Re: [exim] all mails to root

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] all mails to root
Daniele Gallarato wrote:
> thanks a lot, it works great!!
>
> Daniele Gallarato


.. and (hopefully) after a short while to settle what you actually WANT
to accept, you'll modify or even disable it.

Problem with running a catch-all is that it not only collects
spam/malware - it sort of encourages it, as the 'bots report success
after success at delivering their payload to your destination.

As with an old-style Russian 'Shock Army', they are often geared to
exploit anything that resembles a break-through and to Hell with all
else. Their 'sputniks' pile onto the teat, and load goes up.

What you might consider instead?

Setting-up aliases to cover each of the several possible *genuine*
mis-keying of each of your legitimate recipients addresses.

Same again with having an 'info@', 'webmaster@' 'hostmaster@' 'abuse@'
and the like as well as 'postmaster@'.

NONE of these should actually go to 'root', BTW.

Not ever.

...But either to an off-box acocunt you use for part of your admin, ELSE
an UN-privileged or 'virtual - (no-shell-at all), synthetic user's box
you can subscribe to and check now and then, from on OR off the server.

You'll STILL get SOME spam/malware, but THAT user couldn't execute it
for love or blood, even if you fat-finger something. No privs.

In your acl_smtp_rcpt you can then safely run a valid recipient test,
and reject a great deal more of the garbage whilst still 'in-session'.

require verify = recipient

.. is a powerful helper, or, as I code it;

   deny
     !verify     = recipient



... and a catch-all cripples it.

Bill
--
韓家標