[snip]
>>From the default exim conf:
>
> # This access control list is used to determine whitelisted
> # senders and hosts. It checks for CONFDIR/local_host_whitelist
> # and # CONFDIR/local_sender_whitelist.
> #
> # It is meant to be used from some other acl entry.
> #
> # For example,
> # deny message = local blacklist example
> # !acl = acl_whitelist
> # dnslist = some.dns.list.example
> # will allow messages with envelope sender listed in
> # local_sender_whitelist or messages coming in from hosts listed
> # in local_host_whitelist to be accepted even if the delivering
> # host is listed in the dns list.
> #
> # Whitelisting can also be configured by including negative
> # items in the black list. See
> # /usr/share/doc/exim4-config/default_acl for details.
> #
> # If the files do not exist, the white list never matches, which
> # is the desired behaviour.
>
> and from /usr/share/doc/exim4-config/default_acl
>
> Access Control in the default configuration
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> The Debian exim 4 package comes with a default configuration
> that allows flexible access control and blacklisting of sites
> and hosts. The acls involved can be found in
> /etc/exim4/conf.d/acl with the file names
> 20_exim4-config_whitelist_local_deny and
> 30_exim4-config_check_rcpt, thus all rejections of messages due
> to this mechanism happen at RCPT time. Local configuration of
> the mechanisms happen through data files in /etc/exim4, so there
> is normally no need to change the files in the acl subdirectory.
>
> /etc/exim4/local_sender_blacklist contains a list of envelope
> senders whose messages will be denied with the error message
> "locally blacklisted". This is a full exim 4 address list, and
> all available features can be used. This includes negative
> items, and so it is possible to exclude addresses from being
> blacklisted. For convenience, as an additional method to
> whitelist addresses from being blocked, an explicit whitelist is
> read in from /etc/exim4/local_sender_whitelist. Entries in the
> whitelist override corresponding blacklist entries.
>
> In the blacklist, the trick is to read a line break as "or" if
> it follows a positive item, and as "and" if it follows a
> negative item.
>
> For example, a /etc/exim4/local_sender_blacklist
>
> domain1.example
> !local@???
> domain2.example
> domain3.example
>
> Exim just evaluates left to right (or up-down in the file
> listing context), so you don't get the same kind of operator
> binding as in a programming language.
>
> /etc/exim4/local_host_blacklist contains a list of IP addresses,
> networks and host names whose messages will be denied with the
> error message "locally blacklisted". This is a full exim 4 host
> list. Again, negative items can be used here, and there is also
> an explicit whitelist read in from
> /etc/exim4/local_host_whitelist, and whitelist entries override
> blacklistings.
>
> The example access list shipped in
> /usr/share/doc/exim4-config/examples/acl/30_exim4-config_example_check_rcpt
> includes a bunch of dnslists configured to warn and/or deny
> incoming messages. Some of these lists have a corresponding
> whitelist, read in from /etc/exim4/local_$DNSLISTNAME_whitelist
> which allows the local administrator to override dnslist entries
> for domains or IP addresses that should be able to send mail
> despite the dnslist entry.
>
> If you need more info, please consider looking in spec.txt, as it
> explains all of this. Or get Phillip's book on exim4. I did, never
> regretted it (still don't in fact).
Thanks greg! Excellent info, now I have soemthings to look into and try out.
I really appreciate it :)
> --
> greg, greg@???
>
> The technology that is
> Stronger, better, faster: Linux
