Restrict recipients

Forum Home

Restrict recipients Thomas
    Restrict recipients Synametrics Support
        Restrict recipients Thomas
            Restrict recipients Synametrics Support
                Restrict recipients Thomas
                    Restrict recipients Thomas
                        Restrict recipients Thomas

From:	Thomas
Date:	4/11/24 10:31 AM
Topic:	Restrict recipients
Type:	General Discussions
Post a follow up

I'm trialling XEAMS at the moment with a view to buy enterprise (for multithreaded send) purely as an SMTP relay to manage on premise devices sending email.

So far so good, however I do have some devices (printers) that I wish to only send email to a list of ~10 internal domains.

I'm not sure how to achieve this with XEAMS, I haven't found any way to enforce a restriction on recipient.

I'm toying with the idea of having a relay for outbound and a relay for inbound configured with different smart hosts where one can send email externally and the other (M365 smtp inbound option 2) cannot.

Is there a more elegant solution for this than adding more XEAMS servers?

Top

From:	Synametrics Support
Date:	4/11/24 11:20 AM
Topic:	Restrict recipients
Type:	General Discussions
Post a follow up

Try the following:

Run Xeams in "Firewall" mode. This means that if a message is received for a local (internal) domain, it will be forwarded to another SMTP server within your organization.
Go to Server Configuration/SMTP Configuration, define the 10 internal domains you have, and specify the IP address of your downstream servers. For example, emails for internal01.com goes to 192.168.1.5, and internal02.com goes to 192.168.1.10, and so on.
If a user tries sending an email to a domain NOT specified in Xeams, the email will be rejected due to a "Relaying denied" error.

Top

From:	Thomas
Date:	4/12/24 8:06 AM
Topic:	Restrict recipients
Type:	General Discussions
Post a follow up

Just to clarify: for printers, multifunction devices, and other applications that I want to restrict to internal domains I'll have to build a separate additional XEAMS server in firewall mode?
Top

From:	Synametrics Support
Date:	4/12/24 8:36 AM
Topic:	Restrict recipients
Type:	General Discussions
Post a follow up

Although I don't have the complete picture of your use case, I don't think you need multiple Xeams. If you run your current Xeams in Firewall mode, it will only accept messages for local domains. Therefore, your devices should be able to send their email. If they try to send emails to a foreign domain, Xeams will deny those emails.

Top

From:	Thomas
Date:	4/12/24 9:06 AM
Topic:	Restrict recipients
Type:	General Discussions
Post a follow up

Only some of my devices need to be restricted, others do not, sounds like I'll need separate servers.

That prompts a follow up question: Can I install two instances of XEAMS on the same server? (with all different ports).

Thank you for your input so far

Top

From:	Thomas
Date:	4/12/24 9:08 AM
Topic:	Restrict recipients
Type:	General Discussions
Post a follow up

Apologies, I think I just got what you were saying.

In firewall mode only internal domains would be forwarded for devices not configured for relay, thank you.

Top

From:	Thomas
Date:	4/12/24 9:14 AM
Topic:	Restrict recipients
Type:	General Discussions
Post a follow up

Is there a way to use a smarthost with authentication in firewall mode?
Top

Community/Enterprise Edition