Author: Server Craft Date: To: exim-users Subject: [exim] Help with a custom ACL
Hi,
I was directed here by cPanel support after searching pretty much everywhere
for a solution to this problem. I am looking for help with a custom ACL for
restricting incoming mail traffic to specific domains to only come from
specific IP ranges.
Background:
I run a small web hosting service based on cPanel VPS servers. Some of my
clients use hosted spam filtering services such as MXLogic or Postini. To
make mails to those domains only come from their filtering servers, I am
asked to specify IP ranges of the Postini and MXLogic filtering servers in
my email server or VPS firewall so that spammers cannot contact the
mailservers of the domains hosted on my VPS directly and thus bypass the
filtering service.
But, the problem with filtering through my firewall is two-fold:
1. If I restrict mail traffic on Port 25 to come only from certain IP
ranges, it applies to ALL email coming into the server. Thus it would lock
down inbound email independent of domain. Not all the clients on my VPS opt
for such filtering, so this method is unviable.
2. My VPS servers only have a software firewall (CSF) and it's does not
accept host names, only IP addresses.
So, it seems the solution is through a custom ACL for those domains using
hosted spam filtering services. Is there an individual or company that can
provide consulting on this requirement?