Re: [Exim] Columbian Spammer

Top Page
Delete this message
Reply to this message
Author: Thomas Fini Hansen
Date:  
To: exim-users
Subject: Re: [Exim] Columbian Spammer
On Mon, Nov 03, 2003 at 12:16:46PM -0500, Wakko Warner wrote:
> If someone configured their MX to point to my machine and I have no idea who
> these people are, they may get blacklisted by me. However, if the rcpt to
> domain is always the same, it would be easy to figure out WHO did the
> configuring.


We've actually have this happen with Exim 3. Some ISP fatfingered
somewhere and an innocent party ended up having our mailserver as
MX. We noticed because of relay_domains_include_local_mx and Exim
froze the messages because we we're the primary. We got hold of them
and got it all sorted out in a nice civilised manner. They were happy
that we held onto their mail.

> I dislike the @mx (I forget what it was called) in the relay_to_domains for
> this reason. But that's just me. I'd rather not unknowningly become
> someone's backup MX.


Well, it's somewhat useful. When boss calls that a customer lost their
mailserver, I can just tell him to put our server as a secondary,
it'll sort it out.

I've been pondering it for the new Exim 4 mailserver. On one hand,
automatic relaying is handy, on the other it would be nice to have a
tad more control. So how about an ACL that accepts them with @mx_any,
but freezes (holds perhaps?) if the domain isn't on the approved
secondaries list? Seems like the nicest solution for me, I can tell
people just to add us as a MX even if I'm in the middle of nowhere,
and flush it when I get back, but it wont relay unapproved.

--
Thomas
beast@???