Disabling local mail routing, other custom configs

meeven

Well-Known Member
May 8, 2007
132
2
168
I have a VPS running WHM/cpanel and would appreciate some assistance in configuring Exim for the following situations:

1.) For some of my domains, I use a mail filtering service from MXLogic.com. Basically, all incoming email is filtered by their Perimeter Security solution and only then reaches this vps.

The problem is that, when a user from a particular domain hosted on the VPS sends email to another user also on that domain, the receiving user's email is not filtered by the MXLogic service but is delivered locally. As a result, internal users on the same domain are able to bypass the email security settings when they email each other- for example, a user might send an infected email and the receiving user's email would never be filtered because the email is delivered locally.

I would like to know how Exim's settings can be changed so that, when users are from the same domain on the VPS, the mail is not delivered locally, but goes through the MXLogic service. In other words, it should act just like a mail sent to a recipient on an external domain.

2.) The MXLogic service also recommends locking down the mail servers for each domain so that spammers may not bypass the filtering service by directly connecting to, say, mail.domain.com etc.

For this, they suggest the following:

Locking Down domain.com Mail Servers

In order to prevent senders from bypassing filtering by connecting directly to domain.com mail servers, it is recommended that the domain.com mail servers be locked down so that they only accept SMTP traffic from the filtering service mail servers. For your reference, the IP subnets currently hosting filtering service mail servers are listed below.

Filtering Service IP Subnets
Use One of the Approved Settings
Preferred Firewall IP Setting
000.00.000.0/21

Alternate IP Settings
Include All Listed Subnets

000.00.000.0/24
000.00.000.0/24
000.00.000.0/24
000.00.000.0/24
000.00.000.0/24
000.00.000.0/24
000.00.000.0/24
000.00.000.0/24
My question- How do I lock down **only** the domains using the filtering service?

:confused:

Thanks,
Meeven