Exim relay problem

Nick Phillips nwp at LEMON-COMPUTING.COM
Mon Sep 3 12:51:45 IST 2001

If you use mailscanner with Exim, please read this.

I've just realised that the instructions I wrote on installing the
mailscanner with Exim contain a potentially serious problem.

The "optional" 3 steps described to prevent exim from ever delivering
unscanned mail have the unintentional side-effect of turning your
mailserver into an open relay, unless you control that in some other

For the time being, you should remove or comment out the setting:
"local_domains = *" unless you are confident that you are controlling
relaying effectively in some other way (e.g. the scanning machine is
only able to accept mail from your own network anyway).

Having made that change, don't forget to restart Exim.

Once you have made that change, it will once again be possible to
cause the "incoming" Exim to deliver unscanned mail directly by typing
"exim -qf" or similar at the command line. In normal use, Exim will
still not deliver any unscanned mail.

I am now (once again) looking for a better way to prevent Exim from
delivering mail. I believe that the upcoming Exim v.4 will simplify
this process by removing the distinction between routers and directors,
but in the meantime, all suggestions gratefully accepted.

Apologies for the bout of brain-death that allowed this to slip through.


Nick Phillips -- nwp at lemon-computing.com
Courage is your greatest present need.

More information about the MailScanner mailing list