Re: [Exim] Blocking 'forwarded' spam, a smarter callout?

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Bob Tanner
CC: exim-users
Subject: Re: [Exim] Blocking 'forwarded' spam, a smarter callout?
On Mon, 10 Nov 2003, Bob Tanner wrote:

> Recently went sub-domains. In order to keep backward compatibility, we've
> setup forwards for the "important" address.
>
> Example, /etc/aliases:
>
> support@???: support@???
>
> Part of the sub-domain move was so I could control the MX hosts for
> subdomain.tld.com and not have to depend on the main mail hub for spam
> protection.
>
> The problem is now spammers send mail to support@???, they get forwarded
> to MX host for subdomain.tld.com, a callout happens, and from what I can see
> in the logs, the callout goes to tld.com, which passes.
>
> How can I make subdomain.tld.com do a callout on the sender for the
> originating sender, not the forward of tld.com?


If you have verify=sender/callout, then Exim *should* be doing a callout
on the original sender. Assuming you aren't changing the return path on
your aliasing router, that is.


--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book:    http://www.uit.co.uk/exim-book