Re: [exim] Accept local mail only from certain IP or auth

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MRandy McAnally at <-
MRandy McAnally at ->
Delete this message
Reply to this message
Author: Dirk GROSSE OSTERHUES
Date:  
To: Randy McAnally
CC: exim-users
Subject: Re: [exim] Accept local mail only from certain IP or auth
Hello Randy,


On 20/5/09 15:50, Randy McAnally wrote:
> Hello all,
>
> I need an exim server to only accept local mail from a content filter
> (two IPs) and not the entire internet. Right now, a spammer can
> figure out the exim server's IP and bypass the content filter. [...]
> Is there a way to force exim to accept local mail only from the
> content filter if it is not authenticated?

You might want to have a look at the variable "relay_from_hosts" in
exim4.conf. Usually, hosts (i.e. IPs) in that list are allowed to relay
without authentication by ACL:

accept hosts = +relay_from_hosts

In addition, if you use TLS for authentication you might want to exclude
the IPs of your content filters from TLS advertise:

tls_advertise_hosts = !+relay_from_hosts


Regards

Dirk

--
Dirk große Osterhues <digo@???>
* Hochschulstrasse 10, Room E322, D-64289 Darmstadt
* Tel: ++49 (6151) 16-6634, Fax: ++49 (6151) 16-5482
* PGP-Key-Fingerprint: E92F410DFF8DABA78B6804A75A426BA67F8FAC70

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] 1/2 OT - fighting image spamRe: [exim] Exchange replacement->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)