--
My relaying permisssion are based on SMTP Auth or pop before smtp.
I tested it in the command line, but still do not know how the message could
pass. I atached the debug information to this mail.
Thanxx Steffen
"Dave C." <djc@???> wrote:
> On Thu, 1 Aug 2002, Steffen Herold wrote:
>
> > Hello,
> >
> > I'm using exim V3.35 and smtp auth. Smtp auth works fine but if there is a
> > smtp mail incoming with
> >
> > mail from: receiver@???
> > rcpt to: receiver@???
> >
> > the mail will be accepted without any authentication. How to protect from
> > this?
>
> Sounds like you are relaying based on the sender email address. This is
> insecure, as you can see.
>
> Relay permissions should be granted by sender IP address and/or SMTP
> AUTH (or a POP/IMAP-before-SMTP approach) only.
>
>
>
> >
> > Thanx Steffen Herold
> > --
> >
> >
> >
> > --
> >
> > ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##
> >
> >
>
>
>
>
>
--
+-------------------------------------+
| This email was sent using RP-Webmail|
| http://www.rasterpunkt.com/ |
+-------------------------------------+
--
[ Content of type application/octet-stream deleted ]
--