Autor: Sven Hartge Data: Para: exim-users Asunto: Re: [exim] Open relay?
Ralph Ballier <ralph.ballier@???> wrote:
> one of my server with exim 4.77 seems to be an open relay, but I mean
> I had configured all right. I use smtp authentication and suppose,
> that hackers had found out username and password of a legal user. Is
> it possible to logging all information floating from mail client to
> server? I hope to get the username which give access to the server. > Or do you mean, there is an other reason for open relay?
Be aware, there seem to be some HOWTOs floating around which configure
the authenticators in Exim wrong, especially if used with an SQL
backend.
If I remember correctly, the problem is like this: The wrong
configuration wrongly authenticates a connection if the given user does
_not_ exist and an empty/NULL password is used due to a missing {fail}
in the condition.
You may want to post your authenticator configuration so the list
members can have a look at it.