Author: Nico Erfurth Date: To: Andy Davidson CC: exim-users Subject: Re: [Exim] Relay control problem - any ideas ?
Andy Davidson wrote: > Hi, guys --
>
> I need to allow a Class C network to relay through an Exim 3.35 server,
> *except* for one host.
>
> I've tried a few ideas after reading the spec on exim.org, but I'm having
> problems achieving this. To summarise :
>
> A - exim.conf edit to show :
> host_accept_relay = 127.0.0.1 : 192.168.100.0/24 : !192.168.100.1/32
> Still permits relaying.
The 192.168.100.0/24 entry matches, so the check is successful, you need
to give the exception before the allowed host, like this:
host_accept_relay = 127.0.0.1 : !192.168.100.1/32 : 192.168.100.0/24
> B - exim.conf edit to show :
> host_accept_relay = 127.0.0.1 : 192.168.100.0/24
> host_auth_accept_relay = 192.168.100.1/32
The host will be accepted for relaying before checking for authed-relaying.
> Still permits relay without authentication (my hope was that all hosts but one
> would be able to relay without authentication, but attempts to relay through
> that one host would fail since no authentication configuration exists.)