Re: [Exim] how to accept a recipient address format that nor…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Robert Kehl
Data:  
Para: hauser, exim-users
Temas novos: [Exim] main option "hosts_require_tls" unknown ?
Asunto: Re: [Exim] how to accept a recipient address format that normal smtp servers reject before accepting the body/attachments
----- Original Message -----
From: "Ralf Hauser" <ralfhauser@???>
To: <exim-users@???>
Sent: Saturday, September 20, 2003 11:39 AM
Subject: RE: [Exim] how to accept a recipient address format that normal
smtp servers reject before accepting the body/attachments


> > -----Original Message-----
> > From: Robert Kehl [mailto:mailinglists@robertkehl.de]
> > > > You must be using any kind of firewall, aren't you? To stop your
> > > > users
> > > > emailing with a server other than yours, I suggest you use your
> > > > firewall
> > > > in the primary place.
> > > My goal is to have this not just for the users on my LAN, but also
> > > arbitrary outside users.
> >
> > Hm? You want the whole internet to just use your SMTP server? ;-)
> no, just those should use my smtps server who get my specially crafted
> address by means of a Reply-To or From header.
> > If one of your users is connecting from the outside , he/she could

as
> > well connect to any SMTP server in or outside this world. You won't

have
> > control over that as long as you have no control over the

administrative
> > account of that particular machine. In short: No way.
> > But... maybe I didn't get you right on this point?!
> I was hoping to be able to configure my exim such that it will accept

one
> type of addresses that most others don't to avoid inadvertent sending

over a
> non-TLS-protected connection.


Ack. But how is to be using your server, assumingly your users? These
users shouldn't be allowed to send their mail with a *very* special
local part over any other SMTP?

Again, no way. They may use *any* SMTP Relay server - be it an illegal
one or ar legal they probabyl pay for or whatever.

If you force their SMTP accounts on their local PCs to include a
non-existant domain, which won't be routed over the internet but only
accepted by your esim server, you put yourself on the line. I could go
and grab your "placeHolderForNoDomain.com", and all of your user will
send their mail to my legitimate mail server accepting every single
mail.

In short: You cannot ensure that a non-existent domain stays a
non-existent domain - think of the latest Verisign thing. Do not use the
reserved domains like example.com either, they are not intended for
this.

If you want to construct a secure network with roaming agents outside in
the world, secure their workstations, train your personell, train your
users, trim their Mail clients. You have to have control over the
workstations to be passably sure your mail traffic is never sent over
any unwanted server or unencrypted connection.

> > Your dummy domain would for sure never succeed when anyone uses a
> > different SMTP server than yours, as the dummy domain probably won't
> > resolve in real DNS.
> Sounds like a good idea. Hope the other smtps domains really do reject

that
> dummy domain BEFORE "sucking" the body and attachment over the

typically
> unprotected wire.


Bad idea! Any Relay server will first accept the message and *later*
reject it, leaving traces in its' various logfiles, I presume.

> #1)
> recipient_unqualified_hosts = *
> #2)
> qualify_recipient = placeHolderForNoDomain.com
>
> begin acl
>
> acl_check_rcpt:
> #3)
>   accept  hosts = :
>   deny    local_parts   = ^.*[@%!/|] : ^\\.

>
> #4)
> accept authenticated = *
> >>
> Right, doesn't my above exim.conf say
> 1) anybody can provide unqualified recipients


Yes.

> 2) if an unqualified recipient is found, add

"placeHolderForNoDomain.com"

Yes.

> 3) anybody can send me a mail as long as local_parts condition is

fulfilled

Well... anybody with a local part not containing some unwanted symbols
is actually denied.

> 4) furthermore, each sender needs to SMTP-AUTH?


Well... #4) says every successfully authenticated sender will be
ACCEPTed - that's quite a difference from "anyone MUST authenticate".

> If that is right, I don't understand, why I get "5.1.2. Bad Recipient
> format --- no domain specified..."


Me not either... sorry. Perhaps it's a message from your Client?!? I can
imagine there's hardly an email client that's allowing the user to omit
the domain part. At least the usual suspects will always "assist" the
user, I presume. Haven't had a closer look, though.

hth,

Robert Kehl