Re: [Exim] Relaying / Sender

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Nico Erfurth
Dátum:  
Címzett: Julian Bartels
CC: exim-users@exim.org
Tárgy: Re: [Exim] Relaying / Sender
1.) Please wrap your lines at 72 chars

> Hello to you!
> I've got an server on the net with exim / mysql (virtual
> domains)! But I've got a problem with sending mails! if the rcpt is in
> the database everything is ok! But when I try to send a mail from such
> an adress (e.g. bartels@???), then I get relaying permitted! I


So noone can fake one of your domains and use your server as relay.

> don't want to relay for everyone, but for my own ;-) One possibility
> could be to check the sender, but thats not so good (spammer could use
> my adress) A better way would be smtp auth or pop for smtp! I got


They WILL do so.

> smpt-auth running, but how tell i exim where to find the user data for
> this (in mysql; db exim, table passwd, attribs email (user) and
> crypt/clear (passwd))? Any hints on this? Or how can I make pop for
> smtp! I'm sorry, but I didn't understand the whoson in the faq (for pop
> for smtp)! I'm using exim4!


You don't have smtp-auth running if you don't lookup the data somewhere.
You just do a simple lookup for the data in your database.

Your server_condition should look like this one:

server_condition = ${lookup mysql {select 1 from passwd where \
user=$quote_mysql{$1} and passwd=${quote_mysql:$2}}{yes}{no}}

You need to adjust this a little bit for the different authenticators
(using $1 and $2 vs. $2 and $3). And maybe you need to use ${md5:} or
something else, if you store your passwords encrypted, it depends on your
setup.

If you want pop-before-smtp you need either a pop-daemon or a logwatching
utility, that writes the ip-address to some file, or creates single files
with the ip-addresses in a special directory.

Add something like this at a good place to your rcpt_acl,

accept hosts = dsearch;/var/run/popusers/
to search for /var/run/popusers/$sender_address

or
accept hosts = dbm;/etc/exim/popusers.dbm

to search a simple dbm-file where your daemon/logwatcher writes too


ciao