Re: [EXIM] Relaying

Pàgina inicial
Delete this message
Reply to this message
Autor: Nigel Metheringham
Data:  
A: exim-users@exim.org
Assumpte: Re: [EXIM] Relaying
> On Fri, 30 Apr 1999 00:27:58 +0100 (BST), Robert Baskerville wrote:
>
> >>     What about this?

> >>
> >> # If this is uncommented, we accept and relay mail for all domains we are
> >> # in the DNS as an MX for.
> >>
> >> relay_domains_include_local_mx = true
>
> >Doesn't this leave you open to abuse though? Anyone can list *your*
> >system as an MX for *their* domain in their DNS....


morpheus@??? said:
>     Yeah.  If that is the case, why is it in there?  If it is in there
> and it is the case, what can one do to use it without opening oneself
> to relay?  It seems to me that if a feature is pretty much worthless,
> why present it in the default config file? 



A site can use you as an unauthorised backup MX if you have this
setting. Frankly this is not a common occurrence, and cannot be used
to do outgoing relaying (ie spam delivery) *unless* the spammer has
pretty much complete control of the DNS that you see (in this case you
have bigger problems). I'd suggest that you look over your log
summaries and if someone is playing this sort of game then contact them
and ask them to desist or come to some amicable arrangement. If they
don't want to play fair then the fact that they are letting their
incoming mail come through your machine gives you unprecedented power
over them - use their domain for all your more esoteric exim tests -
try virus scanning their mail - so what if your virus scanner replaces
all the bodies of any messages with "I think there may possibly have
been a virus in here", or save their mail into another queue which you
only process once every 6 weeks.

    Nigel.
-- 
[ Nigel Metheringham                  Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]




--
*** Exim information can be found at http://www.exim.org/ ***