Re: [Exim] Accept mail but don't relay from non-resolvable h…

Top Pagina
Delete this message
Reply to this message
Auteur: Dave C.
Datum:  
Aan: Jerry Jorgenson
CC: exim-users
Onderwerp: Re: [Exim] Accept mail but don't relay from non-resolvable hosts
On Fri, 3 May 2002, Jerry Jorgenson wrote:

> Warning: Newby question.
>
> Exim: 4.04
>
> Folks,
>
> I need to be able to allow a couple of servers which don't resolve to send
> me mail--they fail on the "require verify" line. (I can't control the
> "don't resolve" part, and it can't be changed). I receive mail from them
> by using the "accept hosts" line, but doing so makes me an open relay for
> these hosts. I just want to accept mail from them, not give them
> carte-blanche to relay anything:
>
> accept hosts = : *.goofy_domain.org : goofy_host.someotherdomain.com



You really should be specifying the _numeric_ IP addresses of those
hosts for this. Using the names leaves you open to DNS forrgery..

>
> Testing with -bh shows that other domains can't relay, but these can,
> which seems reasonable given the key that I've changed, but that's not the
> result I wanted.
>
> I've looked in the docs, the FAQ, spec.txt, the mailing list (at least the
> six months' that I have saved--yeah, I'm in trouble for keeping that guy's
> mail :-), the Exim book (recipients_reject and friends look like they
> would do the job, except they don't exist in 4.x), and while it seems like
> there should be some ACL keys that might work, there aren't any examples
> that I can understand.
>
> Thanks
>
> Jerry
>
> --
> Jerry Jorgenson
> jerry@???
> http://www.j3iss.com/
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>



--