Well, before upgrading to 4.2, I am trying the receiver_verify options. I
currently just set
receiver_verify = true
receiver_verify_hosts = *
I hup the process, and now every address I try on the system (after removing
the catchall, of course) says "verified" in an SMTP session. Could the fact
that I am using the smartuser to authenticate users have anything to do with
it?
To those on the list: I am trying to reject email where the rcpt to address
doesn't exist on the system...
Sincerely,
Rick Duvall
----- Original Message -----
From: "Nigel Metheringham" <Nigel.Metheringham@???>
To: "Rick Duvall" <rduvall@???>
Cc: <exim-users@???>
Sent: Wednesday, June 18, 2003 9:21 AM
Subject: Re: [Exim] Spammer spoofing as a nonexistant user on my system!
> On Wed, 2003-06-18 at 17:01, Rick Duvall wrote:
> > Is there any way to block
> > messages that are to an address that doesn't exist? The only problem I
see
> > with doing that is that spammers could then connect to my port 25 and
test
> > until they find a good address.
>
> They are effectively scanning you for addresses anyhow - accepting the
> messages is just giving you the chance to pay for bandwidth etc.
>
> For exim 3.x use the various receiver_verify options - see
> http://www.exim.org/exim-html-3.30/doc/html/spec_11.html#SEC326
>
> Control of this is better in exim 4. Adding sender verification also
> gets rid of stuff from unroutable senders - although spammers just use
> someone elses domain - ie yours.
>
> Nigel.
>
> --
> [ Nigel Metheringham Nigel.Metheringham@??? ]
> [ - Comments in this message are my own and not ITO opinion/policy - ]
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at
http://www.exim.org/ ##
>
>
