Well, I do something like that:
accept
authenticated = *
endpass
message = Sending mails from $sender_address_domain is not
permitted
sender_domains = +local_domains
deny
!hosts = : +relay_from_hosts
sender_domains = +local_domains
message = You are not authenticated
log_message = No authentication
The first one accepts authenticated users (using only local domains to
prevent abuse on other domains)
The second one denies everything unless you have passed a former accept
ACL (auth) or are a trusted IP.
Odhiambo Washington wrote:
> Can I do this with just the Exim rules without involving SPF?
> Any clues?
>
> * On 04/07/06 20:54 +0200, Renaud Allard wrote:
> | There is nothing in those headers that suggests they have been
> | authenticated on your servers. They _may_ have been authenticated at
> | 204.9.186.196 (Florida), but nothing 100% sure.
> | Anyway, you should request that everything coming from
> | something@yourdomain is either authenticated, either coming from a
> | trusted or known IP. Many will suggest this is like SPF, and it is a
> | little bit true, but I think this is an acceptable drawback for your own
> | domains.
> |
--
Nikademus
http://www.octools.com
.O.
..O
OOO
PGP key:
http://www.llorien.org/gnupg/key.pub
