Author: Jasen Betts
Date:
To: exim-users
Subject: Re: [exim] Unstoppable spam
On 2019-09-24, Odhiambo Washington via Exim-users <exim-users@???> wrote:
> Authentication-Results: gw.ourdomain.tld;iprev=fail
> smtp.remote-ip=5.61.42.174;auth=pass (PLAIN)
> smtp.auth=benson.kuria@???;dmarc=skipped
> header.from=ourdomain.tld
Is that a standard header? I've not seen exim adding that.
It seems to say they did "auth plain" and gave an acceptable password.
(escpecially in combination with "esmtpsa" in the received header.
Could there be some problem with your plain authenticator? What is it
authenticating against?
Can you share the ' <= ' line for this email (1iCQpf-0002zI-7B) in the
exim logs it should be near Mon, 23 Sep 2019 19:05:01 +0300
--
When I tried casting out nines I made a hash of it.