RE: [Exim] [Exim4] I'm open relay: How not to be ?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: David Brodbeck
Date:  
À: 'Rakotomandimby Mihamina', exim-users
Sujet: RE: [Exim] [Exim4] I'm open relay: How not to be ?
> -----Original Message-----
> From: Rakotomandimby Mihamina [mailto:mihamina@mail.rktmb.org]


> Hi everybody ,
> http://mihamina.rktmb.org/exim.txt/file_view
> is my configuration file for the moment.
>
> I dont see where in that file do I allow mail from anywhere to be
> relayed, as well as I have :
>
> [...]
> domainlist relay_domains = *
> hostlist relay_hosts = 127.0.0.1 : \
>      ::::1
> hostlist auth_relay_hosts = *
> [...]

>
> According to me, this section only relay mails from the 'lo'
> interface,
> and allow relaying from host who authentified.


You have relay_domains and auth_relay_hosts set to *, which means all hosts.
Then down in your ACLs, you accept any hosts that match those lists:

accept domains = +local_domains
accept domains = +relay_domains
accept hosts = +relay_hosts
accept hosts = +auth_relay_hosts


You need to fix the relay_domains list so it only lists domains you actually
relay mail for (if any). I'm not sure what you're trying to do with
auth_relay_hosts; if you're not sure either, comment out the ACL for it.