[exim] mail relay - null or empty Envelope Sender problem...

Top Page
Delete this message
Reply to this message
Author: Amrahd Droflow
Date:  
To: exim-users
Subject: [exim] mail relay - null or empty Envelope Sender problem...
Hi all,

I'm using Exim version 4.69 and am having an issue with relaying... it seems
that by simply supplying a null/empty Envelope Sender anyone can relay email
to anywhere they'd like.

#####################
...snip...
>>> RSET

<<< 250 Reset OK
>>> MAIL FROM: <>

<<< 250 OK
>>> RCPT TO: <rlytest@???>

<<< 250 Accepted
...snip...
#####################

I've read through all the Exim list archives I can find, and a number of
other articles talking about null and empty Envelope Sender issues, but I
can't find what I need to solve this issue. It seems to me that this should
be basic but for some reason I can't figure it out or find anyone adressing
this particular problem.

I'm going to post a couple excerpts from the config file that might(?) be
relevant and useful in figuring out this situation...

excerpt from exim config:
################################
*...snip...*
acl_smtp_connect = check_connect
acl_smtp_helo = check_helo
acl_smtp_rcpt = check_recipient
acl_smtp_data = check_message
acl_smtp_auth = check_auth
*...snip...*
begin acl
check_connect:
  accept  hosts   = +whitelist
  endpass
warn dnslists = hostkarma.junkemailfilter.com=127.0.0.1
        set acl_c1 = white - dnswl - $sender_fullhost
        log_message = GREYLIST CONNECT - WHITE Hostname $sender_host_name
$sender_host_address
warn dnslists = hostkarma.junkemailfilter.com=127.0.0.3
        set acl_c1 = yellow - $sender_fullhost
        log_message = GREYLIST CONNECT - YELLOW Hostname $sender_host_name
$sender_host_address
  deny    hosts = +hardblacklist
          log_message =  BLACKLIST CONNECT Hostname $sender_host_name
$sender_host_address
deny    dnslists = hostkarma.junkemailfilter.com=127.0.0.2
        log_message = GREYLIST CONNECT - BLACK Hostname $sender_host_name
$sender_host_address
deny    log_message = SPAM RBL $dnslist_domain
        !dnslists = hostkarma.junkemailfilter.com=127.0.0.1,127.0.0.3
        dnslists = nomail.rhsbl.sorbs.net/$sender_address_domain :
cbl.abuseat.org :\
        web.dnsbl.sorbs.net : socks.dnsbl.sorbs.net :\
        http.dnsbl.sorbs.net : blackholes.mail-abuse.org
  warn    log_message   = DNS CHECK REVERSE $sender_host_address.
  !verify       = reverse_host_lookup
  accept
check_helo:
  accept  hosts   = +whitelist
  endpass
  deny   message = Your server announces itself \
                   ($sender_helo_name) with a plain \
                   IP address which is in breach of RFC2821. \
                   Please read http://www.faqs.org/rfcs/rfc2821.html \
                   and fix before attempting to resend.
         condition = ${if isip {$sender_helo_name} {1}{0} }
         log_message =  HELO IP $sender_helo_name
  warn   condition = ${if !match{$sender_helo_name}{\\.}{yes}{no}}
         log_message =  HELO NO-FQDN $sender_helo_name
  deny   log_message = HELO MISMATCH Forged HELO for ($sender_helo_name)
         set acl_m5 = ${lookup{$sender_helo_name} \
              partial-lsearch{/usr/local/etc/exim/helo-check} \
              {${if eq{$value}{}{$sender_helo_name}{$value}}}{}}
         message = You are not really $sender_helo_name. Go Away.
         condition = ${if !eq{$acl_m5}{} {1}}
         condition = ${if !match{$sender_host_name}{${rxquote:$acl_m5}\N$\N}
{1}}
  warn   !verify = helo
         log_message = HELO VERIFY for ($sender_helo_name)
($sender_host_name)
  accept
check_recipient:
*...snip...*
################################


Please let me know any ideas you have... I can post more/specific parts of
the config file too of course.

Thanks in advance for your time!

Amrahd