I use a local Barracuda filter and this is what I ended up with in my Exim configuration.
I created two files, one to list the filtered domains, and the other to list allowed IP's to accept the filtered domain E-mails from. In my exim.conf after the other localdomains lists and stuff I added this. hostlist barracuda_hosts = net-lsearch;/etc/barracudaip : \ net-lsearch;/etc/relayhosts domainlist barracuda_domains = lsearch;/etc/barracudadomains Then in the check_recipient block after 'accept hosts = :' line I added these lines. deny !hosts = +barracuda_hosts domains = +barracuda_domains message = Please use the domain MX record So when a new domain gets the filter treatment, I just add it to my /etc/barracudadomains file. Chuck -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Cage Sent: Thursday, January 03, 2008 2:30 PM To: [email protected] Subject: Re: [exim] only allowing certain IPs based on domain name Dave That looks exactly what we're wanting. Basically we point our MX records to this spam filtering company and then they push the (cleaned) mail to us. We need to do it only for certain domains though, not server-wide. I'll have a read of the link you sent, so thanks for this John ----- Original Message ---- From: Dave Evans <[EMAIL PROTECTED]> To: John Cage <[EMAIL PROTECTED]> Cc: [email protected] Sent: Thursday, January 3, 2008 7:47:37 PM Subject: Re: [exim] only allowing certain IPs based on domain name On Thu, Jan 03, 2008 at 11:09:20AM -0800, John Cage wrote: > We're using an external spam filtering company for some of our domains (but > not all). They have provided us with the IP addresses that their servers use > and have suggested that we allow incoming mail from these addresses, but > block all other - but only for these domains (obviously). I've searched for > this, but in vain, and any help would really be appreciated So do the MXs for those domains point to this other spam filtering company, not to you? And then they deliver the mail to you based on some nominated hostname (i.e. not MXs)? If so, DNS TTLs permitting, you'll want to permanently reject (deny) attempts by others to send mail to those domains. In general, something like deny domains = somedomain.example.com hosts = !spamfilteringserver.example.net message = Relaying denied placed appropriately in your RCPT ACL should do the trick. For more information, read http://www.exim.org/exim-html-current/doc/html/spec_html/ch40.html#SECTaclco nditions , especially "domains = <domain list>" and "hosts = <host list>". -- Dave Evans http://djce.org.uk/ http://djce.org.uk/pgpkey ____________________________________________________________________________ ________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/ -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
