Jeff Lasman wrote:
>
..[snip]...
>
>
> How is sender_domains tested? Is it simply a partial string search? Or
> does it require an exact match?
>
> Thanks for any clarification you may be able to give me.
Perhaps a small example may be of use to you :)
just copy the config to /tmp/exim-test and the 'domains' to /tmp/domains
then use 'exim -C /tmp/exim-test -bh <some_ip>' and try out various
ip addresses and from/to combos and see what happens.
#-------------------------------------
# ///START OF CONFIG FILE\\\
#-------------------------------------
#Define the local relay networks
#-------------------------------------
hostlist relay_hosts = 10.0.0.0/8 : 192.168.0.0/16 : 172.16.0.0/12
#-------------------------------------
#Define the local domains by recipient and sender
#-------------------------------------
domainlist by_recipient_domains = \
${lookup{$domain}lsearch{/tmp/domains}{$value}}
domainlist by_sender_domains = \
${lookup{$sender_address_domain}lsearch{/tmp/domains}{$value}}
addresslist by_recipient_domains = \
${lookup{$domain}lsearch{/tmp/domains}{$value}}
addresslist by_sender_domains = \
${lookup{$sender_address_domain}lsearch{/tmp/domains}{$value}}
#-------------------------------------
#Define the acl's to use
#-------------------------------------
acl_smtp_mail = check_mail
acl_smtp_rcpt = check_rcpt
#
begin acl
#
check_mail:
#-------------------------------------
#Deny a 'local sender' that is not on a 'local ip network'
#-------------------------------------
deny sender_domains = +by_sender_domains
!hosts = +relay_hosts
message = 'Local users can only send from a local network.'
accept
check_rcpt:
#-------------------------------------
#Accept a 'local recipient' if sent from a 'local domain'
#-------------------------------------
deny domains = +by_recipient_domains
!senders = +by_sender_domains
message = 'Local users can only recieve from local senders'
accept
begin routers
begin transports
begin retry
begin rewrite
begin authenticators
#-------------------------------------
# \\\END OF CONFIG FILE///
#-------------------------------------
#-------------------------------------
# ///START OF DOMAINS\\\
#-------------------------------------
example.com:example.com
example.net:example.net
example.org:example.org
#-------------------------------------
# \\\END OF DOMAINS///
#-------------------------------------
--
--EAL--