Re: [Exim] [Spoofed Mail addresses spamming mails]

Top Page
Delete this message
Reply to this message
Author: Edgar Lovecraft
Date:  
To: exim-users
Subject: Re: [Exim] [Spoofed Mail addresses spamming mails]
Tim Jackson Wrote:
>
> Hi Vibhav, on Tue, 03 Feb 2004 16:01:29 +0530 you wrote:
>
> > My Friend who is also an admin , polled to 25 port of my server > and
> he did the following:
> > MAIL FROM:<invalidemailaccount@???>
> > RCTP TO: <validuser@???>
> > and he was able to deliver the mail to my mail box...
> > i want this scenario to be stopped
>
> You are not the first to be making this bizarre request, which still
> astonishes me. How, if you block your friend from "telnet"ing to your
> box and sending you a mail, is any other mailserver going to pass any
> mail to you? Besides, do you think spammers sit there typing "telnet
> mail.victim.example 25"?
>

I think you missed the point. I believe that he wants to verify the sender
address of his <invalidemailaccount@???> where validdomain.com
is one of his local domains.
-->As stated before, read up on sender verification
--> and reject any non-valid local users, no callout need be done
--> if all accounts are 'local' to the box.
--> During sender/recipient verification exim just tries to
--> 'deliver' to the address by going through all of the Routers.
>
> There is no conceptual difference between someone making what you call a
> "telnet" connection on port 25 and a mailserver opening a TCP connection
> to that port to send you mail. They are one and the same thing. (Before
> anyone gets pedantic, yes, I know that there are certain artifacts of
> "telnet" which might conceivably be picked out by a firewall or
> something, but that's not really the point - it's not going to stop any
> spam)
> You might, however, wish to consider using DNSBLs of one or another kind
> to prevent certain IPs from sending you mail. Look at
> http://www.spamhaus.org/ and http://www.dsbl.org/ for a start.
> Tim
>

--

--EAL--