SMTP AUTH allows an SMTP client to authenticate with a name and password when sending mail, thus allowing you to restrict who can send SMTP traffic to your server (whether for relay or local delivery). Points to remember:
- If SMTP AUTH is enabled but Restricted SMTP Relay is not, then all SMTP connections must authenticate before any mail will be accepted for either local delivery or relay.
Important: Whenever SMTP AUTH is enabled, your email server is effectively "send only," because mail servers from other domains are most likely not configured to authenticate with your server. This means your local email clients can only receive email from other local clients.
- If both SMTP AUTH and Restricted SMTP Relay are enabled, then hosts on a pre-approved list can relay without authentication, and those not on the list must authenticate via SMTP AUTH.
- If Restricted SMTP Relay is enabled and SMTP AUTH is disabled, then you are protected from being an open relay, while still allowing local delivery of mail from any host. In other words, SMTP hosts that are not in the Restricted SMTP Relay host list cannot relay through your server, but your local clients could still receive email from them.
Note: This is the most common configuration.
- Apple Mail Server logs sessions in which there is a failed authentication or an attempt to send mail without authenticating. This is found in Apple Mail Server's activity log, located at /Library/Logs/MailService/AppleMailServer.Server.log. You can read it with the Log Viewer module in the Server Admin application.
- SMTP AUTH is not controlled from the Server Admin application. Instead, it is controlled by a few entries in the local NetInfo database. Apple Mail Server creates these entries for you, but it gives them values that disable SMTP AUTH by default. This means that your mail server continues its prior behavior until you intervene.
Additional information:
For more information on this feature, including setup, see technical documents:
106760: "
Mac OS X Server 10.1: How to Set up SMTP Authentication"
106762: "
Mac OS X Server: How to Set up Restricted SMTP Relay for Apple Mail Server"
106763: "
Mac OS X Server 10.1: Restricted SMTP Relay Helps Prevent Unsolicited Email"