The IMRSS Project requests the assistance of all Exim users in the
large and important task of reducing the number of unrestricted ``open''
relay mail servers on the net, and the task of alerting the folks who
are still running such open relays to the inherent dangers of doing so.
The simplest and most straightforward approach to do ing this (and the
one that will minimize your own daily spam intake at your own local
site) is simply to block all incoming E-mail that arrive at your mail
server from any and all IMRSS-listed open relay servers.
It is clear however that this strategy may be politically unacceptable
at a number of sites.
Because of this, another strategy has been developed under which your
local (Exim) mail server will in fact continue to accept all incoming
E-mails that it would otherwise accept (and deliver them as per normal
procedures) while also simultaneously spoofing/faking an SMTP failure
just after the end of the DATA portion of the SMTP protocol (giving the
SMTP client a 5xx error response after the message body is received,
even though the message was successfully received and even though it
will be delivered normally by the local mail server).
This strategy allows you to continue to accept all incoming E-mails,
even from open relay servers, while still arranging for the original
senders of those incoming messages to be informed (by way of simulated
``bounce'' messages) of the current insecure configuration of their
own mail server.
Patches to implement this strategy for Exim 1.22 are now available on
the IMRSS web site, and can be found via:
http://www.imrss.org/using-notify.html
These patches are believed to work, but have not been heavily tested
yet. We would appreciate feedback from the Exim user community re-
garding the correctness of these patches.
--
*** Exim information can be found at
http://www.exim.org/ ***
