Login or Register to Ask a Question and Join Our Community


UNIX and Linux Applications

Exim Restrict outgoing relay by ip address

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums UNIX and Linux Applications Exim Restrict outgoing relay by ip address
# 1  
Old 11-08-2008
Exim Restrict outgoing relay by ip address
I am moving our email server from MS Exchange to Exim on Ubuntu 8.04.1. Version of Exim is 4.68.
As one of our security layers, we restrict authorization to send/relay email via our mail server from approved IP networks only. Whether this is a perfect method or not is irrelevant as it is but one of our security layers and we do not need to allow relaying from the world.
I need to be able to restrict the sending of outgoing email via our servers by IP but need to allow the receipt and delivery of inbound email from any IP.
I have spent over 2 weeks scouring the web, reading through the Exim specs and doc and other resources and have tried many many ways to achieve this goal but to no success yet and am becoming very desperate. I will need to give up on Exim if I cannot achieve this and have already invested a huge amount of time into this.
In summary:
* Restrict ability to relay outgoing email from our servers by IP (Normal encrypted TLS username/password also required of course)
* Allow inbound delivery of email from any IP
Does anyone know whether this can be done and if so how?
I would truly appreciate any help on this.
Regards,
Jeff
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Linux

Exim

Hello Guys In my Server i have installed exim when i send a mail on particular IP address i got the following error. SMTP protocol synchronization error (next input sent too soon: pipelining was not advertised): rejected "mail from:xyz.com" H=xyz.com (x.x.x.x) next input="\r\n" I... (1 Reply)
Discussion started by: HarishMooly
1 Replies

2. Solaris

SMTP relay one (1) hostname with two (2) IP Address

Hi, Anyone can help? Currently : I'm am using a smtp smart relay, 1 hostname but different IP Address 192.168.2.108 and 192.168.2.109). I'm using "smtp.mailhostname.com mailhost" and having an IP Address 192.168.2.108, but there is a certain minutes/seconds that the IP Address will... (2 Replies)
Discussion started by: fspalero
2 Replies

3. UNIX for Dummies Questions & Answers

Exim and processes

hello I have 2 queries 1) I ran this command : exigrep root /var/log/exim_mainlog and got a lot of results like this 2014-03-25 18:00:09 1WSO9R-000067-6n <= root@123.456.com U=root P=local S=690 T="lfd on 123.456.com: Excessive resource usage: xxx (344 (Parent PID:17477))" for... (0 Replies)
Discussion started by: johnchristy
0 Replies

4. What is on Your Mind?

Plan to Restrict RSS Access by IP Address

Hello Everyone, We plan to restrict all RSS news feed access soon based on IP address. This means that if you have a website or application that using our site RSS feeds, you can still do it; but your must register you site in this thread. So please reply with your IP address of your server... (7 Replies)
Discussion started by: Neo
7 Replies

5. IP Networking

Get DHCP relay interfaces IP address using DHCP

Hi All , please view the set up below: ------------------------------------------------------------------- | DHCP Server |-----------| ROUTER & |-----------| Clients | | 192.168.99.1 | - -<eth1>| DHCP-RELAY|<eth2>-- | 192.168.88.X | ... (2 Replies)
Discussion started by: gdangoor
2 Replies

6. Solaris

Restrict XWindows Server Access by IP Address

We want to disable graphical logins on our Solaris 10(64bit sparc )boxes, but I haven't found any information on how to do it via google. Most likely I am using the wrong search terms (i've been looking for "xdmcp" and "x11" "disable") . While looking through the output of "svcs -a | grep... (3 Replies)
Discussion started by: the.gooch
3 Replies

7. UNIX for Advanced & Expert Users

Exim mail log

Hi Guys, I am quite a newbie to exim mail server.Below, I have pasted the the log entries of my exim maillog file. I am not able to understand these entries. Can anyone please help me?? Its very urgent. 2010-01-18 04:20:35 1NWpes-00018g-1O <= user1@domain1.com H=() P=esmtp S=1038... (1 Reply)
Discussion started by: mahesh_raghu
1 Replies

8. UNIX for Advanced & Expert Users

Exim Help

Hiya all, Using exim v4.x and CentOS 4/5 on a bunch of servers at our company. We're having a tough time fighting spam relaying and such. I basically want any tips and tricks for these, and one specific question. How can I force ALL email that is sent from our box (no matter what form)... (0 Replies)
Discussion started by: bigshow911
0 Replies

9. UNIX for Dummies Questions & Answers

exim: help with mail :(

ok i have exim installed on my redhat 8.0 server the exim dir is: /usr/local/exim and the mail queue is: /var/spool/exim_mail this is what the mail queue looks like: http://www.thedigitaldream.co.uk/images/exim.gif the problem is, mail stays there, where is it meant to go??? ... (1 Reply)
Discussion started by: matt2kjones
1 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

exim_checkaccess

EXIM_CHECKACCESS(8)					      System Manager's Manual					       EXIM_CHECKACCESS(8)

NAME

       exim_checkaccess - Check address acceptance from given IP

SYNOPSIS

       exim_checkaccess IP-address email@address [more Exim options]

DESCRIPTION

       Exim's  -bh command line argument allows you to run a fake SMTP session with debugging output, in order to check what Exim is doing when it
       is applying policy controls to incoming SMTP mail.  However, not everybody is sufficiently familiar with the SMTP protocol to  be  able	to
       make  full  use of -bh, and sometimes you just want to answer the question "Does this address have access?" without bothering with any fur-
       ther details.

       The exim_checkaccess utility is a 'packaged' version of -bh.  It takes two arguments, an IP address and an email address:

	 exim_checkaccess 10.9.8.7 A.User@a.domain.example

       The utility runs a call to Exim with the -bh option, to test whether the given email address would be accepted  in  a  RCPT  command  in  a
       TCP/IP  connection  from  the  host  with the given IP address.	The output of the utility is either the word 'accepted', or the SMTP error
       response, for example:

	 Rejected:
	   550 Relay not permitted

       When running this test, the utility uses "<>" as the envelope sender address for the MAIL command, but you can  change  this  by  providing
       additional  options.   These  are  passed directly to the Exim command.	For example, to specify that the test is to be run with the sender
       address "himself@there.example" you can use:

	 exim_checkaccess 10.9.8.7 A.User@a.domain.example 
			  -f himself@there.example

       Note that these additional Exim command line items must be given after the two mandatory arguments.

BUGS

       This manual page needs a major re-work. If somebody knows better groff than us and has more experience in writing manual pages, any patches
       would be greatly appreciated.

SEE ALSO

       exim(8), /usr/share/doc/exim4-base/

AUTHOR

       This  manual  page was stitched together from spec.txt by Andreas Metzler <ametzler at downhill.at.eu.org>, for the Debian GNU/Linux system
       (but may be used by others).

								  March 26, 2003					       EXIM_CHECKACCESS(8)