AIM:
----
I want to stop any hosts that I don't explicitly allow from accessing my
SMTP server.
BACKGROUND:
-----------
The MX records for my domains point to an external screening/filtering
service. This then relays the mail to my Exim server that contains the
mailboxes. I also receive local mail on the server from cron jobs and web
applications.
The server also acts as our SMTP server, allowing connection from any host
but only for authenticated users.
At the moment, spammers are connecting directly to the Exim server, setting
both the sender and recipient addresses to be on local domains and these
mails are then delivered to the local mailboxes.
As all external mail received should be routed through the servers specified
in the MX records, I want to prevent anyone except our authenticated users
and the external screening server from being able to send mail using our
SMTP server.
CURRENT SETUP:
--------------
The server uses CPanel/WHM and has the default CPanel exim.conf
(
http://www.cpanelplanet.com/showthread.php?p=59). The only change I have
made to this default config is to add an extra lsearch;/path/to/file to the
relay_hosts hostlist - this file contains the IP addresses used by our
external screening service so as to allow them to relay mail to us.
MY ATTEMPTS TO ACHIEVE THIS SETUP:
----------------------------------
1. I considered adding deny hosts = !+relay_hosts at the top of the
check_recipient ACL (after accept hosts = : and require verify = sender).
From what I can see however, this would prevent our authenticated users on
unknown hosts from using the SMTP server because it would come before:
warn message = ${perl{popbeforesmtpwarn}{$sender_host_name}}
hosts = +relay_hosts
accept hosts = +relay_hosts
warn message = ${perl{popbeforesmtpwarn}{$sender_host_address}}
condition = ${perl{checkrelayhost}{$sender_host_address}}
accept condition = ${perl{checkrelayhost}{$sender_host_address}}
2. I also considered creating an acl_smtp_connect ACL. I expect this would
have the same problem as the above in that authenticated users on unknown
hosts would be rejected before being their access credentials were checked.
I also found a mail in the archives
(
http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20040913/msg00088.
html) suggesting this may be a bad idea as connection refusal could anger
spammers, triggering attacks.
CAN YOU HELP?:
--------------
I'd be very grateful for any advice on how to best achieve this.
Thanks for your time in reading this (lengthy) mail.
Regards,
Edward