Yan Seiner wrote: > Phil Pennock wrote: > >> >> Note that you're just adding an extra rejection step at the start of >> acl_check_rcpt, so if you keep all the rest of that logic the same then >> you won't risk an open mail relay (unless you're already an OMR). >> > Actually, the only thing that's needed is this:
deny hosts = +home_net !authenticated = * set acl_c_denied_by_mail = yes set acl_c_dbm_message = Papers, please. That blocks both 25 and 587 unless the user is authenticated. Submissions to the local domain work fine. Just outgoing email needs an authenticated user. That's pretty neat. --Yan -- Yan Seiner -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/