Re: [exim] all mails to root

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MW B Hacker at <-
M 
Delete this message
Reply to this message
Author: Daniele Gallarato
Date:  
To: W B Hacker
CC: exim-users
Subject: Re: [exim] all mails to root
Thanks for your useful suggestions!
I've disabled catchall and configured better aliase for mispelled addresses.


Daniele Gallarato
______________________________________________________
Gli animali sono miei amici...e io non mangio i miei amici.

-- George Bernard Shaw

-- http://www.saicosamangi.info/ --


2012/3/9 W B Hacker <wbh@???>

> Daniele Gallarato wrote:
>
>> thanks a lot, it works great!!
>>
>> Daniele Gallarato
>>
>
> .. and (hopefully) after a short while to settle what you actually WANT to
> accept, you'll modify or even disable it.
>
> Problem with running a catch-all is that it not only collects spam/malware
> - it sort of encourages it, as the 'bots report success after success at
> delivering their payload to your destination.
>
> As with an old-style Russian 'Shock Army', they are often geared to
> exploit anything that resembles a break-through and to Hell with all else.
> Their 'sputniks' pile onto the teat, and load goes up.
>
> What you might consider instead?
>
> Setting-up aliases to cover each of the several possible *genuine*
> mis-keying of each of your legitimate recipients addresses.
>
> Same again with having an 'info@', 'webmaster@' 'hostmaster@' 'abuse@'
> and the like as well as 'postmaster@'.
>
> NONE of these should actually go to 'root', BTW.
>
> Not ever.
>
> ...But either to an off-box acocunt you use for part of your admin, ELSE
> an UN-privileged or 'virtual - (no-shell-at all), synthetic user's box you
> can subscribe to and check now and then, from on OR off the server.
>
> You'll STILL get SOME spam/malware, but THAT user couldn't execute it for
> love or blood, even if you fat-finger something. No privs.
>
> In your acl_smtp_rcpt you can then safely run a valid recipient test, and
> reject a great deal more of the garbage whilst still 'in-session'.
>
> require verify = recipient
>
> .. is a powerful helper, or, as I code it;
>
>  deny
>    !verify     = recipient

>
>
> ... and a catch-all cripples it.
>
> Bill
> --
> 韓家標
>
>
> --
> ## List details at https://lists.exim.org/**mailman/listinfo/exim-users<https://lists.exim.org/mailman/listinfo/exim-users>
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] seemingly always-zero part in queue-idsRe: [exim] seemingly always-zero part in queue-ids->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)