Re: [Exim] Bypassing RBL check for authenticated users.

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Giuliano Gavazzi
Date:  
À: Oren Levi
CC: exim-users
Sujet: Re: [Exim] Bypassing RBL check for authenticated users.
At 16:10 -0400 2003/09/17, Oren Levi wrote:
>Nope those changes made the server open to relay from anyone.
>
>Authentication wasn't checked. as well.


what changes? I would exclude that the standard configuration file
makes the server an open relay!

>
>I'm puzzled how does the ACL distinguish between a relay and a local
>delivery from outside ?


a local delivery is characterised by this condition (from the outside
or the inside is irrelevant):

domains    = +local_domains


a relay can be of two types:

a relay to a domain (as a recipient domain) for which we relay, the
typical statement is:

   accept  domains       = +relay_to_domains
           endpass
           message       = unrouteable address
           verify        = recipient


or a relay to any domain but from authorised sources. A source can be
authorise either because its IP address belongs to a given list:

accept  hosts         = +relay_from_hosts


or because the source used SMTP AUTH:

accept authenticated = *

Still keep in mind what I said in my prev email, and read the spec.txt.

Giuliano