Created
March 10, 2014 10:27
-
-
Save mcnemesis/9462638 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Telling Exim4 to allow users on external networks to use the mail server as a relay: | |
So, for example your mail server has local ip: | |
192.168.1.1 | |
In that case, if you only wish let you local users use the mail server to send mail, then configure the relay host as this: | |
In `/etc/exim4/update-exim4.conf.conf`, set the relay network to only allow local machines for example (probably filter with a Class C mask) | |
dc_relay_nets='192.168.1.0/24' | |
In that case, any machine with IP 192.168.1.0-255 can send mail via the server. | |
NOTE: by default, 127.0.0.1, ::1 are allowed to relay via the server (even when not explicitly specified to - as it only makes sense - sendmail is local anyways) | |
Allowing Public / External Networks | |
==================================== | |
Now, if you wish to also allow users on external networks (e.g if you wish to allow users on broaband) to also use your mail server as their smtp node, then u have to adjust the above configuration to specify either a particular ip, or ip range (or network). | |
So, for example of the ISP assigns you a static ip (but possibly u know the public ip might be a range 8.8.1.0 - 8.8.255.255), you might specify these multiple relay nets like this | |
dc_relay_nets='192.168.129.0/24:8.8.1.0/16' | |
But beware, this might open up your relay to a whole range of machines, of which there's a high risk if some are vulnerable or not under your control. So, it's always advisable to limit the relay networks to only internal and local ips. | |
Loading New Configuration | |
====================================== | |
Since we are using Exim4, and since we have opted to use the recommended approach for Debian (making changes in `/etc/exim4/update-exim4.conf.conf`, and letting the system autogenerate the actual conf), then we apply the changes like this: | |
update-exim4.conf | |
to autogenerate a new configuration for Exim4, then | |
/etc/init.d/exim4 restart | |
or | |
/etc/init.d/exim4 reload | |
to load the new configuration. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment