[exim] Encrypted for Some, Plain for the Rest

Top Page
Delete this message
Reply to this message
Author: Terrance Devor
Date:  
To: exim-users
Subject: [exim] Encrypted for Some, Plain for the Rest
Hello Everyone

I am trying to accomplish a few things with Exim.

1) All authentication (ie, passing of username and password) should be done
over SSL/TLS port 465. Attempts to pass username and password over port
25 will result in deny, error message returned to the MTA, and log

2) When relaying

Assume our local domain is example.com

(i) user1@???    ----> (465)  Exim  (465) ------> user2@???
(ii) user1@???    ----> (465)  Exim  (25) ------>
ter.devor@??? etc...
(iii) ter.devor@??? ------> (25)    Exim  (465) ------>
user1@???


Any attempt to relay email from within the local domain (ie, i and ii) on
port 25 should result in
deny, error message returned to the MTA, and log.

I did find something similar here
http://www.gossamer-threads.com/lists/exim/users/102588
where I included this block of code:

accept
authenticated = *
encrypted = *
deny

The problem was (iii) messages got burned and did not reach
user1@???.
I neededed a little more process. Basically all relays to and from Exim
from within the local
domain should be done on 465 otherwise deny, error message returned to the
MTA, and log.
All relays from outside to exim will be accepted on the standard port (25)
but the relay to the local domain user will be don on 465.

Your help is greatly appreciated..

Terrance.