envelope Sender: mail-from != "tenant.tld$" AND

Remote IP / Host: remote-ip == "10.1.2.3" <-- tenant's IP

add action as appropriate

If you have a large number of tenants then this may not be viable either way; I can't give you any clear idea of what a reasonable upper limit would be with rules or filters.

Tenants need to understand that they cannot spoof other domains, which isn't a bad condition to impose. There may also be issues with auto-replies from some groupware.

If you've got multiple tenants on the same IP then strictly speaking any misbehaviour is the problem of the system administrator upstream, though you've still got to worry about them ruining your reputation. If you're accepting mail for a whole collection of senders on a range of addresses or heaven forbid public dynamic space without some extra authentication then that makes you a relay and you'll be surprised how few people will want to receive your mail.

0 Helpful

Go to solution
Jimson Medallon
Level 1
Level 1
In response to exMSW4319

‎05-24-2016 03:32 PM

This really help a lot. Thank you for all of your inputs and outputs.

Great job guys!

0 Helpful
Customers Also Viewed These Support Documents