# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.
#
acl_check_rcpt:
  # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
  # testing for an empty sending host field.
  accept hosts = :

  # Deny if the local part contains @ or % or / or | or !. These are rarely
  # found in genuine local parts, but are often tried by people looking to
  # circumvent relaying restrictions.
  #
  # Also deny if the local part starts with a dot. Empty components aren't
  # strictly legal in RFC 2822, but Exim allows them because this is common.
  # However, actually starting with a dot may cause trouble if the local part
  # is used as a file name (e.g. for a mailing list).
  #
  deny local_parts = ^.*[@%!/|] : ^\\.

  # Accept mail to postmaster in any local domain, regardless of the source,
  # and without verifying the sender.
  #
  accept local_parts = postmaster
         domains = +local_domains

  # Deny unless the sender address can be verified.
  #
  # This is disabled by default so that DNSless systems don't break. If
  # your system can do DNS lookups without delay or cost, you might want
  # to enable the following line.
  # deny !acl = acl_whitelist_local_deny
  # 	 !verify = sender

  # Warn if the sender host does not have valid reverse DNS.
  # 
  # This is disabled by default so that DNSless systems don't break. If
  # your system can do DNS lookups without delay or cost, you might want
  # to enable the following lines.
  # warn message = X-Broken-Reverse-DNS: no host name found for IP address $sender_host_address
  #      !verify = reverse_host_lookup

  # deny bad senders (envelope sender)
  # CONFDIR/local_sender_blacklist holds a list of envelope senders that
  # should have their access denied to the local host. Incoming messages
  # with one of these senders are rejected at RCPT time.
  #
  # The explicit white lists are honored as well as negative items in
  # the black list. See /usr/share/doc/exim4-config/default_acl for details.
  deny message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
       !acl = acl_whitelist_local_deny
       senders = ${if exists{CONFDIR/local_sender_blacklist}\
                             {CONFDIR/local_sender_blacklist}\
                             {}}

  # deny bad sites (IP address)
  # CONFDIR/local_host_blacklist holds a list of host names, IP addresses
  # and networks (CIDR notation)  that should have their access denied to
  # The local host. Messages coming in from a listed host will have all
  # RCPT statements rejected.
  #
  # The explicit white lists are honored as well as negative items in
  # the black list. See /usr/share/doc/exim4-config/default_acl for details.
  deny message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
       !acl = acl_whitelist_local_deny
       hosts = ${if exists{CONFDIR/local_host_blacklist}\
                             {CONFDIR/local_host_blacklist}\
                             {}}


  #############################################################################
  # There are no checks on DNS "black" lists because the domains that contain
  # these lists are changing all the time. You can find examples of
  # how to use dnslists in /usr/share/doc/exim4-config/examples/acl
  #############################################################################

  # Accept if the address is in a local domain, but only if the recipient can
  # be verified. Otherwise deny. The "endpass" line is the border between
  # passing on to the next ACL statement (if tests above it fail) or denying
  # access (if tests below it fail).
  #
  accept domains = +local_domains
         endpass
         message = unknown user
         verify = recipient

  # Accept if the address is in a domain for which we are relaying, but again,
  # only if the recipient can be verified.
  #
  accept domains = +relay_to_domains
         endpass
         message = unrouteable address
         verify = recipient

  # If control reaches this point, the domain is neither in +local_domains
  # nor in +relay_to_domains.

  # Accept if the message comes from one of the hosts for which we are an
  # outgoing relay. Recipient verification is omitted here, because in many
  # cases the clients are dumb MUAs that don't cope well with SMTP error
  # responses. If you are actually relaying out from MTAs, you should probably
  # add recipient verification here.
  #
  accept hosts = +relay_from_hosts

  # Accept if the message arrived over an authenticated connection, from
  # any host. Again, these messages are usually from MUAs, so recipient
  # verification is omitted.
  #
  accept authenticated = *

  # Reaching the end of the ACL causes a "deny", but we might as well give
  # an explicit message.
  #
  deny message = relay not permitted



