On Mon, 06 Oct 2008 23:46:29 -0400, Exim List <[EMAIL PROTECTED]> wrote: >While a firewall solution might seem the logical choice, it isn't here. > The reason is that the users in each domain need to be able to see >mail.abc.com or mail.xyz.com as their outgoing SMTP server which they >relay through via SMTP auth.
It is generally a bad idea to run outgoing and incoming mail on the same host names for exactly this reason: It prevents you to take different routing/filtering approaches on the IP level, and - in times of higher load - prevents you from separating these functions to different machines. >So, I need to know how to disable the ability to receive mail for local >domains EXCEPT from a trusted source (the spam appliance box). Further, >I need to allow SMTP AUTH clients to relay mail through their respective >domains. Define "relay mail through domains". >A firewall simply shuts off all SMTP traffic including SMTP auth unless >I know all the "trusted sources" which is basically moot given roaming >customers. > >How can this be done? > >Also, it would be preferable to be able to do this on a domain by domain >basis rather than server wide. This is probably a rather sophisticated application of ACLs which surely can be done. If I were you, I'd take a closer look at the documentation's chapters about string expansion, lookups and ACLs, and if that's too complicated to tackle in the given time frame, hire an experienced consultant. Greetings Marc -- -------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834 -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
