[EXIM] Allowing certain users only to send and receive

Top Page
Delete this message
Reply to this message
Author: Jonathan Hazan
Date:  
To: exim-users
Subject: [EXIM] Allowing certain users only to send and receive
I am using exim to relay messages from our Lotus Notes server to the
Internet and also to route messages back from the Internet to this server.
What I am trying to do is set up a list of users who are allowed to both
send and receive external e-mail; if a user is not in the list, exim should
reject any e-mail which is sent by the user to an external address. Exim
should also reject any e-mail which sent from an external address to a user
who is not on the list.

I managed to set this up some time ago, and it is still working, but going
back over it again, it seems that I have done it in a terribly complicated
way, and I am sure that it could be done more simply. What I am asking is,
am I missing something obvious? Can anyone suggest a better way of doing
this?

The relevant bits of the configuration are included below.

Thanks,

Jonathan Hazan
Datix Business Systems Ltd, London, UK

###############

receiver_verify

# Sender verify is turned off

# DIRECTORS

# If the local part matches the list of authorised users, re-address the
message
# to go to the Notes server.
datix:
driver = smartuser
local_parts = lsearch;/etc/exim/auth_users
new_address = ${local_part}@datixnt

# Reject any other local addresses
reject:
driver = smartuser
transport = reject_user_pipe
fail_verify

# ROUTERS

# This routes to the Notes server
dnotes:
driver = domainlist
transport = local_smtp
route_list = datixnt $domain byname

# This is used to ensure that verification fails for
# users who are not in the list
smtp_verify:
  transport = remote_smtp
  driver = lookuphost
  except_domains = datixnt
  condition = ${lookup {$sender_address_local_part} lsearch
              {/etc/exim/auth_users} {$value} }
  verify_only


smtp_real:
driver = lookuphost
transport = remote_smtp
except_domains = datixnt:datix.co.uk
fail_verify = true



--
*** Exim information can be found at http://www.exim.org/ ***