RE: [exim] Way to Prevent Spoofed Internal Addresses?

Página Inicial
Delete this message
Reply to this message
Autor: Mark Smith
Data:  
Para: '.|MoNK|Cucumber .', exim-users
CC: 
Assunto: RE: [exim] Way to Prevent Spoofed Internal Addresses?
> From: exim-users-bounces@???
> [mailto:exim-users-bounces@exim.org] On Behalf Of .|MoNK|Cucumber .
> Sent: 25 June 2005 21:55
> To: exim-users@???
> Subject: [exim] Way to Prevent Spoofed Internal Addresses?
>
> Is there a way with exim to prevent spoofed internal addresses?
>
> ie:, someone has a valid internal account, say
> person1@???, and they then go into Outlook and change
> the from address to person2@??? ?
>
> We have this blocked inbound from the net (not allowing
> anything from the internal domain to come in), however,
> people can still spoof from addresses internally.
>
> Any ideas?


You could try something like this:

  deny
    authenticated = *
    !senders = $authenticated_id
    message = Aliases not allowed


However, a problem with Outlook is that when it receives a "deny", instead
of reporting the error message from the MTA it just tries to send the email
again from any other accounts it can find, until it succeeds in sending the
email. If anyone knows how to stop it doing that, I'd appreciate hearing the
solution.

- Mark