Difference between revisions of "Exim"
From Leaky
(Preventing local users from sending email) |
|||
| (3 intermediate revisions by the same user not shown) | |||
| Line 8: | Line 8: | ||
acl_not_smtp: | acl_not_smtp: | ||
| − | + | ||
discard condition = ${if eq {$sender_address}{localuser@wood.bocks.com}{yes}{no}} | discard condition = ${if eq {$sender_address}{localuser@wood.bocks.com}{yes}{no}} | ||
message = $sender_address is not permitted to send messages | message = $sender_address is not permitted to send messages | ||
log_message = $sender_address is not permitted to send messages | log_message = $sender_address is not permitted to send messages | ||
| − | + | ||
accept | accept | ||
| Line 21: | Line 21: | ||
A message that you sent was rejected by the local scanning code that | A message that you sent was rejected by the local scanning code that | ||
checks incoming messages on this system. The following error was given: | checks incoming messages on this system. The following error was given: | ||
| − | + | ||
localuser@wood.bocks.com is not permitted to send messages | localuser@wood.bocks.com is not permitted to send messages | ||
------ This is a copy of your message, including all the headers. ------ | ------ This is a copy of your message, including all the headers. ------ | ||
| + | |||
| + | == Disable sending to specific IPs == | ||
| + | |||
| + | Add to the appropriate router, or make a new one. | ||
| + | |||
| + | You can use this option to disable the use of IPv4 or IPv6 for mail delivery by means of the first or the second of the following settings, respectively: | ||
| + | |||
| + | ignore_target_hosts = 0.0.0.0/0 | ||
| + | ignore_target_hosts = <; 0::0/0 | ||
| + | |||
| + | The pattern in the first line matches all IPv4 addresses, whereas the pattern in the second line matches all IPv6 addresses. | ||
| + | |||
| + | For example, to not use IPv6 to send to gmail or googlemail users, add a new router before the dnslookup router: | ||
| + | |||
| + | google: | ||
| + | driver = dnslookup | ||
| + | domains = googlemail.com : gmail.com | ||
| + | transport = remote_smtp | ||
| + | # No IPv6 | ||
| + | ignore_target_hosts = <; 0::0/0 | ||
| + | |||
| + | dnslookup: | ||
| + | driver = dnslookup | ||
| + | domains = ! +local_domains | ||
| + | transport = remote_smtp | ||
| + | ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 | ||
| + | no_more | ||
| + | |||
| + | == Switching MTA in CentOS 6 == | ||
| + | |||
| + | Install exim/sendmail/postfix/whatever. | ||
| + | |||
| + | Choose from the list using the ''alternatives'' program. | ||
| + | |||
| + | # alternatives --config mta | ||
| + | |||
| + | There is 2 program that provides 'mta'. | ||
| + | |||
| + | Selection Command | ||
| + | ----------------------------------------------- | ||
| + | *+ 1 /usr/sbin/sendmail.postfix | ||
| + | 2 /usr/sbin/sendmail.exim | ||
| + | |||
| + | Enter to keep the current selection[+], or type selection number: 2 | ||
| + | # | ||
Latest revision as of 16:17, 27 July 2014
To block any outgoing email from a particular local user, you can use the acl_not_smtp to discard or reject messages that aren't sent via SMTP.
Up near the rest of the acl definitions:
acl_not_smtp = acl_not_smtp
And then somewhere in the acl section:
acl_not_smtp:
discard condition = ${if eq {$sender_address}{localuser@wood.bocks.com}{yes}{no}}
message = $sender_address is not permitted to send messages
log_message = $sender_address is not permitted to send messages
accept
Using deny instead of discard sends a local bounce back to the user containing this message and then their original message.
Subject: Mail failure - rejected by local scanning code A message that you sent was rejected by the local scanning code that checks incoming messages on this system. The following error was given: localuser@wood.bocks.com is not permitted to send messages ------ This is a copy of your message, including all the headers. ------
Disable sending to specific IPs
Add to the appropriate router, or make a new one.
You can use this option to disable the use of IPv4 or IPv6 for mail delivery by means of the first or the second of the following settings, respectively:
ignore_target_hosts = 0.0.0.0/0 ignore_target_hosts = <; 0::0/0
The pattern in the first line matches all IPv4 addresses, whereas the pattern in the second line matches all IPv6 addresses.
For example, to not use IPv6 to send to gmail or googlemail users, add a new router before the dnslookup router:
google: driver = dnslookup domains = googlemail.com : gmail.com transport = remote_smtp # No IPv6 ignore_target_hosts = <; 0::0/0
dnslookup: driver = dnslookup domains = ! +local_domains transport = remote_smtp ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 no_more
Switching MTA in CentOS 6
Install exim/sendmail/postfix/whatever.
Choose from the list using the alternatives program.
# alternatives --config mta There is 2 program that provides 'mta'. Selection Command ----------------------------------------------- *+ 1 /usr/sbin/sendmail.postfix 2 /usr/sbin/sendmail.exim Enter to keep the current selection[+], or type selection number: 2 #
