On 2018-02-23, Rob Gunther via Exim-users <exim-users@???> wrote:
> I am trying to add SRS to a server to deal with mail forwarding, following
> these instructions <https://github.com/Exim/exim/wiki/SRS>.
>
> I have the forwarding part working.
>
> The reverse part works as well, but I want to tweak it. If a hash has
> expired or someone is trying to hack it the router rejects the mail. When
> the router rejects the message, it returns an undelivered notice back to
> the sender.
> I could see this being used much like DNS amplification, someone could
> pound a victims email address using our server.
add "require verify=recipient" in the RCPT ACL
(this will run the router to check the address befror the email is
accepted)
> I would prefer if the SRS hash is invalid and the router rejects, that it
> sends the message to :blackhole:
generally not a good idea to drop mail
> Is there a way for me to specify in a router if it fails, direct the
> message to :blackhole:
that would require a second router
--
This email has not been checked by half-arsed antivirus software