Re: [exim] NATted exim on receive

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Graeme Fowler at <-
MMLeonardo Boselli at ->
Delete this message
Reply to this message
Author: Chris Edwards
Date:  
To: exim-users
Subject: Re: [exim] NATted exim on receive
On Wed, 10 Oct 2007, Graeme Fowler wrote:

| Given that you've explained three times now what you're doing, and I
| still can't see where you're generating your blacklist, I can see a flaw
| here. If a user sends a message to, for example, a person the BBC with a
| sender address of auj@???, and the person at the BBC
| responds, will that mean the BBC's outbound MX farm will end up
| blacklisted?

Hi,

As you know, Alun's talking about SMTP connections to hosts which are not
supposed to receive external mail. My reading is there are two cases:

- Where the recipient email address corresponds to some host
under *.aber.ac.uk, then the attempt will simply be rejected cleanly
with no further penalty.

- Only where the recipient address corresponds to something external
(ie. a relay attempt) will the connecting IP be added to blacklist,
to be used by the main MXs etc.

The former case is an innocent mistake, whereas the latter is normally
malicious.

In my view the idea of such a responder is a good idea. Sites who don't
have a linux firewall (or who don't wish to run such stuff on their linux
firewall itself) could do similar with a some sort of policy-based network
routing rules and a dedicated responder machine.

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] NATted exim on receiveRe: [exim] NATted exim on receive->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)