Re: [exim] Experimenting with SMTP auth...

Top Page
Delete this message
Reply to this message
Author: Mike Cardwell
Date:  
To: exim-users
Subject: Re: [exim] Experimenting with SMTP auth...
* on the Thu, Jan 02, 2014 at 11:29:22AM +0100, Marco Gaiarin wrote:

> I'm doing some exercise with exim (4.80-7, debian wheezy) enabling SSMTP
> (port 465) and authentication.
> Final objective is to open port 465 to all the net, protecting it with some
> stuff like fail2ban.
>
> With my first experiment, seems that exim reject lately the email (even
> without auth), simply does not route them (relay denied).
>
> There's some way to insert, very early, an ACL that simply reject email if
> unauthenticated, and only for port 465 (port 25 used only for internal
> traffic)?
>
>
> I've tried to find on the net something about that but probably i'm missing
> some keyword...


In your "acl_smtp_mail" section:

  deny condition      = ${if !eq{$received_port}{25}}
       !authenticated = *
       message        = Port $received_port requires authentication


-- 
Mike Cardwell  https://grepular.com/     http://cardwellit.com/
OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3  B0CF 70A5 F512 0018 461F
XMPP OTR Key   8924 B06A 7917 AAF3 DBB1  BF1B 295C 3C78 3EF1 46B4