1

I try to deny outgoing emails with specific destination domains to being sent to the smarthost but unsuccessfully.

I'm on a debian "squeeze" configured to use a smarthost.

vi /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt

Add right after "acl_check_rcpt:"

deny
message = Domain $domain is prohibited for outgoing mails
domains = lsearch;/etc/exim4/restricted_domains

Reload exim, but the mails to the restricted domains continue to go out

I also tried to add the acl_not_smtp after reading this post but without success either.

vi /etc/exim4/conf.d/main/02_exim4-config_options

Add "acl_not_smtp = acl_check_not_smtp"

vi /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt

And add at the top of the file

acl_check_not_smtp:

deny
message = Domain $domain is prohibited for outgoing mails
domains = lsearch;/etc/exim4/restricted_domains

Can anybody point me what i'm doing wrong please?

Thanks,

Best regards,

Community
  • 1
Yoann P
  • 11
  • 2
  • You are running a Debian based Exim4 configuration. By "reload" exim4, do you mean that you restarted it? Exim4 doesn't read the files you are editing directly. Instead, inside the Exim4 init script, it regenerates a new exim4 config file, typically /var/lib/exim4/config.autogenerated, and then restarts exim. If you manually reloaded exim instead of a full restart, your changes are not yet added to the config file your Exim4 is using. – Todd Lyons Aug 22 '14 at 13:51
  • By reload i mean "/etc/init.d/exim4 reload" – Yoann P Aug 22 '14 at 14:32

1 Answers1

1

You've told us what you want to do, but you've not given us an exmaple email which is causing you the problem, so this is a general guide of what I would do to test that the configuration is working as you expect.

Run your exim in a test mode, potentially with debugging turned on, and see why that particular email isn't being blocked. First, install swaks (Swiss Army Knife for SMTP, which is just a simple perl script, most distros have it). Run exim in a test mode specifying an IP that is sending you email with the domain that you want to block (baddomain.com in this example), but using swaks:

swaks --pipe 'exim -bh IP.ADD.RE.SS' --to you@example.com \
  --from out@baddomain.com

This won't actually send an email, but it will act like it did. If you just want to see what's happening on the rcpt processing, then change the commandline to:

swaks --pipe 'exim -bh IP.ADD.RE.SS' --to you@example.com \
  --from out@baddomain.com --quit-after RCPT

Add a -d to the exim commandline if you want to see copious amounts of debug output.

Please note that your solution is only going to check the envelope sender, not what is in the From: header of the email. It's quite possible that you have some valid mail account which is being abused to send emails claiming to be From: some mailbox that you are trying to block.

Todd Lyons
  • 2,006
  • 16
  • 12