Find the answer to your Linux question:
Results 1 to 2 of 2
I am moving our email server from MS Exchange to Exim on Ubuntu 8.04.1. Version of Exim is 4.68. As one of our security layers, we restrict authorization to send/relay ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2008
    Posts
    9

    Restrict outgoing relay by ip address


    I am moving our email server from MS Exchange to Exim on Ubuntu 8.04.1. Version of Exim is 4.68.
    As one of our security layers, we restrict authorization to send/relay email via our mail server from approved IP networks only. Whether this is a perfect method or not is irrelevant as it is but one of our security layers and we do not need to allow relaying from the world.
    I need to be able to restrict the sending of outgoing email via our servers by IP but need to allow the receipt and delivery of inbound email from any IP.
    I have spent over 2 weeks scouring the web, reading through the Exim specs and doc and other resources and have tried many many ways to achieve this goal but to no success yet and am becoming very desperate. I will need to give up on Exim if I cannot achieve this and have already invested a huge amount of time into this.
    In summary:
    * Restrict ability to relay outgoing email from our servers by IP (Normal encrypted TLS username/password also required of course)
    * Allow inbound delivery of email from any IP
    Does anyone know whether this can be done and if so how?
    I would truly appreciate any help on this.
    Regards,
    Jeff

  2. #2
    Linux User
    Join Date
    May 2008
    Location
    NYC, moved from KS & MO
    Posts
    251
    I never use exim before but I am quite familiar with postfix and the common way to specify which ip(s) are allowed to relay is like
    mynetworks_style=subnet
    mynetworks=127.0.0.0/8, 192.168.1.0/24, 44.55.66.77/32 (just a makeup ip)


    I looked up the exim doc and I think you can do it in a similar way

    hostlist relay_hosts = 192.168.1.0/24 : 44.55.66.77/32 : 123.123.123.123/32
    ( let's assume you want to allow relay access your LAN and from ips 44.55.66.77 and 123.123.123.123 )

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •