Re: [Exim] ACLs - much confusion.

Top Page
Delete this message
Reply to this message
Author: Daniel Bye
Date:  
To: exim-users
Subject: Re: [Exim] ACLs - much confusion.
--
On Fri, Aug 08, 2003 at 03:14:20PM +0100, Tim Jackson wrote:
> Hi Daniel, on Fri, 8 Aug 2003 14:48:41 +0100 you wrote:
>
> > I have this in acl_check_rcpt:
> >   accept  senders = *@domain1.co.uk : mailbox@???
> >           endpass
> >           message = unknown user
> >           verify = recipient

>
> This is slightly tangential to your question, but whilst trying to block
> mail from open relays, just be careful that you are not turning *yourself*
> into an open relay with that rule. It depends on what rules you have
> before it, but what happens if some random third party (i.e. spammer)
> does:
>
> MAIL FROM: <thisisfaked@???>
> RCPT TO: <spamvictim@???>
>
> ?


Hmm, good question. The condition immediately before this is the standard
`require verify = sender'. I guess I could restrict the above block to
apply only if the recipient is a local user. Which still leaves the
possibility of my users receiving spoofed mail, but at least I'm not then
responsible for propagating the spammers' filth across the Internet.

How do others deal with this sort of situation? I can't believe I'm the
first to want to do it!

Cheers,

Dan

--
Daniel Bye

PGP Key: ftp://ftp.slightlystrange.org/pgpkey/dan.asc
PGP Key fingerprint: 3B9D 8BBB EB03 BA83 5DB4 3B88 86FC F03A 90A1 BE8F
                                                                     _
                                              ASCII ribbon campaign ( )
                                         - against HTML, vCards and  X
                                - proprietary attachments in e-mail / \
--
[ Content of type application/pgp-signature deleted ]
--