Re: [Exim] [Spoofed Mail addresses spamming mails]

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Tim Jackson
Date:  
À: exim-users
Sujet: Re: [Exim] [Spoofed Mail addresses spamming mails]
Hi Vibhav, on Tue, 03 Feb 2004 16:01:29 +0530 you wrote:

> My Friend who is also an admin , polled to 25 port of my server
> and he did the following:
> MAIL FROM:<invalidemailaccount@???>
> RCTP TO: <validuser@???>
> and he was able to deliver the mail to my mail box...
> i want this scenario to be stopped


You are not the first to be making this bizarre request, which still
astonishes me. How, if you block your friend from "telnet"ing to your box
and sending you a mail, is any other mailserver going to pass any mail to
you? Besides, do you think spammers sit there typing "telnet
mail.victim.example 25"?

There is no conceptual difference between someone making what you call a
"telnet" connection on port 25 and a mailserver opening a TCP connection
to that port to send you mail. They are one and the same thing. (Before
anyone gets pedantic, yes, I know that there are certain artifacts of
"telnet" which might conceivably be picked out by a firewall or something,
but that's not really the point - it's not going to stop any spam)

You might, however, wish to consider using DNSBLs of one or another kind
to prevent certain IPs from sending you mail. Look at
http://www.spamhaus.org/ and http://www.dsbl.org/ for a start.

Tim