Mailing List Archive

Restrict incoming mail to spam filter and authenticated users
There used to be a hack/tweak for this years ago.  It's found on the wayback machine here:



https://web.archive.org/web/20110729131804/http:/www.sant-media.co.uk:80/2010/03/how-to-configure-exim-to-receive-email-for-domain-only-from-specific-ip-addresses#more-360



The last time I tried that, I believe it broke things badly.



We still are looking for the right code to use in Exim to limit incoming mail to 



1) the domains we serve -- have that

2) authenticated SMTP users who use Outlook or whatever

3) just ONE other IP address, the spam filter for our network



Ideally, drive by spammers and anyone attempting to send mail TO our users would be blocked completely from accessing the SMTP server with a message like, "This server does not accept mail directly.  Use the MX server."



Can anyone offer some advice on what to use in the current version of Exim?  The solution above used to work, but in the iteration of versions, it seems to have been outdated somehow.  If we're simply putting things in the wrong place now, finding the right location would be appreciated.



--

Craig Thompson, President

Caldwell Global Communications, Inc.



--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Restrict incoming mail to spam filter and authenticated users [ In reply to ]
* Craig Thompson via Exim-users [2018-10-10 18:11]:
[...]
> We still are looking for the right code to use in Exim to limit incoming mail to 
>
> 1) the domains we serve -- have that
>
> 2) authenticated SMTP users who use Outlook or whatever
>
> 3) just ONE other IP address, the spam filter for our network
>
> Ideally, drive by spammers and anyone attempting to send mail TO our
> users would be blocked completely from accessing the SMTP server with
> a message like, "This server does not accept mail directly.  Use the
> MX server."
>
> Can anyone offer some advice on what to use in the current version of
> Exim?  The solution above used to work, but in the iteration of
> versions, it seems to have been outdated somehow.  If we're simply
> putting things in the wrong place now, finding the right location
> would be appreciated.

If you want your Outlooks to connect, you could put this in RCPT ACL:

deny
message = This server does not accept mail directly. Use the MX server.
!hosts = IP-OF-MX-HOST-HERE

This will deny for all hosts which are not that single IP address.

And where to put it will depend on the rest of your ACL configuration.
It would be helpful if you shared it.

Greetz
Kirill

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/