Re: [exim] SRS reverse

Top Page
Delete this message
Reply to this message
Author: Jasen Betts
Date:  
To: exim-users
Subject: Re: [exim] SRS reverse
On 2018-02-23, Rob Gunther via Exim-users <exim-users@???> wrote:
> I am trying to add SRS to a server to deal with mail forwarding, following
> these instructions <https://github.com/Exim/exim/wiki/SRS>.
>
> I have the forwarding part working.
>
> The reverse part works as well, but I want to tweak it. If a hash has
> expired or someone is trying to hack it the router rejects the mail. When
> the router rejects the message, it returns an undelivered notice back to
> the sender.


> I could see this being used much like DNS amplification, someone could
> pound a victims email address using our server.


add "require verify=recipient" in the RCPT ACL
(this will run the router to check the address befror the email is
accepted)

> I would prefer if the SRS hash is invalid and the router rejects, that it
> sends the message to :blackhole:


generally not a good idea to drop mail

> Is there a way for me to specify in a router if it fails, direct the
> message to :blackhole:


that would require a second router

--
This email has not been checked by half-arsed antivirus software