> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of .|MoNK|Cucumber .
> Sent: 25 June 2005 21:55
> To: [email protected]
> Subject: [exim] Way to Prevent Spoofed Internal Addresses?
>
> Is there a way with exim to prevent spoofed internal addresses?
>
> ie:, someone has a valid internal account, say
> [EMAIL PROTECTED], and they then go into Outlook and change
> the from address to [EMAIL PROTECTED] ?
>
> We have this blocked inbound from the net (not allowing
> anything from the internal domain to come in), however,
> people can still spoof from addresses internally.
>
> Any ideas?
You could try something like this:
deny
authenticated = *
!senders = $authenticated_id
message = Aliases not allowed
However, a problem with Outlook is that when it receives a "deny", instead
of reporting the error message from the MTA it just tries to send the email
again from any other accounts it can find, until it succeeds in sending the
email. If anyone knows how to stop it doing that, I'd appreciate hearing the
solution.
- Mark
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
