Auteur: Oliver von Bueren Datum: Aan: exim-users Onderwerp: Re: [exim] Force all local senders to authenticate
Marc Sherman wrote: > Odhiambo Washington wrote:
>
>> Hello list,
>>
>> My knowledge of Exim got rusty a bit:)
>>
>> I'd like to achieve two conditions within exim:
>>
>> 1. I'd like to force all local senders (+relay_from_hosts) to
>> authenticate before they can send out mail
>>
>
> Just remove any mention of +relay_from_hosts from your config entirely,
> and only accept messages either for local delivery or from authenticated
> senders in your rcpt acl.
>
> And also make sure that local deliveries are only allowed either from
authenticated senders OR non-local senders.
Put that the other way round, don't accept local senders outside of
authenticated sessions.
I do this by separating the MUA submissions and inbound messages. MUA on
port 587 and normal inbound SMTP on port 25. Adding TLS/SSL as an
option, if you like to.
On 587 only authenticated sessions are ever allowed to send any messages
and on port 25 no messages are allowed to be sent with a sender address
out of a local domain.