Intro

Recently I had to update a server such that exim would check a file consisting of all valid email addresses from an exchange server and deny (drop) anything not in that list. To further complicate things I had to take into account that it would also spamscan on that same host - alongside with greylisting (which isn't really an issue here tho).

The whitelist was easy to setup - After initial testing I found out I had to enable all mail from amavis to pass throught the acl_check_rcpt list or it would be denied (strangely enough as I assume the recipient would be the same).

Anyhow, I did it this way:

[...]
acl_check_rcpt
  [...]
  ## If mail is from spamscanner, allow unconditionally
  accept
    condition = ${if match {$sender_host_address}{xxx\.xxx\.xxx\.xx} {1}{0}}
  
  ## Deny not-whitelisted people.
  drop
    !recipients = lsearch;/etc/exim4/smtpaddresses.txt
    message = User unknown
  [...]

I just hardlinked smtpaddresses.txt into another file in a subdirectory creating a ftp account to that so it was possible to just upload the file there via ftp and it would use that new file immediately.