Re: [Exim] SMTP Spoofing - Preventing Local Relaying

Top Page
This message is part of the following thread:
M++\the complete thread tree sorted by date
MMMMTim Jackson at <-
MMMJason Robertson at ->
Delete this message
Reply to this message
Author: Tony Earnshaw
Date:  
To: exim-users
Subject: Re: [Exim] SMTP Spoofing - Preventing Local Relaying
tir, 2003-03-04 kl. 02:51 skrev Mail List:

> --But-- if you try and send mail to another domain/user on the server
> housing domainA.com, then exim will accept the connection and hand-off the
> message.. For example if you try and send from the above "domainA.com"
> account, and send a message to "admin@???" (or to any domain/user
> on the server), then the mail server will accept and deliver the mail.. In
> the maillog, you'll see this message from such an attempt:
>
> Feb 26 21:22:01 exim[1609]: 2003-02-26 21:22:01 Authentication failed for
> dhcpxxx-xxx-xxx-xxx.rr.com (owksu-j28xloafc.domainA.com) [24.xxx.xxx.xxx]:
> 535 Incorrect authentication data
>
> (the 24.xxx.xxx.xxx is my RR connection to the net)
>
> But that's just a warning in the log, even though it reports "Incorrect
> authentication data" -the mail server will still accept/deliver the message
> using domainA.com as the SMTP server from the MTU..
>
> This isn't the way it's suppose to work correct..? I'm just having a hard
> time explaining what's going on here, but I'm fairly sure it shouldn't be
> doing what it's doing.. :-)

I don't really understand this thread (I always start at what came in
last and work my way back.)

Everything one could possibly think of is configurable in Exim, to the
extent that after years' of Exim configuration I'm continually finding
out new and better ways of doing things. And here are all my heoes
agreeing with Xantippe that they're not.

But with respect to the above single point, Xantippe (I'll call you
Xantippe, since it's a good name):

I think your main problem is that you have a lot of catching up to do
and Exim's new to you. You can configure Exim authentication in one of
several ways. Globally or individually you can grant or deny any desired
permission on almost any basis to do anything to anyone who
authenticates correctly or doesn't. You just haven't discovered how,
yet. Give yourself a month or twelve with much reading and practice.

If one tries to explain to a dedicated Sendmail, Qmail or Postfix person
how flexible and elegant Exim is, they simply mawp and can not
understand, since there is no parallel. The best one I've seen lately
was on the SA list, where a Qmail admin boasted that Qmail hadn't needed
any bugfixes whatsoever for the last 4 years.

Best,

Tony

--

Tony Earnshaw

All the world is mad, exceptin thee and me
and even thee's a little queer 

e-post:        tonni@???
www:        http://www.billy.demon.nl




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] Re: SPA with Outlook 2KRe: [Exim] [ Exim 3.36 ] SMTP AUTH hacked ?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)