[Exim] Protecting Percent-Hack exploitable machines with exi…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Marc Haber
Datum:  
To: exim-users
Betreff: [Exim] Protecting Percent-Hack exploitable machines with exim
Hi,

I am running an exim box (Debian Linux with exim 3.31) that relays all
incoming mail for the customer's domain to their internal Netscape
mail server via a domainlist router (example.com netscape.example.com
bydns_a). Unfortunately, that netscape box is exploitable for the
percent hack and will happily relay mail to
localpart%other-domain@??? to localpart@other-domain.

So what I need is to prevent recipients with % in their local part to
reach the netscape box. This is what I have done:

DIRECTOR:
fail_percent:
    driver = smartuser
    local_parts = ^.*%
    new_address = ":fail: no percent in local part here"


ROUTER:
fail_percent:
    driver = domainlist
    local_parts = ^.*%
    route_list = "* localhost"
    self = local


What I am now experiencing is that sometimes, when an e-mail comes in
with % in the _header_ sender, the receiving exim process starts
eating CPU and memory. Stracing the exim process shows a lot of name
server operations for localhost. When I comment out the router, the
mail goes through fine.

I don't know what is going on here, and what I might have been doing
wrong, but it might be possible that changing the router list to "*
localhost byname" will solve the problem. Any ideas what happens here?

Greetings
Marc

-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber          |   " Questions are the         | Mailadresse im Header
Karlsruhe, Germany  |     Beginning of Wisdom "     | Fon: *49 721 966 32 15
Nordisch by Nature  | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29