Author: Mike Meredith Date: To: exim-users Subject: Re: [exim] Punishing malformed HELO at acl_smtp_rcpt level?
Sometime around Wed, 10 Jan 2007 11:45:13 +0000, it may be that Ian
Eiloart wrote: > > acl_smtp_rcpt = check_recipient_${if eq {$interface_port}{25}
> > {mta}{msa}}
>
> What about people doing message submission on port 25? The fact that
> you provide port 587 for MSA doesn't mean that people are bound to
> use it.
I provided an example of how *I* do it, and we do insist that people do
message submission on 587 (and 465) ... we've long maintained that we
do not support users submitting directly to tcp/25 because of the
stringent checking that goes on there.
> We provide MSA on a different set of IP addresses. It certainly keeps
> our MSA logs clear of spam rejections, cos spammers don't even
> attempt to connect to our MSA server - even on port 25!
You could still do different ACLs for different interface addresses.
--
Mike Meredith, Senior Informatics Officer
University of Portsmouth: Hostmaster, Postmaster and Security
"Why are we hiding from the police, daddy?"
"Because we use vi, son, and they use emacs."