On Tue, Feb 05, 2019 at 04:48:46PM +0100, Sebastian Nielsen via Exim-users
wrote:
> in acl_mail (before SPF check):
>
> accept
> authenticated = *
> sender_domains = +local_domains
> set acl_m0 = authorizedrelay
> deny
> message = You can't spoof the domains this server is authorative for
> sender_domains = +local_domains
>
>
> then in acl_data:
> deny
> message = You can't spoof the MIME From this server is authorative for
> condition = ${if match
> {$h_from:}{^(?i).*<.*@(.*YOUR_DOMAIN_HERE>\$}{yes}{no}}
> condition = ${if eq {$acl_m0}{authorizedrelay}{no}{yes}}
The $h_from: refers to mail header "From:", but you previously wrote
about MAIL FROM address, which is generally a different thing.
You have better to run Exim with debugging (-d+acl) and study the output.
> Den tis 5 feb. 2019 kl 15:37 skrev Al T. via Exim-users
> <[email protected]>...
> > I have manually tested both of these policies and they are working as they
> > should, except in one case: if the MAIL FROM and RCPT TO address are the
> > same,
> > the mail is accepted without requiring authentication, and without
> > validating
> > the SPF record. This means some spam gets through by simply claiming to be
> > from me to me.
--
Eugene Berdnikov
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
