Re: [Exim] Port 587

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Dennis Davis
Date:  
À: exim-users
Sujet: Re: [Exim] Port 587
>From: Suresh Ramasubramanian <linux@???>
>To: Marc Perkel <marc@???>
>CC: exim-users@???
>Subject: Re: [Exim] Port 587
>Date: Mon, 26 Apr 2004 20:01:57 +0530
>
>Marc Perkel wrote:
>
>> Does anyone have an example of how to use port 587?
>>
>> Obviously you have to:
>>
>> 1) Listen on the port
>> 2) Have a separate ACL for that port.
>
>The easiest way for this is to run two separate exim daemons, one for
>port 25 and the other for port 587


I though this approach was cumbersome and so do it with the one
exim master daemon. Put:

daemon_smtp_ports = 25 : 587

in you main configuration. I run with separate acl_smtp_rcpt ACLs
for ports 25 & 587. This is set up by:

acl_smtp_rcpt = ${if eq {$interface_port}{25} \
                  {check_recipient_port_smtp}{check_recipient_port_msa}}


in the main configuration.

Setting up suitable check_recipient_port_smtp &
check_recipient_port_msa ACLS is left as an exercise for the reader :-)
However my check_recipient_port_msa ACL starts with:

check_recipient_port_msa:

  # Connections must use TLS...
  deny    message = unencrypted connections are not allowed.
          ! encrypted = *


  # ...of the right kind...
  deny    message = poor encryption cipher
          ! encrypted = TLS_CIPHERS_TO_USE


  # ...and they must be authenticated.
  deny    message = unauthenticated connections are not allowed
          ! authenticated = *