Re: [exim] Preventing Sender Forgery .

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Lena
Date:  
À: exim-users
Sujet: Re: [exim] Preventing Sender Forgery .
> From: JDavila

> How can I prevent Sender Forgery for my server.


In almost all spam letters sender is forged. What's the difference
what the forger specified as the sender - address of some innocent bystander
or address of the recipient?

You need to block spam (not throwing baby out with the dirty water,
i.e. minimizing false positives - a honest letter erroneously
classified as spam) irrespective of what is specified as sender
(except checking that sender domain exists: verify=sender).

You can safely reject if one of your domains is specified in HELO,
but not if it's specified as sender.

> Alot of people in my
> company are getting e-mails from themselves.


They should be able to get real (not spam) emails from themselves.
Some maillist servers don't change sender. Users should recieve
their own messages sent to maining lists. One of members' complaints
often quoten on mailing lists for moderators of mailing lists
is that GMail discards letters with same Message-Id as already kept
including copy of sent mail, so that members don't recive their own
messages sent to mailing lists, so cannot know whether the message
was disapproved or edited by a moderator.

Also, users should be able for a test to send a letter to an external
forwarder which forwards the letter to the user, it's the easiest way
to quickly test that both outgoing and incoming paths work at the time.

> Any Ideas will be greatly
> appreciated.


I attached my ACLs to http://wiki.exim.org/DbLessGreyListingRun
They proved to be surprisingly effective for fending spam and viruses
though my goal was minimizing false postives.

Lena