> i run 2 exim4 instances, one on port 25, and another for
> amavis at 10025. I can only bind to the "world" interface,
> not localhost. No i need just a acl that blocks all request
> to port 10025 if they are not from a IP (lets say
> 123.123.123.123). no filtering should be done on port 25 at all.
Or use packet filtering in
- router
- kernel firewall
which doesn't accept Exim's configuration and make load for Exim.
But on other exim with port 10025 use acl like this with is own configuration file
acl_smtp_connect=connect_acl
connect_acl:
accept hosts = 123.123.123.123
deny
Or if both exims share same configuration file (works also with previous case but first example is much simpler)
deny message = Denied because wrong instance
!hosts = 123.123.123.123
condition = ${if eq{{$interface_port}{10025}}{yes}{no}}
However these configurations are not tested, just guidelines what can be done.
See manual:
http://www.exim.org/exim-html-4.40/doc/html/spec.html
can search for "hosts". It was working examples with DBM file lookups and static hosts. Also hostlists can be used to define many hosts.
