Re: [exim] Help with our postmaster@my.domain being spoofed …

Góra strony
Delete this message
Reply to this message
Autor: paul.mcilfatrick
Data:  
Dla: exim-users
Temat: Re: [exim] Help with our postmaster@my.domain being spoofed as a sender address
> Le jeudi 26 octobre à 15:53:36, Ian Eiloart a écrit :
>
> >
> >
> > --On 26 October 2006 16:43:19 +0200
> exim-users@??? wrote:
> >
> > > paul.mcilfatrick@??? schrieb:
> > >> Hi
> > >>
> > >> Having searched the exim mail archives and not found my problem
> > >> there I thought of asking the experts.


<snip>

> > > Paul,
> > >
> > > your local MTA is doing fine, but your company mail relay
> needs to
> > > do recipient verification for the domains it is relaying
> to, instead
> > > of accepting mail for recipients that don't exist. Otherwise you
> > > will always get their collateral spam.
> >
> > That's what he's doing. The collateral spam probably wasn't
> originally
> > aimed at his users.
> >
> > Paul, if you *never* send email from the postmaster
> address, then you
> > can safely reject messages with null sender that are addressed to
> > postmaster - but do this in the data acl otherwise you may
> fall foul
> > of sender verification callouts.
>
> Isn't it more a "from" checking rules which is needed ?
>
> From Header could be checked and allowed if the real sender
> come from a auth or relay_from_hosts ?
>
> I don't known how to do that and so could help me too.


The following lines from Ed St Pierre solved my problem:

in RCPT ACL

    warn    senders = :
        set acl_m1 = yes


in DATA ACL

    deny    message       = Unsolicited Bounce Detected
        condition     = ${if def:acl_m1{1}{0}} 
        condition     = ${if match {$message_body}{$primary_hostname}{0}{1}}



Paul McIlfatrick