Message Reception

Years ago relaying to another host was acceptable but into today's virus and email spaming world it is viewed as a bad thing. Checking mail before accepting it can help in reducing spam mail getting through, Exim has a number of different ways of interfacing to virus and spam scanners.

Messages received over TCP/IP are treated differently to those received from local processes, SMTP is the only way EXIM can handle messages over TCP/IP, you can of course use SMTP with a pipe as means of a local delivery, however all SMTP input (remote or local) is subject to checks defined by the ACLs for SMTP input, you can also apply ACLs to non-SMTP input as well.

Exim never changes the bodies of a message in any way, it will not convert one form or encoding into another.

As I have mention before you can limit the size of a message that Exim will handle, using the option message_size_limit and specifying a size, the default of which is 50MB. Normally when you send a bounce message it appends the original message but this can lead to excessively large bounces, to restrict this the option return_size_limit can be used to limit this amount, the default is 100KB, the body of the message is truncated when the limit is reached.

Message Size Control message_size_limit = 25MB
return_size_limit = 250KB       ## should be a lot smaller than message_size_limit

Messages from Local Processes

An Exim reception process may be started by any locally running process. Most commonly, this happens when a user instructs a user agent to send a message. You can send a message using Exim but you will have to supply the entire message, including all the header lines, it is better to use a user agent such as Unix's mail command.

In a locally submitted message, if an unqualified address is found in any header lines, it is qualified using the domain defined by qualify_domain (senders) or qualify_recipient (for recipient) at the time the message is received

unqualified message (local)

qualify_domain = datadisk.co.uk
qualify_recipient = ahost.datadisk.co.uk

A incoming message contains
From: theboss
To: thedogsbody

It gets converted to
From: theboss@datadisk.co.uk
To: thedogsbody@ahost.datadisk.co.uk

Unqualified Addresses from Remote Hosts

In a remotely submitted message all addresses should be qualified accept for postmaster which will be accepted as a unqualified address, otherwise they will cause an error response. You can however allow specific hosts to send unqualified address by setting sender_unqualified_hosts or recipient_unqualified_hosts. If the qualify_domain and qualify_recipient have not been set then it defaults to the name of the host, otherwise qualify_domain and qualify_recipient options will be used.

allow unqualified messages from specific hosts sender_unqualified_hosts = 192.168.1.0/24
recipient_unqualified_hosts = 192.168.1.0/24

Checking a Remote Host

You can use additional checks that are independent of the ACL checks. Normally a remote hosts name is supplied by EHLO or HELO and is placed in the variable $sender_helo_name, but this name cannot be relied apon, normally you would perform a reserve lookup of the the supplied IP address but many IP addresses are only resolvable one way so it will not resolve,by default Exim will resolve a remote hosts name (using /etc/hosts, DNS) and this can be expensive as in terms of resources especially for large installations, you can fine tune this using the option host_lookup.

Hosts lookups host_lookup = *                    ## resolve all host names (default)
host_lookup = 192.168.1.0/24       ## only resolve hosts with specific network address

When a hostname is found by an IP address it is placed in the variable $sender_host_name, if it is not found then this variable is empty. A message is not rejected at first if a hostname is not found but other ACLs checks may reject it.

In Exim's log files, hostnames that have not been verified but have been supplied by the EHLO or HELO commands are shown in parentheses. You can force a EHLO or HELO domain lookup using the option helo_lookup_domains.

Force EHLO lookup helo_lookup_domains = @ : @[]

Note:
@    = matches the servers hostname
@[]  = matches any of its IP addresses in brackets

You can have stricter control on the EHLO and HELO commands by using the options helo_verify_hosts (provokes a permanent error if hosts is found and logs) and helo_try_verify_hosts (processing continues and no log is updated, other ACLs will check) , basically supply a list of hosts. You can also allow certain characters to be used the underscore being an example by using the option helo_allow_chars or any old junk using the helo_accept_junk_hosts option.

allow characters to be used with EHLO or HELO helo_allow_chars = _
Allow any old junk helo_accept_junk_hosts = 192.168.1.0/24

Rate Control

You can limit the rate a host can send messages, Exim has two ways to archieve this, the older way is within SMTP and the newer way via ACLs. SMTP has two options smtp_ratelimit_mail and smtp_ratelimit_rcpt each of these must receive a four comma-seperated list.

rate control

smtp_ratelimit_mail = 2,0.5s,1.05,4m
smtp_ratelimit_rcpt = 4,0,25s,1.015,4m         ## can use fractional times

Note: The fields are seperated by a , (threshold,time delay,multiplier,maximum)

Threshold specifies how many MAIL commands in a single connection or how many RCPT in a single message can be accepted before the rate limiting kicks in
Initial time delay this is the amount of time by which to delay the first command after the threshold has been reached
Multiplier this number which can be a fractional number, is the factor by which the delay is increased for each subsequent command.
maximum value for the delay This should be set to less than 5mins because the client is liable to timeout.

Relay Control

The default configuration is not to allow relaying of messages from other hosts. Relaying occurs whan a message that is received from another host is passed on to a third host without any reference to a local domain in the recipient address. ACLs control relaying messages, the checks for relay permission must happen for each recipient address independently.