Struggling to get my head around the various relaying controls in the exim4 config.
I can send email from my server, I can send email from home and work (because I explicitly added suitable netblocks for it), but I can't get a program I wrote to send email to a googlemail address - I get a 550 relay not permitted.
What I'm aiming for is to be able to send email to any (valid) email address from any server, providing that I supply a suitable username and password. I suspect SASL comes into play here, but I'm currently confused between domains I can relay for and machines I can relay for.
Anyone able to unravel this?
[NOTE: Ubuntu box, so Debian-style split config for exim4]
This is similar to my exim setup. From within my network I can send email to any domain, but from outside the network the only mail exim will deliver to is my local domain, unless the user authenticates to exim first. In this way, I can send mail through my mailserver from anywhere in the world, as long as I authenticate first.
Critical sections of my config are:
This basically sets my local domain for which exim knows is 'home' to
example.com
. It also sets out the subnet ranges for which exim is allowed to relay any mail.relay_to_domains
is blank, because there are no other domains for which I blanket will relay to, other thanexample.com
.I advertise TLS availability so that any client can authenticate over TLS.
This acl does some checks on where the mail is going, and who sent it before deciding whether or not to relay. The first line relays mail from hosts within the previously defined internal network. The second line relays mail from any authenticated user. The third and fourth require that if any previous condition has not been met, only relay for my local domains.
The final section is the authenticators, so that exim knows what an authenticated user looks like. Mine looks like this:
Obviously this requires an exim build that's got sasl capability compiled, along with a working SASL daemon on the system. I use Cyrus SASLD and from memory, it's fairly simple to install and forget about.
I'm actually running this on OpenBSD, so not sure how these steps would exactly translate to a split-config Ubuntu box. However, it should be enough to get you going :)