Click this switch if you wish to respond to SMTP VRFY commands. This command is sometimes used by servers that use an SMTP call forward or call back feature to attempt to confirm the validity of email addresses on your server. This is disabled by default.
Click this checkbox if you want MDaemon to honor EXPN commands.
Enable APOP & CRAM-MD5
By default MDaemon's servers (POP, IMAP, and so on) do not honor the APOP and CRAM-MD5 methods of authentication. This type of authentication requires passwords to be stored using reversible encryption, which is not recommended for security purposes, in order to protect passwords from being decrypted by MDaemon, the administrator, or a possible attacker. Consequently, this option is not compatible with the Passwords option to "Store mailbox passwords using non-reversible encryption," nor with Active Directory authentication. If, however, you are not using SSL/TLS then APOP and CRAM-MD5 could provide extra security by making it possible for users to be authenticated without sending clear text passwords.
Silently discard duplicate RCPT values
Enable this option if you want the SMTP server to ignore duplicate recipients in the same SMTP session. MDaemon will accept and then discard the duplicate recipients. This option is disabled by default.
Refuse messages which violate RFC standards
Enable this option if you wish to reject messages during the SMTP process that are not compliant to RFC internet standards. To pass the compliance test the message must:
1.Be greater than 32 bytes in size (the minimum size necessary to include all required parts).
2.Have either a FROM: or a SENDER: header.
3.Have no more than one FROM: header.
4.Have no more than one SUBJECT: header, though no subject header is required.
Messages using authenticated sessions or from trusted domains or IP addresses are exempt from this requirement.
SSL negotiation failures will retry without SSL for up to one hour
This option allows you to temporarily white list host IPs that encounter an SSL error during an outbound SMTP session. The white list is reset every hour.
Refuse messages larger than [xx] KB (0=no limit)
Setting a value here will prevent MDaemon from accepting or processing mail that exceeds a certain fixed size. When this option is enabled MDaemon will attempt to use the ESMTP SIZE command specified in RFC-1870. If the sending agent supports this SMTP extension then MDaemon will determine the message size prior to its actual delivery and will refuse the message immediately. If the sending agent does not support this SMTP extension then MDaemon will have to begin acceptance of the message, track its size periodically during transfer, and finally refuse to deliver the message once the transaction has completed. Use "0" in this option if you do not wish to set a size limit. If you wish to exempt authenticated sessions from SIZE checks, use the "...except when SMTP AUTH is successfully used" option below.
...except when SMTP AUTH is successfully used
Check this box if you wish to exempt messages from the message size limitation when the SMTP session is authenticated.
Max RCPT commands allowed
Use this option if you wish to limit the number of RCPT commands that can be sent per message. Use "0" if you do not wish to set a limit.
Close session if reached
Check this box if you wish to close the session immediately if the maximum allowed number of RCPT commands is reached.
POP server deletes mail on DELE command
Click this option if you wish MDaemon to delete messages immediately when they are retrieved and the DELE command is received, even if the POP session does not complete properly.
IMAP server supports COMPRESS command
Click this box if you wish to support the IMAP COMPRESS extension (RFC 4978), which compresses all data sent to and from the client. COMPRESS will increase CPU and memory usage per IMAP session.
Allow plain text passwords
This option governs whether or not MDaemon will accept passwords sent in plain text to the SMTP, IMAP, or POP3 servers. If disabled, the POP3 USER, POP3 PASS, IMAP LOGIN, IMAP AUTH LOGIN, and SMTP AUTH LOGIN commands will return an error unless the connection is using SSL.
Allow connections to server's own IP addresses
When this option is enabled, MDaemon can connect to itself.
POP & IMAP servers always allow connections from this IP
The POP and IMAP servers will always accept connections from the IP Address entered into this field regardless of screening and shielding settings.