Re: [Exim] Open relay

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Brian K. West at <-
MM 
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Guillaume Finance
CC: Exim Group
Subject: Re: [Exim] Open relay
On Fri, 6 Oct 2000, Guillaume Finance wrote:

> Here is a part of my config file which still doesn't work with the anti-spam
> 3rd relay :
>
> primary_hostname = mail.test.com
> qualify_hostname = mail.test.com
> sender_verify
> sender_verify_reject
> sender_verify_fixup
> receiver_verify
>
> local_domains = "/etc/exim/local_domains"
> relay_domains = "/etc/exim/local_domains"
> sender_address_relay = "partial-lsearch;/etc/exim/local_domains"
> host_accept_relay = 0.0.0.0/0

^^^^^^^

This item lets anyone on any network send mail to anyone through your
server. You want to change this to just list your own network(s).


The sender_address_relay would permit anyone who could forge an email
address in your domain (postmaster@primary_hostname would be trivial to
guess) to send email from anywhere through your server to anyone. relay
permission be sender address is not very secure.

Really, you want to allow:

1. Hosts on one of your local networks to relay to anyone through your
server.

2. Hosts on any network, to be able to send only to addresses that are
local to your server.

The difficulty is users who use random networks (possibly they are
travelling) who want to send mail. One possibility is to have them use
the SMTP-server on whosever network that are connecting
through. Another possibility is SMTP AUTH.

> relay_match_host_or_sender
> ...
>
> Note that I want to allow users from the Internet to check and receive their
> message.
>
> Thanks in advance for your suggestions and help
> Guillaume
>
> ----- Message d'origine -----
> On Fri, Oct 06, 2000 at 12:40:04PM +0200, Guillaume Finance wrote:
> > I want to make my email server conform to anti-spam/open relay specs
> (www.mail-abuse.net)
>
> Good.
>
> > The Exim note about the relay hasn't helped me to solve the problem - note
> that I want users from the Internet to be able to check and send their
> emails.
> > Could anybody can send me commands to set in my configuration file.
>
> What exactly is your problem then? By default Exim will not relay...
> 
> --
>   Please use PGP when replying to this message
> Dr Yann Golanski                            Internet Systems Developer
> PGP: http://www.kierun.org/pgp/key-planet   Mailmaster for the Planet Online

>
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>

--




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Open relayRe: [Exim] host_lookup_nets_except?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)