Re: [exim] New compromise...?

Top Page
This message is part of the following thread:
M---+\the complete thread tree sorted by date
M--\MMHeiko Schlittermann at <-
M+\MSebastian Nielsen at ->
Delete this message
Reply to this message
Author: Randy Bush
Date:  
To: mje
CC: exim-users
Subject: Re: [exim] New compromise...?
> However - from my viewpoint, the Username used in the authentication
> "myclient@???" should be the same as the "From".. i.e. <=
> minanilo@???.
> Is there a neat way to drop emails when the "From" is not the same as
> the PLAIN authenticated name?

so some of the spammers will adapt and send matching. been down this
rabbit hole.

i do not allow passwords for shell and use the

server_condition = ${if crypteq{$auth3}{${lookup{$auth2}lsearch{/usr/local/etc/mailpass}}}}

putting only smtp senders in the auth file.

and then i monitor volume carefully and ring alarms

randy

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Content scanning and non-MIME messagesRe: [exim] New compromise...?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)