[Exim] Deny false bounce messages

Top Page
Delete this message
Reply to this message
Author: Exim mailing list user
Date:  
To: exim-users
Subject: [Exim] Deny false bounce messages
Question: is there an easy(?!) config change to Exim, or an add-on
      tool, to deny bounces from messages that you didn't send in
      the first place?


To do this properly I suppose our Exim server would have to keep a
database of destination addresses sent to, with dates, and then deny
any bounce that came in after say, 10 days. This would still allow
real bounces for our real messages.

(TMDA takes a different approach -- allowing "timed reply-to"
addresses that achieve the same end result.
    http://mla.libertine.org/tmda-users/2003-12/msg00022.html
)


What prompts this is (a) the large amount of junk we've been getting
recently, and (b) we publish Phil Hazel's book on Exim 4 and today
received a message from someone using Exim, who is getting a large
no. of bounce messages due to spammers using their addresses. (See
below.)

    Thanks,
    Niall



> Subject: EXIM antivirus
> Dear EXIM
>
> Yesterday I received 326 e mails from software which detects e mail
> virus. As you know worm virus are stealing addresses, and sending out e
> mails as if they came from that address.
>
> Antivirus software - in some cases - picks up the fact that there is a
> vius, and mails the SUPPOSED sender. Consequently I got 326 e mails on
> my system as a result of somebobdy else getting a virus. In fact I would
> have got none if the antivirus system had not been sending out automatic
> replies. We have automatically daily update on our virus checker, and it
> doesn't send out warnings, it just warns me. The anti-virus system is
> now much MORE of a problem than the original virus.
>
> I am not sure that your EXIM is the one producing this software, but I
> have to start somewhere to tell EXIM the problem they are causing.
>