Re: [exim] hole in acl_smtp_mail

Inizio della pagina
Delete this message
Reply to this message
Autore: Axel Rau
Data:  
To: Exim Mailing List
Oggetto: Re: [exim] hole in acl_smtp_mail

Am 01.08.2010 um 14:43 schrieb Jeremy Harris:

> On 08/01/2010 12:06 PM, Axel Rau wrote:
>> Hi all,
>>
>> I have this acl, to refuse local senders, not coming from local
>> outgoing relays:
>> ----------
>>    deny    message        = "We don't like spoofed sender addresses"
>>        log_message    = $sender_host_name [$sender_host_address] attempts  
>> to
>> spoof local sender
>>     sender_domains    = +local_domains
>>     hosts        = !+own_outgoing_relay_hosts
>>     delay        = 3m

>>
>>    accept
>> ----------
>> This works perfectly, when I test it, but does not refuse all  
>> spoofers.
>> What am I doing wrong?

>
> Without seeing a sample, we can't be sure.

Example, where it works, like it should:
------------
220 mx4.lrau.net ESMTP Exim 4.72 Sun, 01 Aug 2010 10:43:42 +0000
helo some.ip
250 mx4.lrau.net Hello rabaxabel at some.ip [66.7.2.108]
mail from: <axeln@???>
550 "We don't like spoofed sender addresses"
421 mx4.lrau.net: SMTP command timeout - closing connection
Connection closed by foreign host.
------------
Example where it didn't work from the logs, attached as text file.
------------
23:51:27 exim[2691]: SMTP connection from [190.20.188.71] (TCP/IP connection count = 7)
23:51:27 exim[2691]: SMTP connection from [190.20.188.71] (TCP/IP connection count = 8)
23:51:28 exim[98866]: no IP address found for host 71-188-20-190.adsl.tie.cl (during SMTP connection from [190.20.188.71])
23:51:28 exim[98865]: no IP address found for host 71-188-20-190.adsl.tie.cl (during SMTP connection from [190.20.188.71])
23:51:28 exim[98865]: no IP address found for host 71-188-20-190.adsl.tie.cl (during SMTP connection from [190.20.188.71])
23:51:29 exim[98866]: no IP address found for host 71-188-20-190.adsl.tie.cl (during SMTP connection from [190.20.188.71])
23:51:30 exim[98865]: H=(allestekoop.com) [190.20.188.71] F=<axeln@???> rejected RCPT <axeln@???>: response to "RCPT TO:<axeln@???>" from imap.lrau.net [91.216.35.80] was: 550 5.1.1 axeln@??? is not a legal destination address
23:51:30 exim[98866]: H=(allestekoop.com) [190.20.188.71] F=<ams@???> rejected RCPT <ams@???>: response to "RCPT TO:<ams@???>" from imap.lrau.net [91.216.35.80] was: 550 5.1.1 ams@??? is not a legal destination address



It ends ab in the acl_smtp_rcpt, where non-existant recipient gets
rejected, but acl_smtp_mail not referenced at all.
------------
> Are you assuming that
> header From: is the same as envelope MAIL FROM ?

No.

Axel
---
axel.rau@??? PGP-Key:29E99DD6 +49 151 2300 9283 computing @
chaos claudius