By default, everyone in your organization has full access to all features you enable on the GWIA. This includes the capability to collect their email via POP3 or IMAP4 service, as well as to send and receive messages of unlimited size via SMTP/MIME. For many customers, though, the following are common settings under Access Control:
You can administer all of these controls on the GWIA via Access Control. Generally, when you want your Access Control to apply to all users, you configure the Default Class of Service. Imagine, though, that you want to be able to make exceptions to the settings you defined from Default Class of Service. For example, a couple of users will eventually need POP3 access. Here are the steps to accomplish such exceptions:
The users defined under the POP3 Access Class of Service will be able to retrieve their email via POP3, and relay off of the GWIA. It is important to note that you did not configure any type of SMTP relay on the GWIA, yet these POP3 users are able to relay off of the GWIA. The reason for this is that the GWIA will allow a user who has authenticated via a POP3 session to relay through the GWIA. Because the POP3 session required the user to authenticate as a valid user, the GWIA assumes that the user should be able to use the GWIA as an SMTP relay server. For your users to be able to use SMTP relay, their POP3 client must be configured to allow authentication to the SMTP server (which is the POP3 server also) before sending SMTP messages to be relayed. Some newer POP3 clients just assume that this is the case, so this option of whether to do it is not even presented to the users. Let's imagine another scenario. You have deployed Novell's ZENworks server management product. The ZENworks server management product has an alerting mechanism that requires an SMTP relay host. You want your GWIA to allow relaying, but only from the server running the ZENworks server management. Following are the steps for setting up the GWIA to act as a relay host:
|