The Host Screen is located at: Security » Security Settings » Screening. It is used to define which remote hosts will be allowed to connect to your local IP addresses. You may specify a list of hosts and configure the server to allow only connections from those hosts, or you can configure it to refuse connections from the listed hosts. Host screening compares the EHLO and PTR values determined during the SMTP session with the values specified here.
New Host Screen Item
To create a new Host Screen entry, click New. This will open the New Host Screen Item dialog for creating the entry.
Local IP
Use this drop-down list to choose the local IP address to which this Host Screen entry will apply. Choose "All IPs" if you wish it to apply to all of your local IP addresses.
Remote host (* and # wildcards ok)
Enter the remote host that you wish to add to the list, associated with the Local IP designated above.
Accept connections
Selecting this option means that the specified remote host will be allowed to connect to the associated local IP address.
Refuse connections
Selecting this option means that the specified remote host will NOT be allowed to connect to the associated local IP address. The connection will be refused or dropped.
Remove
To remove an entry, select the entry in the list and click Remove.
Default Action
To specify the default action for connections from remote hosts that have not been defined, select an IP address from the list and click accept or refuse. Once a default action has been specified, you can change it by selecting the "<default>" node beneath the IP address and then selecting the new default setting.
accept
When this option is chosen, connections from any host not specifically defined on the Host Screen will be accepted.
refuse
When this option is chosen, connections from any host not specifically defined on the Host Screen will be refused.
The Host Screen will never block trusted or local hosts. |
Screening Settings
Apply Host Screen to MSA connections
Use this option to apply Host Screening to connections made to the server's MSA port. This setting is enabled by default.
Drop connection on Host Screen refusal
When this option is enabled, the connection will be dropped immediately upon a Host Screen refusal.
Drop connection after EHLO (Do not wait for authentication)
Enable this option if you wish to drop banned connections immediately following EHLO/HELO. Normally you would wait for authentication. This setting is enabled by default.