Re: [exim] remote delivery fail bounce turning off

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Apache
Fecha:  
Cc: 'Exim-users@exim.org'
Asunto: Re: [exim] remote delivery fail bounce turning off
> Chas
>
> On Sun, 2008-02-24 at 10:27 -0500, chas@??? wrote:
>> I'm curious about this same subject and the way that Exim deals with it.
>> Is Exim accepting and then delivering back a message to whom it believes
>> to be the original sender or denying the message before receiving it.
>
> I think the OP wants Exim to not send any errors which originate
> remotely to his users, although that's not entirely clear.
>
>> There are people out there that spoof the 'sender' address in order to
>> have their spam forwarded to unsuspecting recipients.
>
> Yep, well known.
>
>> Any info on the way Exim handles these items and, as the original poster
>> asked, is there a way to disable this.
>
> How is your copy configured? None of us have a crystal ball, so we can't
> tell you how it's working.
>
> A good config which would minimise "collateral" spam would do the
> following:
>
> 1. Apply as many checks during the SMTP transaction as possible;
> depending on policy, these would then combine to create an SMTP time
> rejection (*not* a bounce). In this case, you'd verify the local
> recipient is valid, verify the sending domain is valid (exists, has MX
> records, the MX records aren't in RFC1918 space and so on) at minimum.
>
> 2. Perhaps use BATV (look it up) to make sure that any incoming bounce
> messages really are the result of messages originated by your systems.
>
> It's possible to make Exim do almost anything [1] so we'd need to see
> your config to tell you how yours handles errors.
>
> [1] Well, it won't make the tea, or come diving with me, or get my kids
> to sleep... but you probably get the idea :)
>
> Graeme
>


Hi Graeme

I've pasted my ACL list below. I'm basically using an 'out of the box'
version on Exim and sa-exim for RHEL;

exim-4.43-1.RHEL4.5
exim-sa-4.43-1.RHEL4.5

The only changes I've made are to add a line for the 'local_scan_path' for
sa-exim and a change to the transports to support Maildir. No changes at
all to the ACL list. I'm concerned about what's called 'backscatter'.
thanks for your suggestions.


begin acl

acl_check_rcpt:

accept hosts = :

  deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]



  deny    message       = Restricted characters in address
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./



  accept  local_parts   = postmaster
          domains       = +local_domains



  require verify        = sender


  accept  domains       = +local_domains
          endpass
          verify        = recipient


  accept  domains       = +relay_to_domains
          endpass
          verify        = recipient


  accept  hosts         = +relay_from_hosts


accept authenticated = *

  deny    message       = relay not permitted



acl_check_mime:

warn decode = default

  deny message = Blacklisted file extension detected
       condition = ${if match \
                        {${lc:$mime_filename}} \
                        {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \
                     {1}{0}}


  deny message = Sorry, noone speaks chinese here
       condition = ${if eq{$mime_charset}{gb2312}{1}{0}}


accept


acl_check_content:

  deny  message = This message contains malware ($malware_name)
        malware = *


  warn  message = X-Spam-Score: $spam_score ($spam_bar)
        spam = nobody:true
  warn  message = X-Spam-Report: $spam_report
        spam = nobody:true


  warn message = X-Spam-Flag: YES
       spam = nobody


  deny  message = This message scored $spam_score points. Congratulations!
        spam = nobody:true
        condition = ${if >{$spam_score_int}{100}{1}{0}}


accept
>
> --
> ## List details at http://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>