Re: [Exim] Question about rbl and host_accept_relay handling

Góra strony
Delete this message
Reply to this message
Autor: Exim Users Mailing List
Data:  
Dla: Bjoern Metzdorf
CC: exim-users
Temat: Re: [Exim] Question about rbl and host_accept_relay handling
[ On Thursday, September 27, 2001 at 23:52:07 (+0200), Bjoern Metzdorf wrote: ]
> Subject: [Exim] Question about rbl and host_accept_relay handling
>
> There were 2 things I noticed:
>
> 1. Some spammers (there were several) used a sender domain with a MX record
> pointing to 127.0.0.1 (tricky, eh?).
> Although "relay_domains_include_local_mx = true" should not be affected by
> this (there is no MX record of the recipient address pointing to 127.0.0.1)
> sender checks based on local mx entries will be affected by this.


The fault here is with the expectation that relay_domains_include_local_mx
can ever be used safely on a public network. It cannot. It causes your
mailer to trust data received from the network (unless you externally
filter all bogus unauthorised MXs from public DNS responses, I guess).

> 2. The spammers used IP addresses without reverse mapping. In the logs I saw
> that they were permitted (!) to relay, although they were not in any list of
> host_accept_relay. I suppose this is due to the +warn_unknown. All IPs if
> the spammers were listed in rbl databases.


host_accept_relay=+warn_unknown sounds like a fundamentally dangerous
option too.....


-- 
                            Greg A. Woods


+1 416 218-0098      VE3TCP      <gwoods@???>     <woods@???>
Planix, Inc. <woods@???>;   Secrets of the Weird <woods@???>