Re: [Exim] how to trace user mailsending mails as "nobody"

Top Page
This message is part of the following thread:
M++\the complete thread tree sorted by date
MMMMSuresh Ramasubramanian at <-
Sandip Bhattacharya at ->
Delete this message
Reply to this message
Author: James P Roberts
Date:  
To: ravi, exim-users
Subject: Re: [Exim] how to trace user mailsending mails as "nobody"
----- Original Message -----
From: "Ravi" <ravi@???>

<snip>

> 2.Is there any way to stop scripts like perl to send mails using by
> connecting
> directly port number 25 (ignoring mail server) ?
>

If I understand correctly, you want to block anyone except your own
mailserver from making outgoing connections to remote port 25? Yes,
possible.

Look into iptables firewall rules, to block outgoing connections to port 25
("DST=!loc.alh.ost.ip DPT=25"), but with an exception for the userid of your
mailserver. You might have to enable one of the optional features (I forget
the name of it, but there are resources on the web to give you details), in
order to examine the source uid/gid of each packet. I've not done this
myself, or I'd give you the details. But I'm pretty sure it's possible.

My suggestion would be to create a separate chain ("-j newchain") for
examining outgoing packets to remote port 25, and then put the special
rule(s) for testing the userid and/or groupid inside that chain, so you
don't have to test every single packet.

Hopefully that's enough info to get you on the right path.

Sorry for the non-Exim-related reply, but some things need to be done
outside Exim.

Regards,
Jim Roberts
Punster Productions, Inc.



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-RE: [Exim] Exim SwitchRe: [Exim] Command line mails->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)