Re: [Exim] Preventing forged From: headers (exim 3.36)

Top Page
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Robert Lister
CC: Leonardo Boselli, ice, exim-users
Subject: Re: [Exim] Preventing forged From: headers (exim 3.36)
On Tue, 25 Jun 2002, Robert Lister wrote:

> > Yes, but you are forgetting the case where one of your local users sends
> > a perfectly valid message, to an address an some 'other' system that has
> > a .forward that ends up directing the message back to an address on your
> > server. Then, this message, coming from this 'other' server,
> > legitimately has a From header (and envelope sender even), in your
> > domain
>
> Hmm. In our setup, the likelihood of that happening is virtually zero.
> I'd deal with that on a case by case basis.
>
> So I think what I want is:
>
> 1. For things going to selected list addresses (not all users)


Ah #1 is the saving condition there. Its not likely that someone at a
remote site is going to .forward their mail to your list(s)

> 2. Is the "From:" address from our domain?
> 3. If it is, is the IP address one that is internal to us?
> 4. If all these match, then send, if not, freeze it (or discard it)


The following bit of smtp_rcpt ACL would do the trick, substituting your
actual data (possibly with file lookups/etc, as needed) in the correct
formats. Note this cant look at the "From:" header, only the envelope
sender address..


deny    senders = yourdomain.com
    recipients = selected@list_address.com
    !hosts = your_internal_IP's
    message = Forged mail not permitted



>
> So in fact I want something not to apply to regular users, just things
> that are directed to the mailing lists. Which will not have any funny
> forward files etc.
>
> Rob
>
>
>
>


--