Re: [exim] NATted exim on receive

Inizio della pagina
Delete this message
Reply to this message
Autore: Chris Edwards
Data:  
To: exim-users
Oggetto: Re: [exim] NATted exim on receive
On Wed, 10 Oct 2007, Graeme Fowler wrote:

| Given that you've explained three times now what you're doing, and I
| still can't see where you're generating your blacklist, I can see a flaw
| here. If a user sends a message to, for example, a person the BBC with a
| sender address of auj@???, and the person at the BBC
| responds, will that mean the BBC's outbound MX farm will end up
| blacklisted?


Hi,

As you know, Alun's talking about SMTP connections to hosts which are not
supposed to receive external mail. My reading is there are two cases:

- Where the recipient email address corresponds to some host
under *.aber.ac.uk, then the attempt will simply be rejected cleanly
with no further penalty.

- Only where the recipient address corresponds to something external
(ie. a relay attempt) will the connecting IP be added to blacklist,
to be used by the main MXs etc.

The former case is an innocent mistake, whereas the latter is normally
malicious.

In my view the idea of such a responder is a good idea. Sites who don't
have a linux firewall (or who don't wish to run such stuff on their linux
firewall itself) could do similar with a some sort of policy-based network
routing rules and a dedicated responder machine.