Re: [exim] Controlling relaying by checking local_part?

Top Pagina
Delete this message
Reply to this message
Auteur: Dave Evans
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] Controlling relaying by checking local_part?
On Thu, Aug 23, 2007 at 10:27:32AM +0200, Sbs Bofh wrote:
> There are now many thousands of orphaned mailboxes in the format
> /vmail/<domain>/zzzoidofiahsc caused by spam and bounces.... so this
> behaviour has got to stop :-)


I'm not sure what you mean by "orphaned" in that context. Are the mailboxes
for domains which you host, or for other domains?

> I've started by configuring the front end server to check local_part against
> a list for the domain. relay_to_domains used to be configured to do lsearch
> to check the domain so I've changed exim.conf to use dsearch:
>
> domainlist relay_to_domains = dsearch;/etc/exim/relay
>
> and I've modified the manualroute router to use dsearch and to check the
> local_parts too:
>
> backendrouter:
>     driver = manualroute
>     domains = dsearch;/etc/exim/relay
>     local_parts = lsearch;/etc/exim/relay/$domain
>     transport = remote_smtp
>     route_list = * backend.server.tld

>
> To stop the frontend server from accepting messages for relay where the
> local_part isn't defined in /etc/exim/relay/domain do I need to configure a
> dsearch in acl_check_rcpt check too? If so, how?


And you're manually maintaining the contents of the /etc/exim/relay/$domain
files, presumably.

All looks sensible. Basically what you need to do is:

1. Ensure that good addresses are routable, and that bad addresses are not.
Use "exim -bt" (on the front end server) to test this. You probably want to
test at least four types of addresses:

* goodlocalpart@???
* badlocalpart@???
* any address at a known, external domain (e.g. exim-users@???)
* any address at a non-existent domain (e.g. test@???)

2. Make sure your acl_smtp_rcpt includes "require verify = recipient"
somewhere.

--
Dave Evans
Power Internet Limited, registered in England #03053650 at Norfolk House,
82 Saxon Gate West, Central Milton Keynes, Buckinghamshire, MK9 2DL.
For more information, see http://www.powernet.co.uk/~davide/about-powernet