[exim] avoiding local fake sender

Top Page
Delete this message
Reply to this message
Author: Leonardo Boselli
Date:  
To: exim-users
Subject: [exim] avoiding local fake sender
I don't kmow if the subject is correct:
There are a lot of viruses and phishers that send messages with from 
as info@mydomain or admin@mydomain or main@mydomain and so 
on. All these messages are surely fake, since no one sent messages 
with those messages.
I request an help on a way to refuse all messages that:
  option1:  Have as a from an address that could not be routed to [note 
that beside the local users the legal addresses there are also the 
Fist.lastname@mydomain (from /etc/aliases) but also a lot of routers 
that act based on the prefix (so for certains of these prefixes everithing 
tha follows it is legitimate) not forgetting the mailman lists...
    In short: exim should get the message (since the From: field is in the 
headers of the message, i would not care on the address given in mail 
from: line) the look if could deliver to the From: address [if could de 
directed to another server it is considered OK]


Option 2: if option 1 is too much difficult or heavy to the server, just use
a list of forbidden senders. However it should always be taken from the
From: header that is displayed to the user, not from the one given in
mail from phase !

In both cases messages should be refused.--
Leonardo Boselli
Nucleo Informatico e Telematico del Dipartimento Ingegneria Civile
Universita` di Firenze , V. S. Marta 3 - I-50139 Firenze
tel +39 0554796431 cell +39 3488605348 fax +39 055495333
http://www.dicea.unifi.it/~leo