Re: [exim] About Mail Spoofing

Page principale
Supprimer ce message
Répondre à ce message
Auteur: exim
Date:  
À: exim-users
Sujet: Re: [exim] About Mail Spoofing
El vie, 14-10-2011 a las 17:13 -0400, Néstor Rodríguez-Triana Domínguez
escribió:
> I need to know how to avoid Mail Spoofing in my Exim server.


>From http://wiki.exim.org/AclHeloTricks


Some spammers put the server's interface address they connect to in
their HELO, maybe asuming it is whitelisted or something.

drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
       message   = $interface_address is _my_ address


Note: If you are running your mail server behind NAT, you should replace
$interface_address with your external IP address.

Note: If you have more than one ip-addresses on your's interface use @[]
instead of $interface_address, full acl will be:

drop    message     = Bad helo name
           condition   = ${if  \
                            and{    \
                                {isip {$sender_helo_name}}  \
                                {match_ip{$sender_helo_name}{@[]}}  \
                            }{yes}{no}  \
                        }


Julio