> AFAIK you can't, but I've just got an nice idea ....
>
> Basicly, use the dnsdb-lookup, and add a special TXT record to your
> zonefiles, maybe something like this
>
> example.com TXT SECRET_TEXT
>
> where SECRET_TEXT is the result of
>
> echo -n "YourSecretPassword|example.com" | md5sum
>
> with some lookup like this, you should be able to verify that the domain
> is managed by your server.
>
> ${if eq {${lookup dnsdb {$domain}{$value}{}}} \
> {$md5:YourSecretPassword|$domain} {1}{0}}
Wouldn't hmac be better suited for this?
Instead of the echo above, for hmac, you can issue
exim -be '${hmac{md5}{secretpass}{example.com}}'
and checking it is obviously similar.
> This will lookup the md5sum from the domain's TXT-record, and compare it
> to the md5sum generated by your password and the domain-name, you can
> use this in any condition-statement, where $domain is set.
> By using the md5sum and a secret password, the whole thing should be
> secure against any kind of abuse.
>
> Well, maybe there are better ways, but this should work ;)
Interesting idea.
Wanna know how I did the several domains we have where I work? Once I tell
the primary about the domain, the secondary is instantly a relay for it.
--
Lab tests show that use of micro$oft causes cancer in lab animals