On Fri, Jul 09, 2010 at 06:38:48PM +0100, Juan Canham wrote: > I want to put a rule in my ACLs that will deny relaying from/to the same > domain. All the server does is relaying so all the allowed domains are in > dc_relay_domains. I think I want to put something like > > Drop $sender_address_domain= $domain in the acl_smtp_connect ACLs > > Is that the right rule and is that the right place to put it?
If you want to compare the sender's address to the recipient's, then the ACL
will need to be at acl_smtp_rcpt time (or possibly later); something like
deny
condition = ${if eq{$domain}{$sender_address_domain}}
message = I don't like the look of you
should work.
That said, in the *general case* this can definitely end up blocking legit
mail, so personally I wouldn't use it. Whether it would do so for your
*specific* case though, I can't say.
Other approaches may well be worth the extra effort (e.g.: have Exim as the
MX, with spam filtering, with the Exchange servers behind; or only activate
the dumb relay servers if the Exchange server goes down).
Having a lower-priority MX server which has spam filtering inferior to its
higher-priority counterparts tends to produce disappointing results.
--
Dave Evans
http://djce.org.uk/
http://djce.org.uk/pgpkey
signature.asc
Description: Digital signature
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
