[Exim] RE: SMTP AUTH Open Relay...

Góra strony
Delete this message
Reply to this message
Autor: Thai Q. Tran
Data:  
Dla: Exim
Temat: [Exim] RE: SMTP AUTH Open Relay...
Hello everyone,
    I am currently having some issues with Exim 4.14 regarding SMTP
Auth.  The problem seems to be that I have been put into some ORDB and I
don't know how many others as an open relay.  After running some test I
found that my issue is a spammer can pose as spammer@??? and be able
to send to spammer@??? and bypass SMTP Auth.  Does anyone have an
idea of how I can resolve this issue?  Any ideas or information would be
greatly appreciated.  Thank you.


Here is my ACL and SMTP Auth Configs:

------------------------------------------------
ACL
check_recipient:
  require verify = sender
  require verify = recipient
  deny dnslists = relays.ordb.org : blackholes.mail-abuse.org :
relays.mail-abuse.org :
  deny local_parts = ^.*[@%!/|] : ^\\.
  deny senders = :
  accept
  deny    message = relay not permitted


check_message:
accept

check_vrfy:
require authenticated = *

------------------------------------------------
Authenticators
login:
   driver = plaintext
   public_name = LOGIN
   server_prompts = "Username:: : Password::"
   server_condition = ${if ldapauth \
     {user="cn=${extract{1}{@}{$1}},dc=${extract{2}{@}{$1}},o=mye-znet"
\
     pass="$2" \
     ldap:///} \
     {yes} {no} }
    server_set_id = $1


ptext:
   driver = plaintext
   public_name = PLAIN
   server_condition = ${if ldapauth \
     {user="cn=${extract{1}{@}{$2}},dc=${extract{2}{@}{$2}},o=mye-znet"
\
     pass="$3" ldap:///} {yes} {no} }
   server_set_id = $2
------------------------------------------------