RE: [Exim] how to get rid of faked mail from own domain

Góra strony
Delete this message
Reply to this message
Autor: Jae Chang
Data:  
Dla: exim-users
Temat: RE: [Exim] how to get rid of faked mail from own domain
Tim... This is working beautifully. Thank you very very much! I'm kicking
myself for not finding the $interface_address variable earlier.

Also, in our case, the rewards far outweigh the risk. My user base is small
enough where I can try to help everyone work around the problem in some way.

Cheers!

-----Original Message-----
From: exim-users-admin@??? [mailto:exim-users-admin@exim.org] On Behalf
Of Tim Jackson
Sent: Wednesday, August 04, 2004 3:21 AM
To: exim-users@???
Subject: Re: [Exim] how to get rid of faked mail from own domain


Hi Simon, on Wed, 04 Aug 2004 10:36:33 +0100 you wrote:

[in response to Jae asking about blocking env sender=local when
i/face=external]

> I didnt write it but this is the rule I use to prevent spoofing of my
> own inteface if thats what you mean:

[snip example of blocking HELO of your.interface.IP]

I think Jae was trying to ask how to block mail with an envelope sender of
one of his local domains originating on the external interface.

Jae, you can do it with something like the following but, as David rightly
pointed out, it is probably not a good idea and you are likely to break
things.

deny   message   = Forged sender domain
       condition = ${if eq{$interface_address}{your.external.ip}{1}{0}}
       sender_domains = +local_domains


Consider mailing lists (expansion-type) that don't rewrite the return
path, forwarded mail that ends up back at you, etc. This means you
shouldn't do this unless you are really sure you've thought through all
the possible scenarios where mail with a "local" domain env sender might
well be coming in on the external interface.


Tim

--

## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at http://www.exim.org/ ##