Re: [exim] Block local submission

Top Page
Delete this message
Reply to this message
Author: Cyborg
Date:  
To: exim-users
Subject: Re: [exim] Block local submission
Am 17.07.2015 um 16:49 schrieb Giuliano David:
>
> Can anyone point me in the right direction to achieve the same with
> exim4?
>


Just remove 127.0.0.1 from the relay host. If all other connection must
authenticate, so must webapps then.

BUT:

none of the existing webapps does that NOR do they know how to do so.
They simply call 'sendmail' via the php mail() function.

If they do not have a real smtp engine build in, they never will send a
message again.

And even IF they build it in, that does not stop hacks from happening
and your problem starts all over.

What you need is a IDS System to stop the hacks from happening. Much
easier and cheaper: update the apps asap the exploit is found :) ( and
get paied for it ;) )

Marius