On 2011-02-10 at 22:53 +0100, Frank Elsner wrote:
> On Thu, 10 Feb 2011 13:31:24 +0000 Janelle Bourne wrote:
> >
> > Hi all,
> >
> > I have a pretty standard exim conf set up on FreeBSD (Exim version 4.71), system aliases (or groups) are configured thus:
> >
> > system_aliases:
> > driver = redirect
> > allow_fail
> > allow_defer
> > data = ${lookup{$local_part}lsearch{/etc/aliases}}
> > user = mailnull
> > group = mail
> > file_transport = address_file
> > pipe_transport = address_pipe
> >
> > I would like to limit senders to these groups/aliases to only local addresses (i.e. sender1@???, othersender@???... but _NOT_ outsider@???).
> > How can I do this?
>
> 1st If not already done, define "domainlist local_domains = <domains local for your system>"
> 2nd Insert "domains = +local_domains" into router "system_aliases"
No, "domains =" restricts the *recipient* domain. As I read the OP,
they are asking for restricting based on the *sender* domain.
Janelle: I'll answer what was asked, but you do know that this is not a
security measure, right? Since the sender domain is *trivial* to fake.
However, in combination with controls on accepting mail which claims to
be from your domain (eg, IP addresses, DKIM signed, etc) it might become
a somewhat fragile security control.
You want the "senders" option, from chapter 15, "Generic options for
routers":
http://www.exim.org/exim-html-current/doc/html/spec_html/ch15.html
senders = *@mydomain.com
-Phil
