I use a local Barracuda filter and this is what I ended up with in my Exim
configuration.
I created two files, one to list the filtered domains, and the other to list
allowed IP's to accept the filtered domain E-mails from.
In my exim.conf after the other localdomains lists and stuff I added this.
hostlist barracuda_hosts = net-lsearch;/etc/barracudaip : \
net-lsearch;/etc/relayhosts
domainlist barracuda_domains = lsearch;/etc/barracudadomains
Then in the check_recipient block after 'accept hosts = :' line I added
these lines.
deny
!hosts = +barracuda_hosts
domains = +barracuda_domains
message = Please use the domain MX record
So when a new domain gets the filter treatment, I just add it to my
/etc/barracudadomains file.
Chuck
-----Original Message-----
From: exim-users-bounces@??? [
mailto:exim-users-bounces@exim.org] On
Behalf Of John Cage
Sent: Thursday, January 03, 2008 2:30 PM
To: exim-users@???
Subject: Re: [exim] only allowing certain IPs based on domain name
Dave
That looks exactly what we're wanting. Basically we point our MX records to
this spam filtering company and then they push the (cleaned) mail to us. We
need to do it only for certain domains though, not server-wide. I'll have a
read of the link you sent, so thanks for this
John
----- Original Message ----
From: Dave Evans <exim-users-20071221@???>
To: John Cage <johnc8117@???>
Cc: exim-users@???
Sent: Thursday, January 3, 2008 7:47:37 PM
Subject: Re: [exim] only allowing certain IPs based on domain name
On Thu, Jan 03, 2008 at 11:09:20AM -0800, John Cage wrote:
> We're using an external spam filtering company for some of our
domains (but
> not all). They have provided us with the IP addresses that their
servers use
> and have suggested that we allow incoming mail from these addresses,
but
> block all other - but only for these domains (obviously). I've
searched for
> this, but in vain, and any help would really be appreciated
So do the MXs for those domains point to this other spam filtering
company,
not to you? And then they deliver the mail to you based on some
nominated
hostname (i.e. not MXs)?
If so, DNS TTLs permitting, you'll want to permanently reject (deny)
attempts
by others to send mail to those domains. In general, something like
deny
domains = somedomain.example.com
hosts = !spamfilteringserver.example.net
message = Relaying denied
placed appropriately in your RCPT ACL should do the trick. For more
information, read
http://www.exim.org/exim-html-current/doc/html/spec_html/ch40.html#SECTaclco
nditions
,
especially "domains = <domain list>" and "hosts = <host list>".
--
Dave Evans
http://djce.org.uk/
http://djce.org.uk/pgpkey
____________________________________________________________________________
________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now.
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
--
## List details at
http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/