On Wed, 25 Sep 2002, Vincent Sweeney wrote:
> I have a simple enough question regarding an ACL I am trying to create
> for exim-4.10. It is an ACL for any mail accepted for the @mx_secondary
> domain list (ie domains the server is backup for), I would like to
> restrict accepting the mail for just any domain that has an MX record
> pointing at my server as this is open to abuse.
I suppose it is possible to use that to mount a DoS attack on your server,
my pointing their MX record at you, then getting the world to send *them*
lots of mail (which now goes through your server). However they could do
the same attack by sending mail to your address, so the only advantage is
that the atack appears to be against them.
I don't worry that I am accepting mail for anyone capable of listing me
as their MX secondary.
--
Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge
A.C.Aitchison@??? http://www.dpmms.cam.ac.uk/~werdna