RE: [exim] smtp_connect acl

Top Page
Delete this message
Reply to this message
Author: jori.hamalainen
Date:  
To: Exim-users
CC: 
Subject: RE: [exim] smtp_connect acl

> i run 2 exim4 instances, one on port 25, and another for
> amavis at 10025. I can only bind to the "world" interface,
> not localhost. No i need just a acl that blocks all request
> to port 10025 if they are not from a IP (lets say
> 123.123.123.123). no filtering should be done on port 25 at all.


Or use packet filtering in
- router
- kernel firewall
which doesn't accept Exim's configuration and make load for Exim.

But on other exim with port 10025 use acl like this with is own configuration file

acl_smtp_connect=connect_acl

connect_acl:
accept hosts = 123.123.123.123
deny

Or if both exims share same configuration file (works also with previous case but first example is much simpler)

deny message = Denied because wrong instance
     !hosts = 123.123.123.123
     condition = ${if eq{{$interface_port}{10025}}{yes}{no}}


However these configurations are not tested, just guidelines what can be done.

See manual:
http://www.exim.org/exim-html-4.40/doc/html/spec.html

can search for "hosts". It was working examples with DBM file lookups and static hosts. Also hostlists can be used to define many hosts.