* on the Thu, Jan 02, 2014 at 11:29:22AM +0100, Marco Gaiarin wrote: > I'm doing some exercise with exim (4.80-7, debian wheezy) enabling SSMTP > (port 465) and authentication. > Final objective is to open port 465 to all the net, protecting it with some > stuff like fail2ban. > > With my first experiment, seems that exim reject lately the email (even > without auth), simply does not route them (relay denied). > > There's some way to insert, very early, an ACL that simply reject email if > unauthenticated, and only for port 465 (port 25 used only for internal > traffic)? > > > I've tried to find on the net something about that but probably i'm missing > some keyword...
In your "acl_smtp_mail" section:
deny condition = ${if !eq{$received_port}{25}}
!authenticated = *
message = Port $received_port requires authentication
--
Mike Cardwell https://grepular.com/ http://cardwellit.com/
OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: Digital signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
