Re: [exim] Add a whitelist for senders to skip auth check

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MCyborg at <-
MDamon Hill at ->
Delete this message
Reply to this message
Author: Damon Hill
Date:  
To: Sebastian Nielsen, exim-users
Subject: Re: [exim] Add a whitelist for senders to skip auth check
You mean to allow eg. [1]web@??? to send unauthenticated mail
from the web or [2]owner@??? to receive it?

How can I convert that to exim config?

On 8/5/20 10:35, Sebastian Nielsen via Exim-users wrote:

One way you could do it, is to allow unauthenticated email but only to
recipient [3]owner@??? which would make your server kind of
"single-adress relay" which could be acceptable.
And also check for senders, to avoid spam, then a spammer must spoof the
sender adress AND also send to your approved recipient adress.

-----Ursprungligt meddelande-----
Från: Damon Hill via Exim-users [4]<exim-users@???>
Skickat: den 8 maj 2020 14:13
Till: Exim Mailing List [5]<exim-users@???>
Ämne: [exim] Add a whitelist for senders to skip auth check

Hello,

I need to whitelist domains from a list (with wildcards) in Exim's ACL
to avoid auth SMTP checking for domains hosted in this server.

My server, say SERVER A, hosts e-mail for coolstore.com domain, but the
web is hosted by SERVER B (which uses several servers for mailing). I
need to exclude from Exim SMTP auth checking in Server A:
smtp1.serverb.com, smtp2.serverb.com, [6]mailer@??? and
*.serverb2.com.

The problems is that when the web application (hosted by ServerB) tries
to send an (unauthenticated) email from [7]sells@??? to
[8]owner@??? it fails with message: '550 smtp auth requried (in
reply to RCPT TO command)'

I've got the ACL: 

    deny    message       = smtp auth requried
            sender_domains = +local_domains
            !authenticated = *


but i cannot make it exclude these domains from the checking.

I tried adding this to ACLs: 

    accept  condition     =
${lookup{\$sender_address}nwildlsearch{/etc/exim/senders-whitelist.
conf}{yes}}


where /etc/exim/senders-whitelist.conf contains: 

    smtp1.serverb.com
    smtp2.serverb.com
    [9]mailer@???
    *.serverb2.com


But it didn't work. What am I doing wrong?

Thank you in advance for your help!

References

1. mailto:web@coolstore.com
2. mailto:owner@coolstore.com
3. mailto:owner@coolstore.com
4. mailto:exim-users@exim.org
5. mailto:exim-users@exim.org
6. mailto:mailer@serverb.com
7. mailto:sells@coolstore.com
8. mailto:owner@coolstore.com
9. mailto:mailer@serverb.com
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Add a whitelist for senders to skip auth checkRe: [exim] Add a whitelist for senders to skip auth check->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)