[Pkg-exim4-users] Two (slightly) different configurations for port 25 and 587

[Adrian von Bidder]

Heyho!
I'm in the process of migrating my mailserver to exim4 (from postfix; mostly 
because I'd just like to try this tool.)
I could find various HOWTOs about how to set up port 587 with TLS for 
submission, but from what I see this just sets up TLS + authentication and 
then just has exim listen on port 25 and 587.
 
What I'd like to do:
 
 * don't advertise STARTTLS at all on port 25 (I've had problems with 
several mailservers with broken implementations, so I don't want them to try 
this.  I don't want exim to use TLS on outgoing mail either, btw.)
 * don't allow authentication at all on port 25 (no mail submission!)
 * on Port 587, exactly the other way round: only allow mail in after 
authentication via TLS.  Ideally, I'd like the antispam stuff that runs on 
port 25 incoming mail to run not at DATA time but after (and generate 
bounces), so people don't get their email stuck in the outbox.
 
Is this easily possible?  (I admit that this is probably just a question of 
RTFM.  But the exim manual is 57 chapters long ... :-)
 
Also, but I admit I haven't looked thoroughly on this yet, can I 
authenticate against PAM and not have a saslauthd or whatever running?  It 
would be nice to not have this additional component...
 
cheers
-- vbi 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 893 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-exim4-users/attachments/20101021/4219d25d/attachment.pgp>