Magnus Holmgren wrote: > Tuesday 23 May 2006 22:57 Mark Menzies wrote: > >> I have the following set in my config: >> >> hostlist relay_from_hosts = 127.0.0.1 : x.x.x.160/29 >> >> with the subnet belonging to me. I am led to believe that this is the >> best way to limit access to my server but I have hit this problem. >> >> When I start my server, I can access the mail and even send mail over >> command line from ANY host. Mail is accepted and delivered fine. >> >> Is there another setting I need to configure along with the >> relay_from_hosts? Is this in any way related to the acl_check_rcpt >> settings too? >> > > Yes, the relay_from_hosts hostlist in itself does nothing, it's just the list > of hosts that are allowed to relay in the default configuration. It is > referenced in the acl_check_rcpt acl of the default config: > > accept hosts = +relay_from_hosts > control = submission > > If the "hostlist relay_from_hosts" line is the only thing you have changed, > you should be safe. Are you saying that you can telnet in to port 25 of your > server from any host on the internet and send mail to any domain? > Yes I can telnet onto my server on port 25 from any host and send mail!!! This is why I am concerned. I also have another issue with iptables that says it is blocking port 25 from all but a select set of IPs, but still allows traffic through, This I can deal with outwith this list, but any assistance on locking down my server will be useful. :)
Thanks Mark -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
