Exim ACLs

global config

use acl_check_rcpt ACL for the smtp rcpt command

acl_smtp_rcpt = acl_check_rcpt

Then define a new ACL called acl_check_rcpt, starting with “acl_check_rcpt:”

Within this definition, control the number of recipients to 300 per minute based on sender address. “strict” means keep on incrementing the counter if they keep trying

defer
        ratelimit       = 300 / 1m / strict / per_rcpt / $sender_host_address
        log_message     = Local host ratelimit ( $sender_host_address ) exceeds $sender_rate recipients per $sender_rate_period
        message         = Number of recipients has exceeded our IP limit. Come back later.

Control the number of emaails to 100 per minute based on sender address. “strict” means keep on incrementing the counter if they keep trying

defer
        ratelimit       = 100 / 1m / strict / per_mail / $sender_host_address
        log_message     = Local host ratelimit ( $sender_host_address ) exceeds $sender_rate emails per $sender_rate_period
        message         = Number of sent emails has exceeded our IP limit. Come back later.

Insist that any other recipient address that we accept is either in one of our local domains, or is in a domain for which we explicitly allow relaying. Any other domain is rejected as being unacceptable for relaying.

require message = relay not permitted
          domains = +local_domains : +relay_to_domains

We also require all accepted addresses to be verifiable. This check will do local part verification for local domains, but only check the domain for remote domains.

require verify = recipient