@Sebastian, If you live in a world where IPs are dynamic, then you will understand my point. There is no real benefit of restricting auth to particular IPs, IMHO. If you must restrict AUTH to just a few IPs, then you actually don't need that overhead. Just put them in relay_from_hosts and you are good.
On Wed, Apr 21, 2021 at 1:55 PM Sebastian via Exim-users < exim-users@exim.org> wrote: > But its still good to use "auth_advertise_hosts" to restrict which hosts > that are permitted to authenticate in addition to this. > Else you will get bots that hack the password and then spam with your > server. > > In auth_advertise_hosts, you can use CIDR notation (like 123.123.123.0/24) > to allow large amounts of hosts in case of dynamic IP or mobile terminals. > > So authenticated SMTP should still be IP restricted since there is bots out > there guessing passwords (and hitting the right passwords sometimes and > gaining access) > > -----Ursprungligt meddelande----- > Från: Odhiambo Washington via Exim-users <exim-users@exim.org> > Skickat: den 21 april 2021 12:36 > Till: Douba Samuel DIARRA <doubasam...@outlook.fr> > Kopia: exim-users@exim.org > Ämne: Re: [exim] RELAY NOT PERMITED exim4 > > On Wed, Apr 21, 2021 at 1:24 PM Douba Samuel DIARRA via Exim-users < > exim-users@exim.org> wrote: > > > Hello > > I was using Exim 4, in office (differents sites) but I was using vsat > > system for interconnecting sites. I put private adresses to configure > > exim in differents sites. > > Since I published my servers on internet, I have this kind of error > > message and i cannot send mails. the message is : RELAY NOT PERMITED > > > > Need some advices please > > > > Instead of relying on IP addresses for relaying (as should be listed in > relay_from_hosts) it is better to use ASMTP ad the condition for relaying. > So just set up authenticated SMTP and let users enable the same on their > MuA > and you are good to go. > > -- > Best regards, > Odhiambo WASHINGTON, > Nairobi,KE > +254 7 3200 0004/+254 7 2274 3223 > "Oh, the cruft.", grep ^[^#] :-) > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft.", grep ^[^#] :-) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/