Autor: Kersey Black Data: A: exim-users CC: Kersey Black Assumpte: [Exim] relay from outside to outside when authenticated not working
Hi all,
I post with trepidation that this is obvious, but I have worked on the
documentation, the FAQs and the archived list to no avail. Actually,
they have helped enormously and I am almost there, but for one glitch.
Situation:
running exim 4.10 on our mail server running SGI Irix 6.5.15
plain text authentication compiled into the code
Behavior wanted:
1) boxes on in the local domain can send anywhere (with or without
authentication)
2) boxes from outside can only relay off the mail server to other
machines outside
when authenticated (to handle a few mobile users, etc)
3) otherwise -- nothing special
Progress:
I am working from the default configuration file and have only done the
following:
-defined primary_hostname to the name of the local host
-defined the local_domains to that same host name and one variant
-left relay_from_hosts = 127.0.0.1
[when I define this to include the local subdomain it behaves as
expected, that is, local machines
do not need to authenticate to relay to the outside. But, for the
moment while I am having problems,
I have left it that all machines must authenticate to relay.]
Added the bit of configuration need under AUTHENTICATION CONFIGURATIION
to specify a plain_text authentication based on examples from the many
configure files around the net.
Result:
Exim is up and running, receives mail for all local accounts, and a
local machine inside the subdomain seems to behave as expected.
Notably, only when I authenticate (Mac OSX 10.2.2 mail client) will it
let me relay to the outside. Otherwise I get the 550 message in the
exim log file. If I give it an incorrect password it complains until
it gets the right one, and then all is happy/
Problem:
When a colleague connects from a windows box on the outside and tries
to relay through our mail server to elsewhere as as an authenticated
user, the authentication seems to work fine, but then I get the same
message in the log file that relaying is not permitted.
Thus, relaying is allowed for those in the local domain, but not for
those outside, even through for both the only way they get access to
relay is by the same authentication mechanism. Help please.
I must be misunderstanding the ACL section? I am using the default
configuration, and it seems like if the users message, whether coming
from inside or outside the local domain, gets to the last bit of the
ACL section and gets authenticated, then he should be able to relay.
But, obviously, I have it somehow confused.
I have a number of times thought I found a fix in the mail list
archives, but they have generally involved features specific to version
3.3.X, not 4.10.
I confess to being a newbie to digging into mailers, and the syntax of
ACL.