Autor: Magnus Holmgren Data: Para: exim-users CC: Marten Lehmann Assunto: Re: [exim] howto force dns-lookup for local domains
Marten Lehmann wrote: > Hello,
>
>> @mx_primary is a special domain list that matches all domains that have
>> your server as their primary MX. You can use that (or @mx_any, if the
>> users may reasonably use your server as a secondary MX). See section
>> 10.8 of the specification.
>
> but will exim accept mails from smtp-port if these domains are not in
> @mx_primary?
>
No. You will make sure that your ACL's still *only* accept mail to your
local_domains, not any domain not in @mx_(any|primary).
What I had in mind was to check if the domain has an MX record
(preferably the primary one) pointing to your server in the router for
remote mail (which is above the routers for local domains in the
configuration):
hosts_treat_as_local = (list all your mail servers if you have several)
@mx_(any|primary) is not allowed anywhere near your ACL's.
The above will cause remote delivery unless your server is an MX for the
domain in question.
>> However, you still need to make sure that no user can steal the mail
>> from any other user that owns a domain that *does* point to your server.
>
> Each domain belongs to one customer, so within a domain name, it is not
> possible to steal mails. But not all domains our mailserver manages are
> registered through us, so we cannot control if a domain name is entered
> legally or illegally (for hotmail.com it might be obviously that it's
> not legal, but for other domain names it's not that clear and besides
> that we don't create profiles manually but automated, so we cannot check
> each domain that is entered).
OK, so all domains "belong" (locally) to no more than one customer; the
problem is thus not that two customers can insert conflicting
redirections, but that someone can register (within your system) a
domain they don't own? OK, sounds fine in that case.
>> Sounds dangerous in any case. Is it infeasible to manually approve all
>> domains the users want to forward from?
>
> Yes. An external mailserver will only call our mailserver if the
> mx-record points to it, so at this point it wouldn't be a problem if
> hotmail.com would be created on our mailserver, because noone would care
> about it. But if there is an internal forwarding to a hotmail.com
> address, I don't know how to force the dns-lookup step again instead of
> simply lookup in the local domain list.
The above configuration outline should solve that problem. You could
also consider limiting which domains your customers can register, by
requiring that they point the MX record of the domain to your server
before it can be activated. That can be checked automatically.