Ever needed to only allow emails from specific people through to specific addresses using exim? If you have then hopefully this post is of use to you. I'm writing it up here because it's proving useful to me right now.

Blocking email to all addresses except specific ones using exim is pretty easy. First of all create one file /etc/blocked_emails.list, and add to it a list of email addresses which are blocked:

foo@bar.com
bibble@bar.com
etc@bar.com

Next step is to create a list of addresses those emails can send to. Put these into a file called /etc/exceptions.list and list one local part per line - for example:

john
bob
rita

You then have two possible modes here. You can either defer accepting email so it takes a while to bounce, or have it deny delivery immediately. The former is in many cases actually preferable because someone will assume its been delivered and only find out its bounced, with a relatively innocuous error message some days later. Given you only tend to block people because they're being OTT, this gives them a chance to cool off and for any nasty messages to be lost, unread, in the ether.

To have the mail system defer delivery of email from any of the blocked_emails, to any address other than any of the emails in the exceptions, put the following in your exim ACL's rules for rcpt checking:

begin acl

acl_check_rcpt:

  accept local_parts   = /etc/exceptions.list
         senders = /etc/blocked_emails.list

  defer   message = Mailbox full, retry later
          senders = /etc/blocked_emails.list

The message is deliberately innocuous. However if the person (or persons) ramps up their antisocial behaviour and doesn't take the hint, you can change this to instantly deny access and send a message back immediately rather than 4-24 hours later by changing defer to deny:

begin acl

acl_check_rcpt:

  accept local_parts   = /etc/exceptions.list
         senders = /etc/blocked_emails.list

  deny   message = Your email has not been and will not be delivered - it has been blocked
          senders = /etc/blocked_emails.list

It's really sad when things come to this. There is an advantage to using config files like this however in that you only need to edit the contents then of blocked_emails and exceptions in order to re-allow emails through, or to block access completely to all emails.

In case anyone is wondering why I know these rules and why I'm writing it up - it's because I'm in the situation where I'm having to use this right now.