Hello everyone,
I am currently having some issues with Exim 4.14 regarding SMTP
Auth. The problem seems to be that I have been put into some ORDB and I
don't know how many others as an open relay. After running some test I
found that my issue is a spammer can pose as spammer@??? and be able
to send to spammer@??? and bypass SMTP Auth. Does anyone have an
idea of how I can resolve this issue? Any ideas or information would be
greatly appreciated. Thank you.
Here is my ACL and SMTP Auth Configs:
------------------------------------------------
ACL
check_recipient:
require verify = sender
require verify = recipient
deny dnslists = relays.ordb.org : blackholes.mail-abuse.org :
relays.mail-abuse.org :
deny local_parts = ^.*[@%!/|] : ^\\.
deny senders = :
accept
deny message = relay not permitted
check_message:
accept
check_vrfy:
require authenticated = *
------------------------------------------------
Authenticators
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = ${if ldapauth \
{user="cn=${extract{1}{@}{$1}},dc=${extract{2}{@}{$1}},o=mye-znet"
\
pass="$2" \
ldap:///} \
{yes} {no} }
server_set_id = $1
ptext:
driver = plaintext
public_name = PLAIN
server_condition = ${if ldapauth \
{user="cn=${extract{1}{@}{$2}},dc=${extract{2}{@}{$2}},o=mye-znet"
\
pass="$3" ldap:///} {yes} {no} }
server_set_id = $2
------------------------------------------------
