Re: [exim] How to stop spoofed "From" address

トップ ページ
このメッセージを削除
このメッセージに返信
著者: eximlearning
日付:  
To: Exim-users
題目: Re: [exim] How to stop spoofed "From" address

>> Also, do you see any conflicting code with other parts of the ACL?
>
> I didn't see anything particular unusual. I think it should work fine.
> Definitely test it though to make sure its not blocking regular email.
>
> I would test by sending email not only locally, but to yourself from
> another ISP.
>
> --
> Dean Brooks
> dean@???
>



> I didn't see anything particular unusual. I think it should work fine.
> Definitely test it though to make sure its not blocking regular email.
>
> I would test by sending email not only locally, but to yourself from
> another ISP.
>
> --
> Dean Brooks
> dean@???
>


Thanks again Dean. I will definitely test it before keeping it live. Just curious... is there a way to silently save the email somewhere before rejecting it, so that I
can watch the results of the rejection over the next few weeks to make sure that it is only junk getting rejected? After all, this access control is happening after the
DATA section, so all the info is there, right?

Maybe I could do an "unseen" delivery action (if that's possible... I'm trying to learn how everything works), before the deny takes effect? In effect, because of the
"unseen" delivery, I would still get the email but the server would send the rejection notice back to the connecting MTA. Once I'm satisfied with the results, I can drop
the "unseen" delivery for the intended effect of blocking spam of this sort.

SO, COULD I DO THE FOLLOWING?
============================
unseen accept
   ! authenticated = *
   condition = ${if match_domain{${domain:${address:$h_from:}}}{+localdomains}}
   message   = sorry, external MTA's and unauthenticated MTU's don't have\
               permission to send email to this server with a header that\
               states the email is from ${lc:${domain:${address:$h_from:}}}.


deny
   ! authenticated = *
   condition = ${if match_domain{${domain:${address:$h_from:}}}{+localdomains}}
   message   = sorry, external MTA's and unauthenticated MTU's don't have\
               permission to send email to this server with a header that\
               states the email is from ${lc:${domain:${address:$h_from:}}}.


============================

Or, if the "unseen" delivery isn't possible, maybe call a perl function to drop the headers and data into a file?

Thanks much!
Terry