Re: [exim] Sanity check: ACL to block fake sender addresses

Pàgina inicial
Aquest missatge és part del següent fil:
M-\l'arbre de fils complet ordenat per data
M\M\Matthew Newton en <-
MMMMTony Finch en ->
Delete this message
Reply to this message
Autor: David Woodhouse
Data:  
A: Matthew Newton
CC: exim-users, Roger Håkansson
Assumpte: Re: [exim] Sanity check: ACL to block fake sender addresses
On Thu, 2005-11-17 at 12:51 +0000, Matthew Newton wrote:
> We had this problem, as the decision had been made in the past
> (before my time) to block incoming from our domain. I fixed the
> off-site forwarding problem by adding a signature in the mail
> headers for mail sent out, and checking for it on the way in.
> Can't remember exactly what it hashes right now, but I believe it
> includes the e-mail address and a secret key, plus other bits. Not
> 100% fool-proof, but seems to work well.

I do something vaguely similar -- I never accept, for example,
MAIL FROM:<dwmw2@???> because I know I never send it.

But that's got nothing to do with 'local' vs. 'remote'. That's 'valid
source address which passes callout verification' vs. 'invalid source
address', and _anyone_ can do that same check if they receive mail
purporting to be from me.

--
dwmw2




Aquest missatge es va enviar a les següents llistes de correu:
Exim-users
Informació sobre la llista de correu | Missatges propers		<-Re: [exim] Virtual DomainsRe: [exim] Seeking advice how to deal with spam faked to appear as coming from my domain->
Tahini and Hummus and Cumin Development Archives administrat per cumin AdminsLurker (versió 2.3)