Tommy Phipps wrote:
> Our company is receiving spoofed emails using our domain name along with
> many combinations of user names.
>
> I'm wondering if Exim can be set up to detect these spoofed messages to keep
> them from being passed to Exchange.
>
> Thanks in advance for your help.
>
> Tommy Phipps
Yes, I'm using the experimental Sender Policy Framework and it works
well for this scenario. I used to get spoofed mail for most of the
domains I manage. Now they are stopped when they say who they are
sending as.
You need to set up your dns record and you can find help and the tools
from
http://www.openspf.org/ then set up an acl to reject those that
don't come from your approved senders. My acl is as follows:
# this acl checks after smtp mail
acl_check_mail:
accept authenticated = *
accept spf = pass
deny message = $sender_host_address is not allowd to send mail from
sender_address_domain
spf = fail
accept spf = !fail
The bonus is that it also blocks imposters for other domains that
implement spf. There are issues with forwarded mail (see other
discussions on this list), but for the domains I manage this is one of
the better solutions.
Alan
