Re: [exim] problem

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Fred Viles
Date:  
À: exim-users
Sujet: Re: [exim] problem
On 22 Feb 2005 at 0:40, dziury@??? wrote about
    "Re: [exim] problem":


|...
| My point is that ,lets see i have a hosting company. im an admin of
| my server , my email is admin@???
| some stupid guy can telnet to my server knowing my customer mail and
| send him information about giving him password or somethink like
| that.he can line for me .(or imitate)
|
| very dangerous for some cases.
| can i disable admin@??? or root@??? for not be use in
| that way ??
| my idea should be clear.


I think so. First, telnet has nothing to do with it. The external
user can just as well (and even easier) set up his mail client to
spoof your address.

The issue is, you want to make sure that emails claiming to be from
certain local username are only sent by authorized users or machines.
The most common ways to do that are to deny in the acl_smtp_rcpt ACL
for local sender addresses that do not originate on your local
network, are not authenticated, or both. The following examples are
untested:

  deny    message        = Spoofed sender address detected
    sender_domains    = yourdomain.com
    !hosts        = +relay_from_hosts
    !authenticated    = *


Above assumes relay_from_hosts represents your legitimate user's
networks. It allows unauthenticated users on your local network and
authenticated users from anywhere to send email using local sender
addresses. To require authentication in all cases, delete the !hosts
line.

This still allows any local user to spoof another local user's
address. If you don't trust your legitimate users, you can require
authentication in all cases and record the authenticated user name
(RTFM for $authenticated_id and server_set_id), then check that the
sender's address matches exactly:

  accept
    sender_domains    = yourdomain.com
    authenticated    = *
    senders     = $authenticated_id@???


  deny    message        = Spoofed sender address detected
    sender_domains    = yourdomain.com


- Fred