deny emails sending from/to specific domains using squirrelmail

[gloomers]

Hi,

I am searching for a way in DirectAdmin to block (deny) emails being send from specific local (virtual) domain to specific remote domain.

I have:
DA 1.41.1 running on Redhat CentOS 4.0
Exim 4.67
SquirrelMail 1.4.19

what i have done so far: added next lines to exim.conf file, ACL section:

deny
    senders = *@local_domain.tld
    recipients = *@remote_domain.tld
    message = Sending emails from @local_domain.tld to @remote_domain.tld

This works pretty much find for IMAP clients. If they send email and match the rules, they get alert message and thats it.

Now the problems is that some users log in to webmail (squirrelmail) the emails actually get delivered.

Emails from Squirrelmail are also processed by Exim.

Any hints/ideas on where to look for possible solution?

 

[zEitEr]

Hello,

And what does /var/log/exim/mainlog say about such emails?
Try exigrep... to get more accurate data for every email.

 

[gloomers]

in mainlog it looks liek this:

2012-07-02 17:33:33 1Slhgy-0006KZ-Uy <= user@local_domain.tld H=localhost (host.some_domain.tld) [127.0.0.1] P=esmtpa A=login:user@local_domain.tld S=768 [email protected]_domain.tld T="test" from <user@local_domain.tld> for remote_user@remote_domain.tld
2012-07-02 17:33:34 1Slhgy-0006KZ-Uy => remote_user@remote_domain.tld F=<user@local_domain.tld> R=lookuphost T=remote_smtp S=795 H=mxXX.remote_domain.tld [1XX.1XX.4X.XX] X=TLSv1:DHE-RSA-AES256-SHA:256 C="250 ok:  Message 352498056 accepted"

(domains, users, IPs are changed by me ofcourse)

 

[zEitEr]

OK, I guess it because of the fact that 127.0.0.1 is allowed for relaying in your /etc/exim.conf I don't remember what exactly line (you can easily find in the config). So try to remove the IP 127.0.0.1 and check it with you webmail.

 

[gloomers]

First of all, want to thank you for trying to help here (-;

Second, when you mentioned 127/localhost, i thought i might be able to configure SquirrelMail to connect to SMTP by TCP/IP instead of localhost. Have been playing with it for a while, then made a conclustion, that whatever i do, my host.domain.tld (server host name) and public IP are resolved to localhost in the system anyways.

And to clear things a bit more - i don't want to block ALL emails to specified domain. I have many users/domains on the system and i need just emails from ONE domain be denied when outgoing to specified ONE remote domain. So i guess if i remove 127/localhost relay from exim.conf all locally send emails are then denied - which i don't want/need.

 

[zEitEr]

Not sure how SquirrelMail works, I don't use it. But we do have roundcube, afterlogic, atmail working with disabled relaying from 127.0.0.1. Disabling relaying from 127.0.0.1 means that a user should go through authorization with valid login and password if he/she wants to send emails via SMTP, and in this case a real domain is used for authentication and the domain can be checked in your ACL.

Note, it's only my guess on that your issue with squirrelmail is related to relaying from 127.0.0.1. And I did not check your ACL, so I presume it's working as you describe it.