Odhiambo G. Washington wrote:
> * On 21/09/06 14:33 -0400, Steve Sobol wrote:
> |
> | Exim 4.50, CentOS Linux 4.something
> |
> | I have a mail server that handles a small number of domains, around 20
> | total. Five of those domains are spam-filtered through an external service
> | and mail to those domains should ONLY be delivered through that company's
> | SMTP servers. But I can't just tell exim to stop accepting mail sent
> | directly to it, because that will break a bunch of other domains that
> | AREN'T filtered, for which exim SHOULD accept mail directly.
> |
> | How do I tell Exim to only accept messages handed off from a particular
> | block of IPs, but *only* for certain domains?
>
> You could do this in acl_smtp_rcpt. Something like (off the top of my
> head):
>
> 1. Define the hosts (IPs)
> hostlist allowed_hosts = 1.2.3.4 : 3.4.5.6/30 : a.b.c.d/NN
>
> 2. Define those domains you want to accept mail for as a domainlist.
>
> domainlist those_domains = blah
>
>
> Now, at an early stage in acl_smtp_rcpt:
>
> deny condition = ${if match_domain {${domain:$h_to:}}{+those_domains}}
> !hosts = +allowed_hosts
>
>
> I am not sure how this will deal with cases where recipient is in the CC
> or BCC though.
>
"PUNG" applies.....
"Probably, Usually, Normally, Generally".
A correspondent MTA will not know prior to starting delivery runs that
<domain1>.<tld> and <domain2>.<tld> are hosted on the same virtual server IP, so
will run separate deliveries for the 'To:', 'CC:', Bcc:' not on the same domains.
If QMAIL is involved, ISTR that it will try to make multiple, parallel
connections - one for for each message - anyway, so that one should be no
problem. (well... Qmail might be (mis)taken for a Zombie on a dark night...)
'Prefixes' of course, might throw a spanner into the works....
But the OP's situation - where the entire <domain>.<tld> is to get the same
treatment, should be amenable to any of several methods.
Bill