Re: [exim] Mail claims to be sent by my self

Top Page
This message is part of the following thread:
M+-\the complete thread tree sorted by date
MM.MIan Eiloart at <-
MMMLena at ->
Delete this message
Reply to this message
Author: Oliver von Bueren
Date:  
To: exim-users
Subject: Re: [exim] Mail claims to be sent by my self
Terry wrote:
> Hi over the last 2 weeks I am suddenly getting a lot of spam that claims
> I sent it which of course i didnt.
> What sort of acl could I use to catch it ?
>
> Here is what shows in my logs
>
>
I'm quite surprised that only Ian Eiloart suggested the solution which
really stops this specific kind of problem. All the SA and the like are
just working around the problem, IMHO. The error in the configuration
is, that someone can send a message claiming to be from your local
domain without authentication through your server.
Or to put it the other way round: On the normal SMTP port 25, do not
allow sender addresses from the domains you are hosting on that server.
Such messages should only be submitted through the submission port, like
587, which of course does only accept authenticated stuff.

After implementing this, look for a dynamic IP DNS list (including
Dialup, xDSL, Cable, ... without static IPs) and block any attempt to
send through port 25 if on it. That gets rid of quite a lot as well. Of
course, this implies that you have implemented a submission system like
I mentioned above. You'll find plenty of messages on the list describing
that.

Oliver


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Mail claims to be sent by my selfRe: [exim] Mail claims to be sent by my self->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)