Autor: Peter Bowyer Data: A: Exim Users Mailing List Assumpte: Re: [exim] Unique Relaying Problem
On Wed, 19 Jan 2005 11:35:30 -0600, Bill Gade <bgade@???> wrote: > I have recently consolidated two email servers into one bigger email server.
> The new server has its own new IP, to make things simpler for a few thousand
> users, I used Xinet to forward requests coming to the old servers to the new
> one. It all works great... except:
>
> I trust the servers on my local IPs, and when an outside user connects to
> one of the old boxes and is forwarded, the new box sees the connection as a
> local connection instead of an outside user - that bypasses the normal relay
> filtering and I am now a semi-open relay.
>
> Does anyone have experience with how to plug that hole? I can remove the
> trust for those machines, but then local users can't send email to far away
> places if they still use the older ip addresses.
>
> Thanks for any thoughts you have.
You don't say what OS you're using... but it should be possible to
take over the old IPs as aliases on the new server. That way it
responds directly to the people who address it at the old addresses,
and you can apply ACL rules as usual.