Re: [Exim] Preventing forged From: headers (exim 3.36)

Pàgina inicial
Delete this message
Reply to this message
Autor: Dave C.
Data:  
A: Robert Lister
CC: Leonardo Boselli, ice, exim-users
Assumpte: Re: [Exim] Preventing forged From: headers (exim 3.36)
On Tue, 25 Jun 2002, Robert Lister wrote:

> On Tue, Jun 25, 2002 at 05:18:34PM +0200, Leonardo Boselli wrote:
> > I keep the entire message as quoting.
> > I have to say that what you are tryng to do, and also TT- help is
> > extremely dangerous.
> > You could do it on a list_by_list basis, if you know that messages
> > to the list can come only from internal network (in that case you
> > caould just make an IP check)
> > YOU CANNOT DO for regular user.
> > Suppose two scenarios [very common ..]
> > Two of your users subscribe to a list, outside your domain, so everi
> > message sent by one of them is sent to the other. so the list
> > processed message will come from aoutside, whit a local from.
> > You cannot set an exception list, since you should know all
> > possible routings for any possible list.
> > This message would be bounced and some server (say yahoo, for
> > example) would just kick out the user generating bounces, without
> > his/her cause, just due your settings !!
>
> I don't really understand what you mean.
>
> No users should send "from" my domain unless they were on a client from an
> IP address authorized to do so, inside this network. period.
>
> If they're outside my network, they shouldn't be sending me e-mail with my
> own domain in the "From:" headers. I want a filter to pick this up and
> throw it away (not reject it, but discard it, as the sender/From: header
> is of course forged, and so the bounce message goes to the list, usually
> quoting the spam.)
>


Yes, but you are forgetting the case where one of your local users sends
a perfectly valid message, to an address an some 'other' system that has
a .forward that ends up directing the message back to an address on your
server. Then, this message, coming from this 'other' server,
legitimately has a From header (and envelope sender even), in your
domain