Rules

Rules

Rules section consists of three subsections: Forwarding, Permitted addresses, and Forbidden addresses.


Forwarding

Allows you to configure mail forwarding on the server using mail aliases. Aliases, unlike mailboxes, do not require logins and passwords, they are assigned to a mailbox and serve as its copy with a different name, or, if an alias is assigned to several mailboxes, it can serve as a mailing group. Mail incoming to the alias is automatically forwarded to all real mailboxes associated with this alias. If forwarding is done to a mailbox in another domain on the Internet, then the mailbox registered in the Recipient column must actually exist.

You can read more about setting up mail aliases on SafeUTM in the article Mail forwarding.
1. Rules.png


Permitted addresses

Allows you to specify mail domains, IP addresses of mail servers and mailboxes, and emails from which will not be checked for spam.

If the mailbox is simultaneously specified in Forbidden addresses and Permitted addresses, then the Permitted address has the highest priority.

2. Rules.png

When you add overlapping sources to both lists, there is no correlation between the sources. Priority will be given first to IP addresses, then to mailboxes, and then to domains. That is, if the IP address of the mail server is forbidden and the domain it serves is permitted, then emails from it will be blocked (blocking by IP address is prioritized). Reverse example: An IP address is permitted, but a domain is forbidden. Emails are blocked, just at a later stage, when checking the mail domain.

Another example: the domain is in Permitted addresses, a mailbox from this domain is in Forbidden addresses, then emails from the mailbox will be blocked.

Reverse example: emails from a mailbox listed in Permitted addresses will be allowed even if the domain that the mailbox belongs to is listed in Forbidden addresses.

The scheme of letter processing in the mail server is presented in the article Mail traffic filtering scheme. Please note that  Permitted and Forbidden addresses are triggered after several preliminary filtering steps.


Forbidden addresses

Allows you to specify mail domains and mailboxes from which emails will not be accepted by the server.
3. Rules.png

Mail Forwarding

Setting up mail forwarding rules (aliases)


To create and edit mail forwarding rules (aliases), go to Mail Relay -> Rules -> Forwarding.

Mail aliases differ from mailboxes in that they do not require logins and passwords. They are assigned to a mailbox and serve as its copy with a different name, or, in case of assigning an alias to several mailboxes, we can say that alias is a group of mailboxes or a mailing group. Mail incoming to the alias is automatically forwarded to all real mailboxes associated with this alias. You can omit part of the address @yourdomain.com when creating rules if the mailbox is located on the SafeUTM mail server. If the redirection is done to any mailbox in another domain on the Internet, then the mailbox that is registered in the Recipient field must actually exist.


Examples:

After creating all the rules, we got this list:
5. Mail Forwarding.png

Let's describe how mail will work with such forwarding rules:

Emails coming to a non-existent mailbox (alias) manager@yourdomain.com will appear in the real one r.johnson@yourmaildomain.com. There is also an alias for the sales department sales@yourmaildomain.com which does not store letters itself. This is convenient if there is information for the sales department that needs to be distributed to each employee. All the same, can be done if you just specify all recipients in the letter, but using an alias is much more convenient. Also, an employee with an email address r.johnson@yourmaildomail.com is now on vacation and all the mail coming to his mailbox is duplicated to j.smith@yourmaildomain.com. The last rule allows the CEO to receive mail not to the corporate mailbox, but to their personal one on Gmail.

The alias is not a valid mailbox. You cannot connect to it with an email client using a username and password, as in a regular email account. Thus, creating aliases does not increase the maximum possible number of real mail accounts on SafeUTM, which is equal to the number of user accounts in the license you purchased.