The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Relays, exim and cpanel

Discussion in 'General Discussion' started by split, Oct 17, 2006.

  1. split

    split Member

    Joined:
    Sep 30, 2005
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    this is a question about Exim, but perhaps someone has got the same problem.
    I've some relays for antispam/antivirus and the MX record for all domains from the Cpanel servers changed to go through those servers.
    The problem is that some spammers sends mails directly to the A record of the domain (the Cpanel server) so those mails aren't scanned.

    Any solution to this?
    Any way to say to Exim to refuse incoming mail that doesn't come from relays or isn't authenticated (to send outside)?

    Thanks!

    Regards,
    split.
     
  2. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
  3. split

    split Member

    Joined:
    Sep 30, 2005
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Hello!

    thx for the answer, I'm reading now the ACL section of the Exim tutorial (I've never use them :-/ ).
    Can you write one to see how it works, please?

    Thanks!

    Regards,
    split.
     
  4. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
    Something like this should do it, its only a simple example but you should get the point.

    In the top box of the advanced exim config editor in WHM add:

    Code:
    acl_smtp_helo = acl_check_helo
    Then in the ACL section:

    Code:
    acl_check_helo:
        deny message = Invalid HELO/EHLO. You are not a server on my network.
                condition = ${if match{$sender_helo_name}{yourservers.fqdn.com}{no}{yes}}
    
         accept
     
  5. split

    split Member

    Joined:
    Sep 30, 2005
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Hello again!

    thinking about it, I've seen that commenting some lines from exim.conf could be enought:

    check_recipient:
    accept hosts = :
    require verify = sender
    # accept domains = +local_domains
    # endpass
    message = "The recipient cannot be verified. Please check all recipients of this message to verify they are valid."
    verify = recipient

    # accept domains = +relay_domains

    warn message = ${perl{popbeforesmtpwarn}{$sender_host_name}}
    hosts = +relay_hosts
    accept hosts = +relay_hosts

    warn message = ${perl{popbeforesmtpwarn}{$sender_host_address}}
    condition = ${perl{checkrelayhost}{$sender_host_address}}
    accept condition = ${perl{checkrelayhost}{$sender_host_address}}

    accept hosts = +auth_relay_hosts
    endpass
    message = $sender_fullhost is currently not permitted to \
    relay through this server. Perhaps you \
    have not logged into the pop/imap server in the \
    last 30 minutes or do not have SMTP Authentication turned on in your email client.
    authenticated = *

    deny message = $sender_fullhost is currently not permitted to \
    relay through this server. Perhaps you \
    have not logged into the pop/imap server in the \
    last 30 minutes or do not have SMTP Authentication turned on in your email client.


    Commenting the lines:

    # accept domains = +local_domains
    # accept domains = +relay_domains

    Exim won't accept mails if they aren't comming from relay_hosts (where I've defined the relays) or not authenticated.

    I'm right?

    Thanks!

    Regards,
    split.
     
  6. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
    commenting out those lines will stop all incoming mail traffic which is fine if you only want your server to send out, but stop any mail pushed from your other servers.

    accept domains = +local_domains - accept e-mail for local domains
    accept domains = +relay_domains - accept e-mail for domains in /etc/remotedomains


    adding a hosts accept would be a better way of securing it in actual fact

    warn message = Sorry your server is not permitted to relay to us.
    hosts = +our_hosts
    accept hosts = +our_hosts

    then add an acl called our_hosts with the lsearch syntax used for the others
     
    #6 nickp666, Oct 20, 2006
    Last edited: Oct 20, 2006
Loading...

Share This Page