RE: [Exim] Possible Malice on the Internet??

Top Page
Delete this message
Reply to this message
Author: Jan Johansson
Date:  
To: exim-users
Subject: RE: [Exim] Possible Malice on the Internet??
> 25 it claims to be "tntkenya.com" and running "MDaemon".

MDaemon will fail a relaytest if you forge the sender to be

postmaster@<a valid domain for that MDaemon>

It will happily pass that email along. Even after applying http://info.connect.com.au/docs/mdaemon/mdaemonsecurity.html it will still do that.

You CAN block the postmaster account, but that will get you listed in the rfc-ignorant.org database instead. The best idea seem to be to hammer the people behind MDaemon and get them to fix this.

Here is a link to a server running the newest MDaemon (with the security advice applied), that i tested. As you can see, it failed the test.