I have tried
sender_host_reject_relay = *
which according to the manual (section the main configuration) stops any
relaying at all (if relay_domains is blank) which it is in my config.
however, I have found that if you set
relay_match_host_or_sender = true
then it does seem to override it... and then sender_net_accept_relay
doesnt seem to have any effect, especially in conjunction with my attempts
to use relay_domains_include_local_mx.
maybe I'm confused.
however, a suck-it-and-see approach means I think I have what I want now,
a backup-MX machine (which automagically detects itself being in the MX
records), plus relaying for specified nets only, with spamblocks on author/from
and connecting host/net.
so, know I have changed to this (cutting out all comments)
#sender_host_reject_relay = *
#helo_verify = true (I wanted this but our customers would all die!)
sender_verify = true
sender_verify_fixup = true
sender_reject_recipients = @@lsearch*;/opt/exim/etc/relay-spamblock-authors
sender_net_reject_recipients = /opt/exim/etc/relay-spamblock-nets
sender_net_accept_relay = /opt/exim/etc/relay-access-list
relay_domains_include_local_mx = true
#relay_match_host_or_sender = true
the thing I don't understand is why I had to remove relay_match_host_or_sender
otherwise, this configuration works nicely, perhaps it could be added to the
Exim "cookbook".
I'm also happy to contribute my configure template, and my script which turns
a list of junkmailers (either author@domain or just domain) into a suitable
spam filter file, to the cookbook.
Paul
----
P Mansfield, Senior SysAdmin PSINet, +44-1223-577577x2611/577611 fax:577600
"Whatever it was that wasn't wrong and couldn't be reproduced and works like
it always has...has apparently been fixed."... from a fault report.
--
*** Exim information can be found at
http://www.exim.org/ ***
