Re: [Exim] How to prevent relaying from local domain to loca…

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Matthew Byng-Maddick
Data:  
Para: exim-users
Assunto: Re: [Exim] How to prevent relaying from local domain to local domain
On Thu, Aug 01, 2002 at 02:26:01PM +0200, Steffen Herold wrote:
> > On Thu, Aug 01, 2002 at 09:35:01AM +0200, Steffen Herold wrote:
> > > mail from: receiver@???
> > > rcpt to: receiver@???
> > > the mail will be accepted without any authentication. How to protect from
> > > this?
> > If receiverdomain.de is a real local domain, then that's what you want it
> > to do, surely?
> My problem is that anyone can use the mail server to relay to local users if
> he use a local domain as sender address without authentication.


This is not what "relay" in mail system terms normally means.

> Of course the server have to accept mails to local domains when the sender is
> not local without authentication.


Right

> So is that normal?


Totally.

Think about what happens if you send a mail to another user's outside
address, and they have a .forward (or equivalent mechanism) to forward
back to the same domain.

If you really consider it to be a problem, be aware that it can break
legitimate things, and look up the ACL part of the exim specification.

MBM

--
Matthew Byng-Maddick         <mbm@???>           http://colondot.net/