Re: [Exim] Exim a Open Relay ?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Dave C.
Date:  
À: reinhard.travnicek
CC: exim-users
Sujet: Re: [Exim] Exim a Open Relay ?
On Tue, 23 Jul 2002, Reinhard Travnicek wrote:

> Hello !
>
> I am using a server with exim as a firewall front end.
> Exim is configured to accept mail only for mydomain.com
> All the mails matching @mydomain.com are then handed to a internal mail
> server.
>
> Unfortunately someone figured out the exim doesn't handle
> Email to: user%otherdom.com@??? correct
>
> If the sender is faked to relaytest@??? and the receipient is


What the sender is shouldnt matter to your relay checks. Only the remote
IP should matter, unless SMTP AUTH was accepted..

> user%otherdom.com@??? the mail is forwarded to the internal server.


Ok, so your exim machine cant verify recipients and see that
"user%otherdom.com" isnt a valid user at your site.. It is optimal if it
can do so..

> The internal server (not doing any relay checking at all) just sends the
> mail out to user%otherdom.com with a sender relaytest@???


If possible, tell the other server not to recognize "%" as special, so
instead of stripping off @yourdomain.com, and turning the "%" into "%",
it just tryies to look for "user%otherdom.com" as a user (and find it
nonexistant and fail the message.

If that is not possible, and you are using exim4, you could use an ACL
to reject and recipient address with a "%" in it..

>
> Is there a way ? Maybe a filter to stop a message already on the Exim ?
>
> TX for your help
>
> Regards
>
> --
> Reinhard Travnicek
> Tech. Manager
> X-tech Austria
>
>
>
> ------------------------------------------------------------------
> This email was checked by AMaViS anti-virus system !
> Get yourself a free email address at http://mail.serverart.org
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>