On Thu, 16 Oct 1997, John Horne wrote:
> The "helo_verify_nets" option will check the IP address but it doesn't fail
> (i.e. disallow the connection) if someone is forging their address - I gather
> that the RFC(s) state that any argument to the HELO/EHLO must be accepted.
The next Exim has an option to cause rejection, because some people have
asked for it, but personally I don't think that matters much. You *do*
have the IP address of the calling machine.
> Other than that I don't know how to ensure that "postmaster@???"
> is "postmaster@???" if you get my meaning :-) Even then though I
> don't think I can really verify the postmaster bit. Or am I misunderstanding
> your reply?
You can check that the message came from 141.163.38.200 by seeing what
Exim put in the Received header. But that only checks where it last came
from. If 141.163.38.200 can be used as a relay, the message could have
originated elsewhere. If you have 141.163.38.200 tied down against
relaying, and you are running your mailer on it as (say :-) "exim" and
you are running an identd on it, then if you get mail from
141.163.38.200 with an ident entry of "exim" you can have some
confidence in the envelope sender. Or else 141.163.38.200 has been
broken into.
I think. (I am always very wary when it comes to this kind of thing.)
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714
--
* This is sent by the exim-users mailing list. To unsubscribe send a
mail with subject "unsubscribe" to exim-users-request@???
* Exim information can be found at http://www.exim.org/
