[exim] Mail to self allowed without restrictions

Pàgina inicial
Delete this message
Reply to this message
Autor: Al T.
Data:  
A: exim-users
Assumpte: [exim] Mail to self allowed without restrictions
I have an interesting problem I haven't been able to solve. I keep searching
for a solution but I can't seem to find an answer.

Users of my domain are required to authenticate in order to submit email.
Additionally, SPF is enabled and rejects all mail not originating from my MX
server (v=spf1 a mx -all).

I have manually tested both of these policies and they are working as they
should, except in one case: if the MAIL FROM and RCPT TO address are the same,
the mail is accepted without requiring authentication, and without validating
the SPF record. This means some spam gets through by simply claiming to be
from me to me.

Any ideas why Exim does that and how to block it?

--
Al T.
alf@???