Re: [exim] Callout Verification and Authentication

Etusivu
Tämä viesti kuuluu seuraavaan säikeeseen:
MNäytä säikeen viestit aikajärjestyksessä
MReinhard Haller <-
MPhilip Hazel ->
Poista viesti
Vastaa
Lähettäjä: Stephen Gran
Päiväys:  
Vastaanottaja: exim-users
Aihe: Re: [exim] Callout Verification and Authentication
On Sat, Oct 02, 2004 at 06:46:08PM +0200, Reinhard Haller said:
>
> >do you mean that these faked addresses are in domains hosted by your
> >ISP (the one requiring AUTH)? You should be more precise.
>
> ***********************************
> hostlist asmtp_hosts = smtp.1und1.com : auth.mail.onlinehome.de
> 
> internet:
>     driver = manualroute
>     domains = ! +local_domains
>     transport = remote_auth_smtp
>     route_list = * smtp.1und1.com: auth.mail.onlinehome.de:
> mail.onlinehome.de bydns
>     no_more

> 
> remote_auth_smtp:
>     driver = smtp
>     hosts_require_auth = +asmtp_hosts
>     interface = If_ext_local
> ***********************************
> There are 3 hosts, 2 of them require authentication.

>
> I do'nt want to check the sender_address of the mail, I want to check
> the header_sender.
>
> And the problem is that the verify selects a transport requiring
> authentication, but it
> does'nt authenticate as in normal operation nor does it use the host
> mail.onlinehome.de
>
> Connecting to smtp.1und1.com [212.227.15.161]:25 from xxx ... connected
>
> read response data: size=68
> SMTP<< 220 mrelayng.kundenserver.de ESMTP Fri, 01 Oct 2004 20:45:18
> +0200
> SMTP>> HELO yyy read response data: size=78
> SMTP<< 250 mrelayng.kundenserver.de Hello yyy []
> SMTP>> MAIL FROM:<>
> read response data: size=29
> SMTP<< 530 Authentication required 

Change to something like:
internet-verify:
    driver = manualroute
    domains = ! +local_domains
    transport = remote_auth_smtp
    route_list = * mail.onlinehome.de bydns
    verify_only
    no_more


internet:
    driver = manualroute
    domains = ! +local_domains
    transport = remote_auth_smtp
    route_list = * smtp.1und1.com: auth.mail.onlinehome.de: mail.onlinehome.de bydns
    no_more
    no_verify


remote_auth_smtp:
    driver = smtp
    hosts_require_auth = +asmtp_hosts
    interface = If_ext_local


This should, I think, only use the hosts requiring authentication for
normal operations, and skip them in the verifying phase. But won't
mail.onlinehome.de accept all your mail, making the verify check
useless? I guess if it's verifying before accepting your mail it will
work.
--
--------------------------------------------------------------------------
|  Stephen Gran                  | Be nice to people on the way up,        |
|  steve@???             | because you'll meet them on your way    |
|  http://www.lobefin.net/~steve | down.   -- Wilson Mizner                |
--------------------------------------------------------------------------


Viesti on lähetetty seuraaville postituslistoille:
Exim-users
Tietoa listasta | Läheiset viestit		<-Re: [exim] support for domainkeys[exim] rogue connections to broadcast addresses->
Tahini and Hummus and Cumin Development Archives ylläpitäjä cumin AdminsLurker (versio 2.3)