Re: [Exim] disabling outgoing mail

Top Page
Delete this message
Reply to this message
Author: Fred Viles
Date:  
To: exim-users
Subject: Re: [Exim] disabling outgoing mail
On 8 Jul 2004 at 14:47, vadik wrote about
    "Re: [Exim] disabling outgoing mail":


| Fred Viles wrote:

|
| > Just put this at the *top* of your acl_smtp_rcpt and acl_not_smtp
| > ACLs:
| >
| >     deny    message = No non-local delivery
| >        !domains = +local_domains
| >
| > Alternatively, if you have no routers configured for non-local
| > delivery the "verify = recipient" clause you probably already have in
| > your ACLs should do the trick.
| >
| I am using debian, so I have
| acl_smtp_rcpt = acl_check_rcpt
| acl_smtp_data = acl_check_data


Those statments specify the names of the ACLs. So "the top of your
acl_smtp_rcpt" ACL would mean just after the start of the ACL named
"acl_check_rcpt", which is defined further down in your exim.conf:

# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.

acl_check_rcpt:

# Added to deny all outgoing via SMTP, even from the local network:

    deny    message = No non-local delivery
        !domains = +local_domains


| should I define acl_smtp_rcpt explicitly?


You already have, just add the new deny clause at the top of it.

| I am trying to get to the
| point that any SMTP connection would give "relay not permitted", and
| removing router would not get me there.


It should do, if you haven't deleted the "verify=recipient" from the
standard sample configuration. But explicitly denying in the rcpt
ACL is more straightforward.

BTW, just because your ISP blocks ports 25 and 465 doesn't mean you
can't relay off your exim server. You could configure it to listen
on a non-standard port.

- Fred