Re: [exim] SMTP Abused

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] SMTP Abused
Muhammad Irfan wrote:
> Well, my objective no one from outside world can connect to our mail server
> and sends bulk emails by using our domain email address. e.g.
> abc@??? in case if this account is compromised.


A compromised UID:PWD is compromised. SMTP or any other thing.
Full stop.

You detect that, you fix it.

BFBI method. Change the PWD and contact the fool that let his old PWD
GET 'compromised' to see what has to be done to avoid repeats.

Configuring a safe and sane MTA, OTOH, wants more time invested in
'RTFM', and there are few easy ways to distinguish between a legitimate
high-traffic user and a cautiously-programmed 'bot that only trickles
out its payload slowly.

At this point, your questions are too vague. And overly casual.

All they are saying is that you have NOT done even basic reading and
understanding.

You can make that investment of time, or just use a tick-the-box
pre-packaged, even 'C-panel' implementation, such as ships with Debian
as an option.

Purpose of THAT route is that soemone who HAS done the reading will have
selected the less-risky settings as defaults and options, so for basic,
common-situation use, it should JFW.

Handled directly, the only limits on what Exim CAN do - whether it
SHOULD or not, are up to the cleverness of the implementor, and it can
bite yerazz if you are sloppy, careless, or just unaware.

Bill
--
韓家標