IPs Authorized to Relay

• Table of Contents
• Configuration File Locations
• Authorizing Clients
  • Setting Default Values
• Applying Changes

You can specify which IP addresses are authorized to relay mail through GreenArrow Engine, along with default values for mail received from those IP addresses within the configuration files described in this document. Alternatively, SMTP AUTH, or username/password based authentication can be used to authorize users to relay messages.

Configuration File Locations

The default IP authorization configuration file location for the SMTP, SMTP2 and SMTP3 services is /var/hvmail/control/smtp.tcp.

If you’d like to create a separate IP authorization configuration file for the SMTP2 service, complete the steps below. These steps are optional:

1. Create a new configuration file in /var/hvmail/control/smtp2.tcp.

   cp -a /var/hvmail/control/smtp.tcp /var/hvmail/control/smtp2.tcp
   

2. Make any desired changes to the new file, then apply them by running:

   /var/hvmail/bin/hvmail_update_tcprules smtp2
   

3. Set the TCPRULES_INHERIT variable in the /var/hvmail/control/smtp2 file equal to 0:

   TCPRULES_INHERIT=0
   

4. Restart the SMTP2 service:

   svc -t /service/hvmail-qmail-smtpd2
   

A separate configuration file can also be created for the SMTP3 service by following the steps above, replacing smtp2 with smtp3.

Authorizing Clients

To authorize an IP address to relay, add a line to /var/hvmail/control/smtp.tcp:

1.2.3.4:allow,RELAYCLIENT=""

To allow a class A, B, or C block of IP addresses to relay:

1.:allow,RELAYCLIENT=""
1.2.:allow,RELAYCLIENT=""
1.2.3.:allow,RELAYCLIENT=""

To authorize a range of IP addresses to relay (in this example, 1.2.3.1 through 1.2.3.20):

1.2.3.1-20:allow,RELAYCLIENT=""

To authorize a range of blocks of IP addresses (in this example, 1.2.3.x through 1.2.5.x) to relay:

1.2.3-5.:allow,RELAYCLIENT=""

Setting Default Values

In addition to setting the RELAYCLIENT variable, which authorizes IP addresses as relay clients, you can set additional variables such as:

Enable SimpleMH:

1.2.3.4:allow,RELAYCLIENT="",GREENARROW_SIMPLEMH=""

Specify the Mail Class (which uses SimpleMH):

1.2.3.4:allow,RELAYCLIENT="",GREENARROW_MAILCLASS="transactional"

Specify the ListID, SendID and MtaID:

1.2.3.4:allow,RELAYCLIENT="",GREENARROW_LISTID="listid",GREENARROW_SENDID="sendid",GREENARROW_MTAID="smtp1"

Don’t insert the Received header that would normally be inserted into a message.

1.2.3.4:allow,RELAYCLIENT="",GREENARROW_SMTP_RECEIVED_HIDE=""

The full definition of this file format is here: http://cr.yp.to/ucspi-tcp/tcprules.html

Applying Changes

After updating the /var/hvmail/control/smtp.tcp file, run the following command to apply the changes:

/var/hvmail/bin/hvmail_update_tcprules smtp

After running this command, the new data will be used for all new incoming connections. No services need to be restarted.