On Fri, Sep 05, 2003 at 08:57:04AM -0400, Joseph Kezar said:
> The alias is set up in LDAP and spans ~1400 people. That is why it is
> potentially dangerous to leave this alias exposed to the outside.
> Exim handles the LDAP lookup just fine. Its a matter of disallowing
> outside-our-domain emails from being accepted by this alias.
This is a fairly straight forward ACL. You basically deny if the
localpart is the special alias and the host (or sender domain) is not in
the list of local IP addresses (or domain names.)
Something like (and this is completely untested)
deny local_parts = restrictedalias
domains = my.local.domain
! hosts = +relay_hosts
message = only authorized hosts can send mail to this address
