Author: modjklist Date: To: exim-users Subject: [exim] is it possible to whitelist specific IP or port 26 to allow
plain-text logins?
Hi, I have two CentOS Linux servers. One server has IP address xxx.xxx.xxx.02 and Exim 4.82 #2, and Cpanel/WHM. The second server xxx.xxx.xxx.01 has a database that sends email through xxx.xxx.xxx.02, and required plain-text login on port 26.
For business reasons I need to disable plain-text logins on port 25.
I see that I can do this by logging into WHM, visiting the Exim Configuration Manager, clicking on the Security tab and turning ON the option for:
Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server.
However, this apparently effects port 26 as well.
I'm wondering if it's possible to configure exim to allow the database at xxx.xxx.xxx.01 to send email through xxx.xxx.xxx.02 with the option turned ON for "Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server".
More specifically, are either of the following 2 workarounds possible?
1. Manually edit /etc/exim.conf file (or use WHM/Cpanel, etc.) to whitelist IP address xxx.xxx.xxx.01 so that this address is allowed to login using plain text login (whereas all other IP addresses are not).
or,
2. Manually edit /etc/exim.conf file (or use WHM/Cpanel, etc.) to whitelist port 26 from the rule turned ON in Cpanel for "Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server", such that this rule does NOT apply to port 26 (but it DOES apply to port 25).