Page 66 - Mercury Manual.book
P. 66
61 The MercuryS SMTP Server Module
Relay/Connection control
es, enter the lowest address in the range you want to restrict in the "From" field, and the high-
est address you want to restrict in the "To" field. The addresses are inclusive, so both the
addresses you enter are considered part of the range.
If you check the Refuse connections radio control, Mercury will not accept incoming connec-
tions from this address. Use this to suppress sites that are abusive or have been hijacked by
spammers.
Checking the Allow connections radio button marks the address range as “good”, and enables
three extra controls that allow you to make certain concessions to the connected client:
• Connections may relay through this server If you check this control, Mercury will use
this as part of the process it applies to determine whether or not a specific connection can
relay mail (see below).
• Connections are exempt from transaction filtering If you check this control, Mercury
will not apply any transaction-level filtering expressions (see below, in the Compliance
section) you might have created to filter the commands supplied by connected clients;
this is particularly useful, or even essential if you have local workstations running clients
like Pegasus Mail or Eudora that need relaying facilities via your server.
• Autoenable session logging... This option allows you to turn on MercuryS’s powerful
session logging facility on an address-by-address basis. A session log contains a full
transcript of the entire transaction between MercuryS and the connected client, and can
be useful when gathering evidence or diagnosing problems. A session logging directory
must have been properly-specified in the General page for this to work correctly. The
captured session log will be a file with the extension .MS in that directory.
To edit a connection control entry, highlight it in the list, then click the Change selection but-
ton.
How Mercury applies connection control entries
The list of connection control entries you create can contain entries that overlap (i.e, entries
that refer to addresses also covered by other entries). In the case of overlapping entries, Mer-
cury uses the following method to select the entry it should use for any given address: if there
is an entry that refers to the address on its own (not as part of a range), then Mercury will
automatically use that entry; otherwise, it looks for the range that most closely encompasses
the address and uses that.
Example: You have a Refuse entry covering the range from 198.2.5.1 to
198.2.5.128, and an Allow entry covering the range from 198.2.5.10 to
198.2.5.20: if a machine with the address 198.2.5.12 connects to Mercury, it will
select the Allow entry to cover the connection, because the allow entry most tightly
encompasses the connecting address (the range covers 11 addresses, where the Refuse
entry's range covers 128 addresses).
Controlling relaying
SMTP relaying is the standard method of propagating mail on the Internet: in normal opera-
tion, an SMTP host will accept any message destined for any user, even if that user is not a
local user on the system: after it has accepted the message, it will relay it to the correct host
for delivery. Mail agents like Pegasus Mail and Eudora routinely depend on relaying to send
mail.
