Néstor Rodríguez-Triana Domínguez wrote:
> Hi everybody:
>
> I need to know how to avoid Mail Spoofing in my Exim server.
>
> Thanks.
>
> --
>
> Este mensaje le ha llegado mediante el servicio de correo electronico
> que ofrece Infomed para respaldar el cumplimiento de las misiones del
> Sistema Nacional de Salud. La persona que envia este correo asume el
> compromiso de usar el servicio a tales fines y cumplir con las
> regulaciones establecidas
>
> Infomed: http://www.sld.cu/
>
Personally, I block the localhost IP and bar invocation of the Exim
binary by any but an exalted few (myself and my backup admin, basically).
But doing so requires some other moves, especially if supporting an MLM.
Before going further, do you HAVE an MLM or any webishness or similar
cretins on the same box as your Exim MTA, and/or do you permit shell
accounts? Do you have php, ruby, similar languages, apache, or -
basically ANYTHING not needed for MTA and POP/IMAP support?
If so, you may need an acl_not_smtp clause AND some firewall rules.
ELSE just a simple hard-fail rDNS check and strict AUTH.
Bill
--
韓家標