Re: [exim] Denying spoofs of our domain in DATA without drop…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Jasen Betts
Datum:  
To: exim-users
Betreff: Re: [exim] Denying spoofs of our domain in DATA without dropping listserv traffic
On 2013-06-13, David Grant <starchy@???> wrote:
> Hi,
>
> I was testing the following in acl_check_data:
>
>   accept
>     hosts = +relay_from_hosts
>   accept authenticated = *
>   warn    set acl_m_from_address = ${lc:${address:$h_From:}}
> ...
>   deny    condition = ${if match{$acl_m_from_address}{@???}{yes}{no}}

>
> This worked to prevent spam where the sender spoofed an eff.org address
> only in DATA, but created a problem when users signed up for mailing
> lists on remote servers. Their own messages to the list would be dropped
> when emailed back to them (or any other eff.org subscribers) because
> mailman was effectively spoofing our domain.
>
> Has anyone else encountered this and found a good solution?


I don't suppose "use gmane for reading the list" counts :)

perhapd exempt list traffic from that deny?

  deny
     condition = ${if match{$acl_m_from_address}{@???}{yes}{no}}
     condition = ${if !eq {$h_Precedence:}{list}}


--
⚂⚃ 100% natural