SMTP Relay for external domain

amahmud01 · ‎10-31-2016

We are using ESA for internal SMTP relay servers in our domain, now I have a request from the internal server they want to send to external domains my worries is if allowed the servers IP to send to outside it will be acting as open relay so how I can control this.

Libin Varghese · ‎10-31-2016

Hi,

The device can be configured to allow relay from internal servers to external domains without allowing the device to act as an open relay using the below article.

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118136-qanda-esa-00.html

This configuration would work as long as the internal servers do not generate emails with senders as external domains.

Thanks

Libin Varghese

amahmud01 · ‎10-31-2016

Thanks for the Above Link, another question once I added the Server IP is it possible also to configure specific email that can be used on this server, I mean only this email address can send emails I hope it is clear.

Libin Varghese · ‎10-31-2016

Not directly, however filters can be created to accomplish that.

NewRelay: if (sendergroup == "NewRelay")
{
if (mail-from != "abc@domain.com")
{
quarantine("Policy");
}
}

The above filter would quarantine all emails generated from the servers in the "NewRelay" sender group which are not from email address "abc@domain.com".

Libin

amahmud01 · ‎10-31-2016

Thanks appreciated, I will try the above mentioned configuration and let you know.

cheers !