Re: [Exim] [Spoofed Mail addresses spamming mails]

Góra strony
Wiadomość jest częścią wątku:
M-+\pełne drzewo wątku posortowane wg daty
M\MMTim Jackson at <-
MMEdgar Lovecraft at ->
Delete this message
Reply to this message
Autor: Ian A B Eiloart
Data:  
Dla: exim-users
Temat: Re: [Exim] [Spoofed Mail addresses spamming mails]

--On martes, 3 febrero 2004 11:11 +0000 Tim Jackson <lists@???>
wrote:

> Hi Vibhav, on Tue, 03 Feb 2004 16:01:29 +0530 you wrote:
>
>> My Friend who is also an admin , polled to 25 port of my server
>> and he did the following:
>> MAIL FROM:<invalidemailaccount@???>
>> RCTP TO: <validuser@???>
>> and he was able to deliver the mail to my mail box...
>> i want this scenario to be stopped
>
> You are not the first to be making this bizarre request, which still
> astonishes me. How, if you block your friend from "telnet"ing to your box
> and sending you a mail, is any other mailserver going to pass any mail to
> you? Besides, do you think spammers sit there typing "telnet
> mail.victim.example 25"?
>

Actually, I think he's just asking how to validate the left hand side of
the envelope sender address, but it isn't exactly clear. I'm just looking
at the use of "valid" and "invalid" in the email addresses used in the
example.

The answer is to use "require verify = sender/callout" in the appropriate
ACL. It should be the "check recipient" ACL in order that you don't
accidentally prevent people sending email to postmaster.



--
Ian Eiloart
Servers Team
Sussex University ITS



Wiadomość została wysłana do następujących list mailowych:
Exim-users
Informacja o liście mailowej | Najbliższe wiadomości		<-Re: [Exim] Can we Estimate the World Wide Install BaseRe: [Exim] Can we Estimate the World Wide Install Base->
Tahini and Hummus and Cumin Development Archives administrowana przez cumin AdminsLurker (wersja 2.3)