[Exim] exim3 is OpenRelay

Top Page
Delete this message
Reply to this message
Author: Karel W. Dingeldey
Date:  
To: exim-users
Subject: [Exim] exim3 is OpenRelay
Hi folks,

Since two weeks I'm using exim3 (Debian package). I know that this is
a little bit old, but I want to use the packages Debian offers me and
so I can't use exim4.
Last week I got the message from ORDB that my server is an open relay.
I found out that exim accepts addresses like this one:
    "foreign-user@???
After receiving this mail, exim "unpacks" the foreign address and
forwards the email to foreign-user@???
My first thought was that I forgot to deny this by setting a variable,
but after looking at the documentation at exim.org, searching the web
and asking a debian forum I'm not sure about this. Nobody and nothing
could help me, so I hope you can.


My current exim.conf (main part):
    qualify_domain = criena.net
    # qualify_recipient =
    local_domains = localhost:rechnername.domain.com
    local_domains_include_host = true
    local_domains_include_host_literals = false
    relay_domains = domain.com:domain2.com
    #relay_domains_include_local_mx = true
    #never_users = root
    host_lookup = *
    headers_check_syntax = true
    rbl_domains = rbl.mail-abuse.org/reject :
dialups.mail-abuse.org/warn
    host_accept_relay = 127.0.0.1 : ::::1 : 192.168.1.5/32
    #host_auth_accept_relay = *
    # percent_hack_domains=*
    trusted_users = mail
    smtp_verify = false
    gecos_pattern = ^([^,:]*)
    gecos_name = $1
    smtp_accept_queue_per_connection = 100
    freeze_tell_mailmaster = true
    received_header_text = "Received: \
        ${if def:sender_rcvhost {from ${sender_rcvhost}\n\t}\
        {${if def:sender_ident {from ${sender_ident} }}\
        ${if def:sender_helo_name {(helo=${sender_helo_name})\n\t}}}}\
        by ${primary_hostname} \
        ${if def:received_protocol {with ${received_protocol}}} \
        (Exim ${version_number} #${compile_number} (Debian))\n\t\
        id ${message_id}\
        ${if def:received_for {\n\tfor <$received_for>}}"
    receiver_try_verify = true
    #accept_8bitmime = true
    # This will cause it to accept mail only from the local interface
    #local_interfaces = 127.0.0.1
    #queue_list_requires_admin = false
    forbid_domain_literals = true
    receiver_verify = true


    end


I hope anyone can help me with this problem. If I can't find a
solution I have to change to postfix, but I hate this mailer. :-( So
please have pity with me.

Greetings from Germany,
Karel