[exim] Forged sender address

Top Page
Delete this message
Reply to this message
Author: Frank DeChellis
Date:  
To: exim-users
Old-Topics: [exim] What field does sender_domain check?
Subject: [exim] Forged sender address
Hi,

We use Exim 4.71nb on NetBSD 5.0 . We are getting bombarded with spam with
the from: address showing as our own domain, but the return-path and
envelope-from showing somebody else (the spammer).

I attached the header below. Our domain is iaw.on.ca

Is there an ACL statement that could reject this immediately. I tried a few
with no success, just a lot of rejecting of good email.

Thanks for nay help you can offer.

Frank



Return-path: <0-oxnard@???>
Envelope-to: sales@???
Delivery-date: Tue, 04 Oct 2011 17:50:18 -0400
Received: from [41.153.231.226]
    by mail.iaw.on.ca with esmtp (Exim 4.71)
    (envelope-from <0-oxnard@???>)
    id 1RBCsQ-0007bv-LS; Tue, 04 Oct 2011 17:50:18 -0400
Received: from  41.153.231.226 (account 0-oxnard@??? HELO
mygft.jtlhjcsiujce.su)
    by  (CommuniGate Pro SMTP 5.2.3)
    with ESMTPA id 767365803 for kbrown@???; Wed, 5 Oct 2011 07:40:56
+1000
From: <kbrown@???>,
    <citythor@???>,
    <sales@???>,
    <sboyd@???>,
    <habs33@???>,
    <gwallace@???>,
    <node4th@???>,
    <iad@???>,
    <seek@???>




Frank DeChellis
President, Internet Access Worldwide
Welland, Ontario, Canada
www.iaw.com