Hmmm,
Roger's been able to circumvent the checks on my box. I'm actually
intrigued by the way he did it. Now the question is, how do I prevent this
from happening again?
His dialog was:
helo hostname
mail from: nonexist.user@???
rcpt to: his.address@???
data
From: his.address@???
Subject: Relay test
Data.
.
Now... Exim shows that the address was rewritten... how do I get Exim to
verify either the rewritten part (i.e. his.address@???) or the
originally specified sender (i.e. nonexist.user@???)? Where in the
routers do I do this?
Ok Dave, so you win :) - It is not secure. It is however secure enough to
fend off 99.999% of the spammers so far (Roger's the first to actually make
it through, not even ORBS did). I want that last 0.001% to be kicked off too.
Any help is appreciated (and no, I cannot unset the infamous
host_accept_relay option due to the nature of the users).
Andromeda
- The Andromeda HTML Workshop -
http://www.htmlworkshop.com/
Home of Search & Replace 98
