> How to block sending mail from my host to my host users without
> authorization, so that in the future there are no such situations
> 41.56.57.80 is not my ip address
> Received: from [41.56.57.80]
> by domain.dot.com with esmtp (Exim 4.91)
> (envelope-from <katowice@???>)
> id 1gkmFE-0002ym-UR
> for katowice@???; Sat, 19 Jan 2019 09:44:49 +0100
You asked this question on a mailing list. Some mailing lists
don't alter envelope-from, so you'd not receive your own messages
back from such mailing lists. Also, the easiest way to test
whether your Exim is working at the moment is to send an email
through it to a forwarder which sends it to your email address.
What you quoted looks like an "I hacked your mailbox" scam
sent from a trojaned home Windows, no RDNS in this instance.
So, I can advise this solution for rcpt ACL:
warn dnslists = cbl.abuseat.org
set acl_m_cbl = 1
deny message = it looks like we did not send this
condition = ${if eqi{$sender_address}{$local_part@$domain}}
!authenticated = *
!hosts = @[]
condition = ${if or{\
{!def:sender_host_name}\
{match{$sender_host_name}{\N(\d{1,3}[-.]){3}\d\N}}\
{def:acl_m_cbl}\
}}
!dnslists = list.dnswl.org!=127.0.0.255 : swl.spamhaus.org
