Don't apply IP Shield to authenticated sessions
When this control is active, the IP Shield restrictions will not to users that have been authenticated. Mail will be accepted from them regardless of the IP address from which they are connecting.
Don't apply POP Before SMTP to authenticated sessions
If you are utilizing the POP Before SMTP security feature, you can click this option to make authenticated users exempt from this restriction. An authenticated user will not need to check his or her email before sending messages.
Authentication is always required when mail is from local accounts
When this option is enabled and an incoming message claims to be from one of MDaemon's domains, the account must first be authenticated or MDaemon will refuse to accept the message for delivery.
...unless message is to a local account
If you are requiring authentication when a message is from a local sender, but wish to skip the authentication restriction when the recipient is local as well, then click this option. Note: this may be necessary in some situations where you require some of your users to use different mail servers for outgoing and incoming mail.
Mail from 'Postmaster', 'abuse', 'webmaster' must be authenticated
Click this checkbox to require messages claiming to be from one of your "postmaster@...", "abuse@..." or "webmaster@..." aliases or accounts to be authenticated before MDaemon will accept them. Spammers and hackers know that these addresses might exist, and may therefore attempt to use one of them to send mail through your system. This option will prevent them and other unauthorized users from being able to do so. This option is mirrored on the Options screen of Address Aliases. Changing the setting here will change it there as well.
Authentication credentials must match those of the email sender
Use this option if you wish to require a sender to use only his own credentials for authentication. So, for example, email@example.com would only be allowed to authenticate using the firstname.lastname@example.org account credentials. If he attempted to authenticate using email@example.com then it would not be allowed, even if the firstname.lastname@example.org credentials were valid. This option is disabled by default.
Global Authentication Password
Some configurations may require a global authentication password. If you require that then designate that password here.