Re: [Exim] authenticated hosts + sbl-xbl

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Stephen Gran
日付:  
To: exim-users
題目: Re: [Exim] authenticated hosts + sbl-xbl
On Wed, Jun 23, 2004 at 07:28:33PM +0100, Peter McEvoy said:
> On Wed, Jun 23, 2004 at 11:39:02PM +0530, Suresh Ramasubramanian wrote:
> > <quote who="Peter McEvoy">
> > > Tried that, seems to have the negative side effect of making my system
> > > an open relay.
> > How come?
> Have a look at this -
>
> morbo:/etc/exim4# exim -bh 194.46.13.1
> 220 morbo.yerma.org ESMTP Exim 4.30 Wed, 23 Jun 2004 19:16:44 +0100
> mail from: test@???
> 250 OK
> rcpt to: test@???
> >>> using ACL "check_recipient"
> >>> processing "accept"
> >>> check hosts = +auth_relay_hosts
> >>> host in "*"? yes (matched "*")
> >>> host in "+auth_relay_hosts"? yes (matched "+auth_relay_hosts")
> >>> accept: condition test succeeded
> 250 Accepted


That's because you have a
hostlist auth_relay_hosts = *

somewhere. If you need the hostlist, then it should be used for
something, but a hostlist that expands to * doesn't seem helpful for
querying in acl's.

I think what you are trying to do is only relay if authenticated, and
offer auth to all, correct? You want a
accept authenticated = *

early in your acl's, and you want to set up server side auth, so that it
is advertised. I would think that's all you need to do.
--
--------------------------------------------------------------------------
|  Stephen Gran                  | After all, all he did was string        |
|  steve@???             | together a lot of old, well-known       |
|  http://www.lobefin.net/~steve | quotations.   -- H.L. Mencken, on       |
|                       | Shakespeare                             |

--------------------------------------------------------------------------