Re: [exim] How to stop spoofed "From" address

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Dean Brooks at <-
MMW B Hacker at ->
Delete this message
Reply to this message
Author: Terry Calie
Date:  
To: Exim-users
Subject: Re: [exim] How to stop spoofed "From" address

> Perhaps you should just use the "warn" tag instead of "deny", and simply
> log the deliver so you can check them later?
>
 >  warn
 >     ! authenticated = *
 >     condition = ${if match_domain{${domain:${address:$h_from:}}}{+localdomains}}
 >     log_message = REMOTE SENDER USED LOCAL DOMAIN USE IN FROM: HEADER

>
> --
> Dean Brooks
> dean@???
> 

Great idea.  I assume I can add a header as well, so I can see that the messages would have been rejected in Thunderbird:
   warn
      ! authenticated = *
      condition = ${if match_domain{${domain:${address:$h_from:}}}{+localdomains}}
      add_header = "X-Spam-from-header: Remote Sender Used Local Domain in From header."
      log_message = REMOTE SENDER USED LOCAL DOMAIN USE IN FROM: HEADER






This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Exim Delivery IssueRe: [exim] How to stop spoofed "From" address->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)