On Mar 26, 2007, at 6:49 PM, Michael Rouba wrote:
> The client authentication is by the net it comes from. > The user authentication is by the username:password combination Ok. Bit of a strange way of naming, but I see where you're going with this. There usually isn't really a distinction between a client and its user. > > in the first case i can send mail via a client from a relay allowed > net, but without giving any login. > in the second cas i can send mail via any client from any net, but > only, if the user who sends, exists on the system and authenticates > via login. Sounds regular. > well, maybe i missunderstood something. I removed the asterix, as > you told me to do, and checked, if the authenticators at the end of > the exim4.conf.template are without any comments #. I'll assume for a bit that you aren't an ISP with an entire subnet under your control. That means you can't authenticate clients by their IP-address. You need authentication for that, which the user provides. The point of dc_relay_nets (and the exim relay_from_hosts list it maps to) is that any IP-address on it may use the server for relaying e-mail to anywhere. So if you have clients with static IP-addresses, or have a subnet (or multiple) under your control, define those there and then clients from IP-addresses on the list will be able to use your server for relaying without authentication. Setting that as an asterisk means you allow anyone on the internet to relay, which is a Very Bad Idea, and will get you blocked just about anywhere. > But then the system tells me "relay not permitted", when i try to > send over a client with a dynamic ip-address. For clients with dynamic addresses that are in subnets out of your control (and thus not listed in dc_relay_nets), you /must/ use authentication. Exim by default allows authenticated clients to use the server for relaying. -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
