Re: [exim] How to stop spoofed "From" address

Mon, 15 Oct 2007 18:10:32 -0700 

>> Also, do you see any conflicting code with other parts of the ACL?
> 
> I didn't see anything particular unusual.  I think it should work fine.
> Definitely test it though to make sure its not blocking regular email.
> 
> I would test by sending email not only locally, but to yourself from
> another ISP.
> 
> --
> Dean Brooks
> [EMAIL PROTECTED]
> 


 > I didn't see anything particular unusual.  I think it should work fine.
 > Definitely test it though to make sure its not blocking regular email.
 >
 > I would test by sending email not only locally, but to yourself from
 > another ISP.
 >
 > --
 > Dean Brooks
 > [EMAIL PROTECTED]
 >

Thanks again Dean.  I will definitely test it before keeping it live.  Just 
curious... is there a way to silently save the email somewhere before rejecting 
it, so that I 
can watch the results of the rejection over the next few weeks to make sure 
that it is only junk getting rejected?  After all, this access control is 
happening after the 
DATA section, so all the info is there, right?

Maybe I could do an "unseen" delivery action (if that's possible... I'm trying 
to learn how everything works), before the deny takes effect?  In effect, 
because of the 
"unseen" delivery, I would still get the email but the server would send the 
rejection notice back to the connecting MTA.  Once I'm satisfied with the 
results, I can drop 
the "unseen" delivery for the intended effect of blocking spam of this sort.

SO, COULD I DO THE FOLLOWING?
============================
unseen accept
   ! authenticated = *
   condition = ${if match_domain{${domain:${address:$h_from:}}}{+localdomains}}
   message   = sorry, external MTA's and unauthenticated MTU's don't have\
               permission to send email to this server with a header that\
               states the email is from ${lc:${domain:${address:$h_from:}}}.

deny
   ! authenticated = *
   condition = ${if match_domain{${domain:${address:$h_from:}}}{+localdomains}}
   message   = sorry, external MTA's and unauthenticated MTU's don't have\
               permission to send email to this server with a header that\
               states the email is from ${lc:${domain:${address:$h_from:}}}.

============================

Or, if the "unseen" delivery isn't possible, maybe call a perl function to  
drop the headers and data into a file?

Thanks much!
Terry



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to