[Exim] Restricting spoofed sender addresses

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Will Morton
Data:  
Para: exim-users
Assunto: [Exim] Restricting spoofed sender addresses
    Hi all;

I'm trying to restrict relaying through our exim server (v3.34) based on
a mixture of host-based and sender-based directives, and I'm having some
problems. Description follows:

Situation:

The exim box is acting as a 'filter' in both directions between the
outside world and our Exchange box, which handles the mail storage. The
Exim box is registered as the MX record; the Exchange machine is the one
the users have as their mailserver.
The relevant parts of the Exim configure file are:

EXCHANGE_BOX = <ip of exchange box>
MY_DOMAINS = <domains we handle>

relay_domains = MY_DOMAINS
host_accept_relay = EXCHANGE_BOX

Problem:

The current config allows an arbitrary user on the net to send mail
purporting to be from one of our domains to the exim box, which will
then accept it as valid and pass it on to the Exchange server. While a
little investigation of headers can reveal this spoofing, most users
don't look that deeply. So, what I would like to do is disallow mail
from senders in any of our domains, unless that mail is sent from the
Exchange box (as all legitimate mail will be). Although this won't stop
one of our users pretending to be another user, it will hopefully keep
out the kiddies.

My directive to attempt to achieve this was as follows:

sender_reject = ${if eq{$sender_host_address}{EXCHANGE_BOX} {}
{MY_DOMAINS} }

but this is not working - this configuration rejects mail sent by any
address whose domain is in MY_DOMAINS, regardless of whether it is from
the Exchange box or not. Obviously this is somewhat sub-optimal. ;o)

I'm confuzzled. Can anyone help?

    W


--
"Bar Weep Grana Weep Nini Bong"