RE: [Exim] Acl question

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Timothy Arnold
Datum:  
To: 'Nico Erfurth', Timothy Arnold
CC: 'Exim-Users (E-mail)'
Betreff: RE: [Exim] Acl question
Here is what you requested:

domainlist local_domains = @ : lists.ngfl.gov.uk
hostlist relay_from_hosts = 127.0.0.1 : 193.63.51.0/24

I basically need to accept mail from internal people (193.63.51.64/26) but
reject any mail coming from outside.

Regards,
Tim.


-----Original Message-----
From: Nico Erfurth [mailto:masta@perlgolf.de]
Sent: 23 January 2003 12:09
To: Timothy Arnold
Cc: 'Exim-Users (E-mail)'
Subject: Re: [Exim] Acl question


Timothy Arnold wrote:
> Here is the Acl - it is bog standard except for hosts allow.
>
> acl_check_rcpt:
>
> # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this

by
> # testing for an empty sending host field.
>
> accept hosts = 127.0.0.1 : 193.63.51.46


This is BS and will prevent you from receiving mail via commandline. You
really should leave this option to accept hosts = :
See below....

> # Accept mail to postmaster in any local domain, regardless of the

source,
> # and without verifying the sender.
>
>   accept  local_parts   = postmaster
>           domains       = +local_domains


Please show the domainlist local_domains.

> # Accept if the message comes from one of the hosts for which we are an
> # outgoing relay. Recipient verification is omitted here, because in

many
> # cases the clients are dumb MUAs that don't cope well with SMTP error
> # responses. If you are actually relaying out from MTAs, you should
> probably
> # add recipient verification here.
>
>   accept  hosts         = +relay_from_hosts


Your primary mx should go into hostlist relay_from_hosts, how does it
look now?

Try if this helps, you also can try to run exim -d -bh 1.1.1.1 to see
why it allows an external IP to relay through the server (do you REALLY
mean it relays?)

Nico


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************