> On Mon, 8 Dec 1997, David Osborne wrote:
>
> > I have been using the above configuration with, I thought, success. However,
> > it seems that it's not enough to prevent spam being first relayed via other
> > systems on campus which forward outgoing mail through the mail hubs.
> > Annoyingly, one of these other systems is also running Exim 1.73 with the
> > very same lines above in its configuration, so I would have expected it to
> > reject the attempted relay. Other local systems which have been misused as
> > spam relays are not under my control and I think do not have any relaying
> > controls in place.
> >
> > Can I prevent this misuse? Just when I thought I had a handle on the relaying
> > controls, too...
Philip replied:
> If you have to accept mail from any of your other systems from any
> senders, then no. If you are prepared to screw down your rules so that
> you are prepared to relay only if the mail comes from on-campus AND has
> a sender in your domain, then you can set sender_address_relay in
> conjunction with your existing controls.
You must also beware of this path as when I attempted something
similar you find problems such as valid users being unable to forward
mail to their home ISP accounts. When a user attempts to forward an
external message the sender remains an external address and a
forwarded by line is added to the header. Obviously this appears to
the mailhub as from an external address to an external address and
bins it as an attempted relay.
Nigel Cass
Corporate Internet Team Leader
Computing & Network Services
University of Lincolnshire & Humberside
Tel: 01482 463044
Thought for the day :
-----------------------------------------------
Hiroshima '45.....Chernobyl '86.....Windows '95
-----------------------------------------------
--
*** Exim information can be found at
http://www.exim.org/ ***