Re: [exim] ACL question

Top Page
Delete this message
Reply to this message
Author: Stephen Gran
Date:  
To: exim-users
Subject: Re: [exim] ACL question
On Sun, Jun 08, 2008 at 02:49:52AM +1000, Farhan Ahmed said:
> Hello Guys,
>
> I am scratching my heads over 3 days and couldnt find answer yet. So, you
> guys are my last hope now. We are running exim , IMAP and mysql on one
> box. I must have to accept
>
> local_domains and local_hosts in ACL. But still anyone can send email to my
> domain users via telnet 25 other than relay. How can I solve this issue.


As others have pointed out, this is how internet mail works. But I see
a perhaps unspoken assumption in your email that all email comes from a
particular relay machine? If so, either firewall port 25 to only allow
access from that machine, or (better) do that and add something like:

deny !hosts = : 127.0.0.1 : +relay_hosts : +inbound_relay

before any of the accepts. This can even go earlier than the rcpt time
checking if you like - acl_smtp_connect would be fine.
--
--------------------------------------------------------------------------
|  Stephen Gran                  | Research is to see what everybody else  |
|  steve@???             | has seen, and think what nobody else    |
|  http://www.lobefin.net/~steve | has thought.                            |

--------------------------------------------------------------------------