Exim - Using ACLs to verify RCPT TO

Jan-Peter Koopmann Jan-Peter.Koopmann at SECEIDOS.DE
Mon Jan 5 08:25:46 GMT 2004

> I posted it here because it is directly relevant to the way 
> Exim is set up with MailScanner, and I know several Exim 

Sorry to disagree but this is not true. This problem occurs whenever you
are using Exim in front of MTAs doing the local delivery. This is in no
way MailScanner specific and therefore should go to the Exim mailing
list. BTW: The topic has been covered more than enough there. You can
use all sorts of lookups in the Exim ACLs (LDAP, SQL, CDB etc.).
Personally we are exporting our Exchange 2000 (or Exchange 5.5)
directories (valid e-mail adresses only) every 30 minutes. When they
have changed we create a new database on the Exim/MailScanner proxy and
use this database with a lookup rule in the RCPTTO ACL. 

Disadvantage: Changes take 30-60 minutes to take effect. No problem
Advantage: We need no LDAP lookups from the proxy machine to our
Exchange environment. I simply do not trust Microsoft enough for this.
All I want to allow is SMTP and that's it. :-)

> folks lurk on this list (and, because I'm not subscribed to 
> any Exim lists).

You should be!


More information about the MailScanner mailing list