Re: [exim] How to stop spoofed "From" address

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MDean Brooks at <-
M\Dean Brooks at ->
Delete this message
Reply to this message
Author: eximlearning
Date:  
To: Exim-users
Subject: Re: [exim] How to stop spoofed "From" address

>> Also, do you see any conflicting code with other parts of the ACL?
>
> I didn't see anything particular unusual. I think it should work fine.
> Definitely test it though to make sure its not blocking regular email.
>
> I would test by sending email not only locally, but to yourself from
> another ISP.
>
> --
> Dean Brooks
> dean@???
>


> I didn't see anything particular unusual. I think it should work fine.
> Definitely test it though to make sure its not blocking regular email.
>
> I would test by sending email not only locally, but to yourself from
> another ISP.
>
> --
> Dean Brooks
> dean@???
>

Thanks again Dean. I will definitely test it before keeping it live. Just curious... is there a way to silently save the email somewhere before rejecting it, so that I
can watch the results of the rejection over the next few weeks to make sure that it is only junk getting rejected? After all, this access control is happening after the
DATA section, so all the info is there, right?

Maybe I could do an "unseen" delivery action (if that's possible... I'm trying to learn how everything works), before the deny takes effect? In effect, because of the
"unseen" delivery, I would still get the email but the server would send the rejection notice back to the connecting MTA. Once I'm satisfied with the results, I can drop
the "unseen" delivery for the intended effect of blocking spam of this sort. 

SO, COULD I DO THE FOLLOWING?
============================
unseen accept
   ! authenticated = *
   condition = ${if match_domain{${domain:${address:$h_from:}}}{+localdomains}}
   message   = sorry, external MTA's and unauthenticated MTU's don't have\
               permission to send email to this server with a header that\
               states the email is from ${lc:${domain:${address:$h_from:}}}.


deny
   ! authenticated = *
   condition = ${if match_domain{${domain:${address:$h_from:}}}{+localdomains}}
   message   = sorry, external MTA's and unauthenticated MTU's don't have\
               permission to send email to this server with a header that\
               states the email is from ${lc:${domain:${address:$h_from:}}}.


============================

Or, if the "unseen" delivery isn't possible, maybe call a perl function to drop the headers and data into a file?

Thanks much!
Terry



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Wishlist item prop. - logical conditions in string expansion[exim] configuration problems->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)