Re: [Exim] Blocking bogus bounces caused by viruses

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Greg Ward
Dátum:  
Címzett: exim-users
Tárgy: Re: [Exim] Blocking bogus bounces caused by viruses
On 15 October 2002, Sheldon Hearn said:
> In my environment, it is never legitimate for hosts outside of the
> servers network to send mail from MAILER-DAEMON at one of the local
> domains.
>
> So I'm thinking of adding this to my acl_smtp_rcpt ACL:
>
>  # Deny messages from the outside world with MAILER-DAEMON at a local
>  # domain as the sender address, to weed out messages from virus SMTP
>  # engines (which have a tendency to use such sender addresses) before
>  # they reach the content scanner and result in bounce messages that the
>  # postmaster has to read.
>  #
>  deny    message       = invalid use of sender <$sender_address>
>          sender_domains= +local_domains
>          hosts         = !127.0.0.1/32 : !10.0.0.0/24 : *
>          condition     = ${if eq \
>                            {${lc:$sender_address_local_part}} \
>                            {mailer-daemon} \
>                            {yes}{no} \
>                          }


I do something similar for python.org, with the difference that *all*
@python.org addresses (except for a handful that can legitimately
originate externally) are banned. Check the archive for the pros-and-
cons discussion -- this is not something you should do lightly.

Of course, if the only address you're banning is
mailer-daemon@???, there's much less danger. I would suggest
adding postmaster@???, which is also forged by viruses.

And I bet you can do it more cleanly using an address list. Maybe
something like this:

  deny    message       = invalid use of sender <$sender_address>
          sender_domains= +local_domains
          hosts         = !127.0.0.1/32 : !10.0.0.0/24 : *
          senders       = postmaster@* : mailer-daemon@*


Untested, YMMV, etc.

        Greg
--
Greg Ward <gward@???>                         http://www.gerg.ca/
I haven't lost my mind; I know exactly where I left it.