Stop Incoming Email Except from External Spam Filter

Email Customization

Hello,

I do see what you are trying to do, however it appears as though you are trying a customization that we could not support directly. Although that is not to say it can't be done. I would recommend taking a look at this site:
43. System-wide message filtering
I hope that helps, please let me know if there is anything else I can do for you.

Thank you,
Matthew Curry

 

Is there some reason you can't just simply limit incoming connections to Port 25 (SMTP) to just the single service / IP you want to receive from and reject anything else that is incoming?

Code:

# iptables -A INPUT -s ! x.x.x.x -p tcp --dport 25 -j REJECT

(In the above, 'x.x.x.x' is the IP address or CIDR range you wish to allow incoming access)

PS: Don't forget the exclamation point, else the filter will do the exact opposite!

 

Closing incoming on port 25 would have been ok if you have all the clients send through an alternate smtp port for exim but Stephen's answer sounds like the best way to go.

 

Just to let you know, Stephen ended up using this as an example in the Exim Debugging (and a bit of advanced configuring) session at the CPanel conference today.

Thanks for giving him a good idea to utilize.

 

Spam Filtering Algorithms

I am working on developing an algorithm to stop spam on the server side. I have gone through many approaches but i need to choose the best approach available. I need some suggestions to go on with the project on which technique to choose. A quick reply is appreciated.

 

Sorry for relaunching this thread, but I have a similar but slightly more complex requirement.

We accept mail for a number of domains (but not all) via an external spam filter. Obviously, for those domains, I only want to accept mail from the filtering servers, and not from anyone else.

I can't see a way to achieve this at the IP level as it means establishing the connection and looking inside the mail headers.

I expect this belongs somewhere after the ACL CONNECT block in exim.conf, but I'm currently clueless as to where. exim.conf isn't currently one of my comfort zones!

I need a rule that says something like

If [recipient domain] is in

• and HOST != [safehostlist] then reject [with or without message]
  
  Steve

 

OK, moving on... I created two files

/etc/filterip containing a list of ip address of the filter machines
/etc/filterdomains containing a list of domains that must come via the filter machines

Then, at the top of exim.conf I add

Code:

hostlist filter_hosts = net-lsearch;/etc/filterip :  net-lsearch;/etc/relayhosts
domainlist filter_domains = lsearch;/etc/filterdomains

So far so good.. but then I think I need to add something like this in the check_recipient block after 'accept hosts = :' line:

deny
!hosts = +filter_hosts
domains = +filter_domains
message = Please use the proper domain MX record

However, I'm not sure this is right, or if there is any way to get this in there using advanced editor... it doesn't allow me to insert (in a sticky fashion) anything into that exact area... unless of course I can find where the internal cpanel templates are kept and update those after each upcp...

I think I'm close to the answer - someone please help!

 

OK, for anyone who is interested, I have documented the procedure I followed to achieve this here:

How to Configure Exim to receive email for domain only from specific IP addresses « Revert to Type

This allows me to filter incoming mail connections to exim for specific domains, limiting them to a specified list of safe incoming relays.

I'm no exim guru (not by far), so please feel free to comment on any caveats or improvements that should be noted - I will of course credit any such help.

 

Thanks for sharing this, and for the great documentation.

** Just realised very old thread, sorry for the bump, but wanted to say thx for the info on this **