We have a director that uses "senders =" to restrict access to
certain features based on them being in our local domain.
However, I have noticed that if a spammer uses our local domain
name in a forged HELO/EHLO command then the director is fooled into
thinking that this message has originated locally and can use this
particular facility.
What would be the best way around this?
I could try using helo_verify_hosts to block the forged HELO/EHLOs, but
I seem to recall from previous discussions on the list that that can lead
to the rejection of a lot of genuine connections from misconfigured sites
whose HELO/EHLO address doesn't match the hostname from a reverse
DNS lookup of their IP address.
I am running exim 4.20.
Have other people encountered this sort of issue, and if so, how have
you got around it.