Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
968
Views
0
Helpful
1
Replies

Ironport Open relay for internal domains only?

Dave Packham
Level 1
Level 1

‎02-18-2014 02:55 PM

we have an ironport cluster that is currently open to anyone inside our network to relay to anyone inside or outside our IP space.  we force all external IP space to authenticate before they can send.

we have about 200+ sub domains under our root domain that we handle email for.

my question is.

can i configure our IPO's to require auth for sending to a domain OTHER than the 200+ list and still allow un-authed to send to the 200+ internal sub domains?

for example

our internal domain is @.main.com with 200+ sub domains @sub.main.com

fax #1 in the fax@sub.main.com domain can openly with no auth send/relay email to anyone in the @sub.main.com or @*.main.com(the 200+list) domain without authentication but CANNOTsend to @*.other.com (ex @gmail.com)

fax #2 in the sub.main.com domain WITH authentication can send to ANY domain inside or out?

Dave P

Labels:
0 Helpful
1 Reply 1

Enrico Werner
Cisco Employee
Cisco Employee

‎02-26-2014 04:02 AM

Hi Dave,

was trying to understand what your current setup is and what you want to achieve, but failed ;-)

I suggest openeing a case with TAC if possibe and provide a copy of the current configuration to better understand the setup and try re-phrasing your request.

Regards,

Enrico

0 Helpful
Customers Also Viewed These Support Documents