0

I have smtp auth set up on my exim4 Dqueeze server so that only auth'ed clients can use it as a mail relay.

I believe this is working, e.g. thunderbird (w/out password) reports that I am "not yet authorised to send mail for X from Y".

I also have greylistd installed, which I also see to be working.

But I've noticed that when an unauthorised connection is made the error is temporarily rejected RCPT <email@eg.com>: greylisted

Should greylisting be taking effect here? Surely it should just be saying "go away, you're not authorised" rather than filling up a greylist queue?

artfulrobot
  • 2,627
  • 11
  • 30
  • 56

1 Answers1

1

There is no point in greylisting un-authorized connections. It just makes diagnostics difficult. You should just reject them up front.

I believe that the problem is in how the greylisting is setup in your Exim access control lists. You must have inserted the greylisting rules in the ACLs so that they are checked before the rule that denies relaying by un-authorized users. You should re-arrange the rules so that the logic makes sense.

It is not possible to give definite answer without seeing your configuration.

snap
  • 1,201
  • 9
  • 17
  • Thanks for taking the time to answer. I posted this a long while back and I've learnt a lot more about exim since. I think it was a config thing in that I'd said relay mail for * (thinking of the case of authenticated clients), which was wrong. My nonauth ACL rule was stopping delivery, but greylistd's *condition* `domains = +local_domains : +relay_to_domains` was being met for all domains because of the config. So actually it wasn't the *order* of the ACL clauses, because greylistd is pretty clever, but nevertheless your answer helped me understand. Thanks. – artfulrobot Jul 05 '12 at 20:55