[exim] Web account spoofing

Pàgina inicial
Delete this message
Reply to this message
Autor: Gururajan Ramachandran
Data:  
A: exim-users
Assumpte: [exim] Web account spoofing
It appears somebody has figured out how to inject
email into our queue via the web account. I have not
figured out if the problem is the web server or exim4
yet. However, I would like to put in a check to make
sure at the exim4 side. I would like to put in a check
to make sure that if the sender email address has our
domain anywhere in it and the email originating
machine's ip address is not in our local area network,
then reject the email. I was thinking about putting
this check in both the rcpt as well as data ACls. Do
you think this will work? If yes, would you know of
any examples where such a test is done so that I can
see how to do it? The documentation is very confusing
so an already exisiting example would be of immense
help to me.

Thanks,

Guru


__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com