>> is there an efficient hack to double map the inbound ip to see if it is
>> google or yahoo?
>
> gmail publish an SPF record, so you can whitelist them that way....
>
> accept domains = +spf_whitelist_domains
> spf = pass
>
> set the domainlist spf_whitelist_domains up with those domains whose
> SPF record you want to use for whitelist purposes.Eg
>
> domainlist spf_whitelist_domains = gmail.com : googlemail.com
>
> (This use of SPF is immune from the standard argument about breaking
> forwarding. It does depend on Google keeping their SPF record up to
> date, though.)
for the archive, per
http://wiki.exim.org/SPF
make and install /usr/ports/mail/libspf2
then hack exim with this patch run in /usr/ports/mail/exim
*** files/patch-src::EDITME~ Thu Oct 9 17:23:06 2008
--- files/patch-src::EDITME Fri Nov 14 08:29:06 2008
***************
*** 69,74 ****
--- 69,87 ----
#------------------------------------------------------------------------------
+ @@ -348,9 +348,9 @@
+ # installed on your system (
www.libspf2.org). Depending on where it
is installed
+ # you may have to edit the CFLAGS and LDFLAGS lines.
+
+ -# EXPERIMENTAL_SPF=yes
+ -# CFLAGS += -I/usr/local/include
+ -# LDFLAGS += -lspf2
+ +EXPERIMENTAL_SPF=yes
+ +CFLAGS=-DSPF -I/usr/local/include
+ +EXTRALIBS_EXIM=-L/usr/local/lib -lspf2
+
+ # Uncomment the following lines to add SRS (Sender rewriting scheme)
support.
+ # You need to have libsrs_alt installed on your system (srs.mirtol.com).
@@ -372,6 +375,8 @@
then make and reinstall exim
randy
