==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.2 MARIADB edition.
- Deployed with iRedMail Easy or the downloadable installer? Downloadable
- Linux/BSD distribution name and version: Ubuntu 18.04 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi,
I'm planning to use Mailroute to process all incoming email for my server. I want to lock it down so that only Mailroute can deliver mail to the server, but I also want to allow users to send mail out from the server. I think that I need a policy that:

Blocks everything, unless
1. The IP address is from the Mailroute block of IPs
-or-
2. The sender is SMTP authenticated

How can I do this? It's not clear to me if the global blacklist can blacklist absolutely everything, allowing me to then whitelist just the Mailroute IPs. And if I can do that, how do I add an exception for senders who are SMTP authenticated?

Thanks.