Re: [exim] Really Cool Trick

Top Page
Delete this message
Reply to this message
Author: Stuart Gall
Date:  
To: Martin A. Brooks
CC: exim users
Subject: Re: [exim] Really Cool Trick

On 19 Oct 2006, at 21:12, Martin A. Brooks wrote:

> Marc Perkel wrote:
>
>> This person only has one user account for the domain with no plans to
>> ever have more. It's a domain for one person. But he's into IMAP and
>> likes the idea of direct folder delivery. So if he subscribes to some
>> new email list what he does is create a folder for that list and then
>> subscribe using the email address folder@???. The existence of
>> the folder makes the email address valid.
>
> I fail to see the difference between this and delivery to an arbitrary
> shared folder. Unless I've massively misunderstood what you're doing
> it's neither a trick, nor cool, it's just a function of your IMAP
> server.


What he is doing I thing is getting exim to automatically create a
new account for any local part it receives on the domains it servs.
That is quite clever.
However, Marc, there is a huge problem (Assuming I read this right).
When the domain gets its first dictionary attack (sending spam to
loads of random local parts)
You will create hundreds possibly thousands of new mail drops.

I think what you should do is only create the account if the email
originates from a trusted (+relay_from) IP
That way you have the same functionality pretty much for the user, he/
she can just mail their own domain to create a new account. But
without the danger of a dictionary attack.

I see this type of attack quite often, luckily for me working in a
non english speaking country mostly these attacks fail because the
local parts are too hard to guess :)

>
>
>
> -- 
> Martin A. Brooks |  http://www.antibodymx.net/ | Anti-spam & anti- 
> virus
>     Consultant    |  martin@???      | filtering. Inoculate
>   antibodymx.net  |  m: +447896578023           | your mail system.

>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
>