Hello Heiko, Thanks for your response.
On Sun, Aug 30, 2015 at 5:16 PM, Heiko Schlittermann <[email protected]> wrote: > Hi, > > Terrance Devor <[email protected]> (So 30 Aug 2015 01:57:16 CEST): > … > > > > 1) All authentication (ie, passing of username and password) should be > done > > over SSL/TLS port 465. Attempts to pass username and password over port > > 25 will result in deny, error message returned to the MTA, and log > > 465 is deprecated, use 587 and STARTTLS. Read about > 'server_advertise_conition' to avoid advertising AUTH on unencrypted > connections. > Understood. Will start moving everything over to port 587. Will I need to rebuild my SSL certificates and reconfigure for that as well? > > > 2) When relaying > > > > Assume our local domain is example.com > > > > (i) [email protected] ----> (465) Exim (465) ------> > [email protected] > > (ii) [email protected] ----> (465) Exim (25) ------> > > [email protected] etc... > > (iii) [email protected] ------> (25) Exim (465) ------> > > [email protected] > > You do not want to relay vom anywhere to anywhere, do you? > Exactlly, we do not. And if an individual from outside tries to relay to another outside email address than obviously this denied. A klnd of black list by means of process separation. > Accepting messages from outside should be done for your very own domain > only, here for example.com. Exceptions are possible, in case you know > what you're doing :) > There will be no relaying of outside domain emails to other outside emails. Only valid internal. > > Best regards from Dresden/Germany > Viele Grüße aus Dresden > Heiko Schlittermann > -- > SCHLITTERMANN.de ---------------------------- internet & unix support - > Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - > gnupg encrypted messages are welcome --------------- key ID: F69376CE - > ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ We are just trying to secure the environment as much as possible. Thanks in Advance, Nichoals. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
