This article tells you how an IP address is safelisted so that it will not be included in the "sender domain from" checking done by the relay service of HES.
To prevent open-relay customers from compromising HES relay servers, HES relay MTA will no longer accept and forward mails from senders who use non-registered domain(s) in the sender from email address.
When HES relay servers receive an email from a customer, HES checks if the sender domain (which is taken from the envelope "mail from") matches the relay domain ACL and does the following:
- If yes, HES receives the mail for scanning and forwards it to the intended recipient.
- If not, HES rejects the email and sends back a permanent error.