Re: [exim] RELAY NOT PERMITED exim4

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MSebastian at <-
MSebastian at ->
Delete this message
Reply to this message
Author: Odhiambo Washington
Date:  
To: Sebastian
CC: Mailing List, Douba Samuel DIARRA
Subject: Re: [exim] RELAY NOT PERMITED exim4
@Sebastian,
If you live in a world where IPs are dynamic, then you will understand my
point.
There is no real benefit of restricting auth to particular IPs, IMHO.
If you must restrict AUTH to just a few IPs, then you actually don't need
that overhead.
Just put them in relay_from_hosts and you are good.


On Wed, Apr 21, 2021 at 1:55 PM Sebastian via Exim-users <
exim-users@???> wrote:

> But its still good to use "auth_advertise_hosts" to restrict which hosts
> that are permitted to authenticate in addition to this.
> Else you will get bots that hack the password and then spam with your
> server.
>
> In auth_advertise_hosts, you can use CIDR notation (like 123.123.123.0/24)
> to allow large amounts of hosts in case of dynamic IP or mobile terminals.
>
> So authenticated SMTP should still be IP restricted since there is bots out
> there guessing passwords (and hitting the right passwords sometimes and
> gaining access)
>
> -----Ursprungligt meddelande-----
> Från: Odhiambo Washington via Exim-users <exim-users@???>
> Skickat: den 21 april 2021 12:36
> Till: Douba Samuel DIARRA <doubasamuel@???>
> Kopia: exim-users@???
> Ämne: Re: [exim] RELAY NOT PERMITED exim4
>
> On Wed, Apr 21, 2021 at 1:24 PM Douba Samuel DIARRA via Exim-users <
> exim-users@???> wrote:
>
> > Hello
> > I was using Exim 4, in office (differents sites) but I was using vsat
> > system for interconnecting sites. I put private adresses to configure
> > exim in differents sites.
> > Since I published my servers on internet, I have this kind of error
> > message and i cannot send mails. the message is : RELAY NOT PERMITED
> >
> > Need some advices please
>
>
>
> Instead of relying on IP addresses for relaying (as should be listed in
> relay_from_hosts) it is better to use ASMTP ad the condition for relaying.
> So just set up authenticated SMTP and let users enable the same on their
> MuA
> and you are good to go.
>
> --
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254 7 3200 0004/+254 7 2274 3223
> "Oh, the cruft.", grep ^[^#] :-)
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>


--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", grep ^[^#] :-)
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] Exim4 using libsecret, secret-tool or keyring?Re: [exim] RELAY NOT PERMITED exim4->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)