Re: [Exim] question about ACL

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMLiu Shuai at <-
MMMMatthias Lewandowski at ->
Delete this message
Reply to this message
Author: Hunte Swee
Date:  
To: Liu Shuai, exim-users
Subject: Re: [Exim] question about ACL
The question is so interesting.

You do expect mail from the internet, but dont't allow user to send email outside of your lan, so? If yes, I think you can't accomplish this. Why? As you wish, a connection should be established from internet, outsise of your LAN, bu exim, your MTA couldn't distingish the connection was made by another MTA or your user outsize of your LAN. At this point, it is impossible.

Is it right?

P.S.: Your name seems a Chinese one. Are you a Chinese?

----- Original Message -----
From: "Liu Shuai" <shuai@???>
To: <exim-users@???>
Sent: Friday, December 12, 2003 11:34 AM
Subject: RE: [Exim] question about ACL 


> Thank you for the response.
>
> >> I am trying to set up exim so that it only allow SMTP connections from
> >> certain IPs. Say, I
> >> want to serve only smtp requests sent from 12.34.56.* and 23.45.67.*
>
> >So you do not expect mail from the internet?
>
> Sorry if I didn't make it clearer.
>
> Yes, I do expect mail from the internet, but I don't want users to be able
> to use the SMTP server to send e-mail if they are outside of my local
> network(s), even if they have local e-mail accounts.
>
> For example, a user can only send e-mail through the server if his request
> is from IP
> within 12.34.56.1 - 12.34.56.255 or 23.45.67.1 - 23.45.67.255.
>
> I realize that I can disable connection at firewall level, but I suppose
> that I can do it from Exim as well?
>
> > I changed the accept hosts line in the following section
> >
> > #!!# ACL that is used after the RCPT command
> > check_recipient:
> > # Exim 3 had no checking on -bs messages, so for compatibility
> > # we accept if the source is local SMTP (i.e. not over TCP/IP).
> > # We do this by testing for an empty sending host field.
> > accept  hosts = :
> >
> > to be
> > accept  hosts = 12.34.56.*
> >         hosts = 23.45.67.*
> >         endpass
>
> >This is impossible.  try:
> >hosts = 12.34.56.0/24 : 23.45.67.0/24
> What does the line above do? In particular, what the semantics of "/" here?
>
> Thank you for your time.
>
> LS
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>
>

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] large retry and wait-remote_smtp filesRe: [Exim] qmail to exim->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)