Re: [exim] Routing: Accept mail from certain hosts

Top Page
Delete this message
Reply to this message
Author: Peter Thomassen
Date:  
CC: exim-users
Subject: Re: [exim] Routing: Accept mail from certain hosts
Am Samstag, den 09.08.2008, 12:08 +0200 schrieb Leonardo Boselli:
> On Fri, 8 Aug 2008, Tony Finch wrote:
> > On Fri, 8 Aug 2008, Peter Thomassen wrote:
> > > stuff; that is already done by the main machine. Therefore I want to
> > > narrow the "mail-in chain" to mail from this trusted machine.
> > I think that kind of access restriction is the job of the access control
> > lists, not the routers.
>
> This ?
> #!!# ACL that is used after the RCPT command
> check_recipient:
>   accept  hosts = :
> #  accept  domains = +local_domains
> #  accept  domains = +relay_domains
>   accept  hosts = +relay_hosts
>   accept  hosts = +auth_relay_hosts
>           endpass
>           message = authentication required
>           authenticated = *
>   deny    message = relay not permitted

>
> so just comment out the accept-domains line and restrict relay_hosts to
> the single authorized machine (possibly add localhost).


I now set up another ACL for acl_smtp_connect which also seems ok:

acl_check_host:
    deny    !hosts    = MAIN_RELAY_NETS
        message    = access restricted


    accept


If there are any objections, please let me know.

BTW, can the ACL "hosts" condition contain subnets like 192.168.1/24?

Thanks,
Peter