On Fri, 8 Aug 2003, Tim Jackson wrote:
> Hi Daniel, on Fri, 8 Aug 2003 14:48:41 +0100 you wrote:
>
> > I have this in acl_check_rcpt:
> > accept senders = *@domain1.co.uk : mailbox@???
> > endpass
> > message = unknown user
> > verify = recipient
>
> This is slightly tangential to your question, but whilst trying to block
> mail from open relays, just be careful that you are not turning *yourself*
> into an open relay with that rule. It depends on what rules you have
> before it, but what happens if some random third party (i.e. spammer)
> does:
>
> MAIL FROM: <thisisfaked@???>
> RCPT TO: <spamvictim@???>
>
> ?
Absolutely! You should *never* accept for arbitrary domains based only
on sender address; at least check that the recipient domain is one of
"yours".
As to the original question: are you sure the envelope addresses are
actually those addresses? If those addresses came from From: header
lines, they may not be what is being used in the envelopes.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book: http://www.uit.co.uk/exim-book
