How can I configure Exim to drop non-authenticated connections on alternate SMTP port?

smtp access-control-list smtp-auth exim

Solution 1:

We use the following rules in acl_check_rcpt, but I suspect they would work better in acl_check_helo

deny
   condition      = ${if and{{eq{$interface_port}{587}} {eq{$tls_cipher}{}} } }
   message        = All port 587 connections must use TLS

deny condition    = ${if eq{$interface_port}{587}}
   !authenticated = *
   message        = All port 587 connections must be Authenticated

Obviously you only want the second of the two rules, but the first shows how to reject non-TLS connections. You may want to think about disallowing plaintext authentication methods if you aren't going to enforce TLS.

Related

Squid to cache youtube and windows update content
Precedence of RewriteRules in .htaccess file on Apache Server
Linux distributions without selinux
need advice on building a scalable architecture for moodle
C# checking for binary reader end of file
Windows Server 2008 R2 - 180 day evaluation vs. 10 days + 5 re-arms
Internet Usage on K-12 Student Laptops
Setting up a Secondary DHCP Server, for failover [duplicate]
How can I tell SGE to stop assigning work to a compute node?
LSI MegaRaid - get HDD temperature
Backup options for a small business server
Mercurial / hg - abort: outstanding uncommitted merges