Re: [exim] Seeking advice how to deal with spam faked to app…

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Fred Viles
Data:  
Para: exim-users
Assunto: Re: [exim] Seeking advice how to deal with spam faked to appear as coming from my domain
On 16 Nov 2005 at 12:57, Exim User wrote about
    "Re: [exim] Seeking advice how to de":


| This is my acl_check_rcpt, slightly flattened. Where is the part,
| responsible for letting through empty senders bounce messages? I can't
| recognize it.


As I understand it, your problem is not "letting through empty
senders bounce messages". The problem is more general: you are
accepting mail for non-existant users in your local domain, which
then can't be delivered.

As I said, the stanza of your RCPT ACL that you originally posted
*should* reject messages for unknown local users. I gave two reasons
why it may not be doing so.

| acl_check_rcpt:   
| 
|   accept  hosts          = 127.0.0.1
|   endpass
|   message        = unknown user
|   verify         = recipient


This is your only accept above:

|...
|   drop    message        = Recipient unknown
|           !verify        = recipient
|           delay          = ${eval: ($rcpt_fail_count + 1) * 1}m


So the problem is not in your RCPT ACL. Look to your routers. For
some reason the non-existant local recipient is passing verification,
which means you have a router that accepts it. Run a test like
"exim -d -bv debian@???" to see which router is accepting the
address.

- Fred