Exim deny relay how di O di this?

Posted on 2006-04-11
Last Modified: 2010-05-18
A problem that I am having is  it seems like we are getting tons of main going through the server that we dont want going through.
It may be that exim is relaying  mail that it shouldn't. How do I lock it down to not relay mail unless it on my IP?
Question by:jbrashear72
    LVL 2

    Expert Comment

    You might consider some of the following :-

    # The first setting specifies your local domains, for example:
    #   domainlist local_domains = my.first.domain : my.second.domain
    # You can use "@" to mean "the name of the local host", as in the default
    # setting above. This is the name that is specified by primary_hostname,
    # as specified above (or defaulted). If you do not want to do any local
    # deliveries, remove the "@" from the setting above. If you want to accept mail
    # addressed to your host's literal IP address, for example, mail addressed to
    # "user@[]", you can add "@[]" as an item in the local domains
    # list. You also need to uncomment "allow_domain_literals" below. This is not
    # recommended for today's Internet.

    # The second setting specifies domains for which your host is an incoming relay.
    # If you are not doing any relaying, you should leave the list empty. However,
    # if your host is an MX backup or gateway of some kind for some domains, you
    # must set relay_to_domains to match those domains. For example:
    # domainlist relay_to_domains = * :
    # This will allow any host to relay through your host to those domains.
    # See the section of the manual entitled "Control of relaying" for more
    # information.

    # The third setting specifies hosts that can use your host as an outgoing relay
    # to any other host on the Internet. Such a setting commonly refers to a
    # complete local network as well as the localhost. For example:
    # hostlist relay_from_hosts = :
    # The "/16" is a bit mask (CIDR notation), not a number of hosts. Note that you
    # have to include if you want to allow processes on your host to send
    # SMTP mail by using the loopback address. A number of MUAs use this method of
    # sending mail.

    acl_smtp_rcpt = acl_check_rcpt
    acl_smtp_data = acl_check_data

    Then in the ACL's


      # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
      # testing for an empty sending host field.

      accept  hosts = :

      accept  hosts         = +relay_from_hosts

      accept  domains       = +local_domains
              verify        = recipient

      # Accept if the address is in a domain for which we are an incoming relay,
      # but again, only if the recipient can be verified.

      accept  domains       = +relay_to_domains
              verify        = recipient

      # Reaching the end of the ACL causes a "deny", but we might as well give
      # an explicit message.

      deny    message       = relay not permitted

    In short, mostly the default configuration file. You may have to take out the control=submission if you are not using exim 4.60

    LVL 2

    Expert Comment

    I would also consider going to and searching the archives for information about relaying, also look at the spec.txt file that came with your exim (or again look on the website). Exim is well documented.

    LVL 3

    Author Comment


    Not sure that I understand...
    accept  hosts         = +relay_from_hosts
    does relay_from_hosts =  a file? /ike /etc/relay_from_hosts

    I just want it recieve mail and allow users to pop in.
    LVL 2

    Accepted Solution


    If you look in the example above :-
    # hostlist relay_from_hosts = :

    relay_from_hosts is an exim hostlist which defines a list of IP's or host names. This can then be referenced as +relay_from_hosts


    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
    Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
    Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
    Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now