Re: [Exim] exim MTA used as unauthed relay

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Nico Erfurth
Date:  
À: Chris Huff
CC: 'exim-users@exim.org'
Sujet: Re: [Exim] exim MTA used as unauthed relay
Chris Huff wrote:
> I thought i had a secure setup. I would see people try and relay off of me
> all the time but all of the sudden i noticed my server was being used as a
> relay for a spammer and Im quite pissed off and dissapointed. Im not sure
> what i did wrong.


....

> fixed_login:
> driver = plaintext
> public_name = LOGIN
> server_condition = "${if eq
> {${lookup{$1}lsearch{/usr/local/exim/exim.passwd}{$value}}} {$2} {yes}
> {no}}"
> server_set_id = $1
> server_prompts = "Username:: : Password::"


${lookup{$1}lsearch{/usr/local/exim/exim.passwd}{$value}}

What will it return in case of no match .... an empty string, the
spammer authenticates with "server:" user=server password=<EMPTY>

so your condition becomes

${if eq {} {} {yes}{no}}

so it returns "yes", the usual way to solve this is using the fail
keyword as the last argument of the lookup, this will make the expansion
fail completly.

${lookup{$1}lsearch{/usr/local/exim/exim.passwd}{$value}fail}
                                                         ^^^^


Nico