Re: [exim] Relay prevention in old config

Top Page
Delete this message
Reply to this message
Author: Mike Brudenell
Date:  
To: Exim Users
Subject: Re: [exim] Relay prevention in old config
Hi, Kai -

Dredges the memory… Those characters weren't just about relaying protection:

- % explicitly requested routing/relaying through intermediate systems
- ! was used in UUCP addresses and so could be used for relaying (does
UUCP still exist? :-)
- @ is obviously the separator between local part and domain, and was
sometimes used by spammers to foll people into thinking the message was
from somewhere else — eg, fred@???@example.com was shown by some
email clients to be from "fred@???" when in fact it is an "@
example.com" address
- / starts file paths on Unix and could sometimes be used to deliver the
content of the message to a file — eg, perhaps over the content of your
password file?
- local parts starting with a "." could also refer to files — eg, ./name
in the current directory or ../name in the parent directory
- | piped the incoming message to a program so could be used on some
systems to do nefarious things
- ; separates Unix commands in a list, and is often used as a separator
or terminator in other types of database lookup.

Many of these might be less/no longer dangerous in well-configured systems.
But given the history email used to have of attack vectors using such
characters being used it's arguably playing it safe to disallow them still
(assuming you don't need them) to help protect your setup … just in case!
:-)

Cheers,
Mike B-)

On Wed, 6 Mar 2019 at 08:36, Kai Bojens via Exim-users <exim-users@???>
wrote:

> I recently found this in an old exim config:
>
> ###########################################################################
> # Deny if the local part contains @ or % or / or | or !. These are
> # rarely found in genuine local parts, but are often tried by people
> # looking to circumvent relaying restrictions.
> # Also deny if the local part starts with a dot. Empty components aren't
> # strictly legal in RFC 2822, but Exim allows them because this is
> # common.
> # However, actually starting with a dot may cause trouble if the local
> # part is used as a file name (e.g. for a mailing list).
> deny    local_parts     = ^.*[@!/|] : ^\\.

>
>
> Is this config still relevant? I couldn't think of any way of how to
> circumvent relaying restrictions by using special characters.
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>



--
Systems Administrator & Change Manager
IT Services, University of York, Heslington, York YO10 5DD, UK
Tel: +44-(0)1904-323811

Web: www.york.ac.uk/it-services
Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm