Re: [exim] Hit with some kind of hidden multiple recipient…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Sebastian Nielsen
Date:  
À: 'Mailing List'
Sujet: Re: [exim] Hit with some kind of hidden multiple recipients relay hack?
And of course add:

auth_advertise_hosts = <colon-separated list of networks your clients come from>

If you have a common ISP that your clients use (for example a corporate mobile ISP), add the CIDR of that operator's ASN.
Thus you limit the attack surface, since bots will not go and guess passwords.

-----Ursprungligt meddelande-----
Från: Slavko via Exim-users <exim-users@???>
Skickat: den 25 februari 2022 15:48
Till: exim-users@???
Ämne: Re: [exim] Hit with some kind of hidden multiple recipients relay hack?

Ahoj,

Dňa Fri, 25 Feb 2022 13:18:27 +0100 Cyborg via Exim-users <exim-users@???> napísal:

> acl_check_data:
>
>    deny    condition  = ${if eq{$authenticated_id}{} {1}{0}}
>                domains = ! +local_domains

>


will not be better to do this check in RCPT ACL and simplify it as this (eventualy add relayed domains):

    deny  !authenticated = *
                !domains = +local_domains #: +relay_to_domains



regards

--
Slavko
https://www.slavino.sk