Re: [exim] Way to Prevent Spoofed Internal Addresses?

Sat, 25 Jun 2005 20:44:18 -0700

We run an internal mail server and a perimiter mail relay (that receives inbound mails and forwards to internal mail server).
What we did is create a blacklist on the perimiter mail relay for anything from [EMAIL PROTECTED] 





From: Paul Johnson <[EMAIL PROTECTED]>
To: [email protected]
Subject: Re: [exim] Way to Prevent Spoofed Internal Addresses?
Date: Sat, 25 Jun 2005 17:45:35 -0700
MIME-Version: 1.0

Received: from sesame.csx.cam.ac.uk ([131.111.8.41]) by mc1-f27.hotmail.com 
with Microsoft SMTPSVC(6.0.3790.211); Sat, 25 Jun 2005 17:47:54 -0700
Received: from [::1] (port=2341 helo=sesame.csx.cam.ac.uk)by 
sesame.csx.cam.ac.uk with esmtp (Exim 4.44)id 1DmLHd-00034m-MF; Sun, 26 Jun 
2005 01:46:01 +0100
Received: from sccrmhc14.comcast.net ([204.127.202.59]:55560)by 
sesame.csx.cam.ac.uk with esmtp (Exim 4.44) id 1DmLHX-00034h-Iffor 
[email protected]; Sun, 26 Jun 2005 01:45:59 +0100
Received: from ursine.ca ([24.20.196.39]) by comcast.net (sccrmhc14) with 
ESMTPid <20050626004546014004ejahe>; Sun, 26 Jun 2005 00:45:51 +0000
Received: from ip6-localhost ([::1]) by ursine.ca with esmtp (Exim 4.51)id 
1DmLHI-0002XL-TDfor [email protected]; Sat, 25 Jun 2005 17:45:44 -0700

X-Message-Info: JGTYoYF78jEHjJx36Oi8+Z3TmmkSEdPtfpLB7P/ybN8=
Organization: Ursine
User-Agent: KMail/1.7.2
References: <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: ::1
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on ursine.ca

X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 
tests=ALL_TRUSTED,AWL autolearn=ham version=3.0.4

X-SA-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100)
X-SA-Exim-Scanned: Yes (on ursine.ca)
X-Spam-Score: -2.6 (--)
X-BeenThere: [email protected]
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: A user list for the exim MTA <exim-users.exim.org>

List-Unsubscribe: 
<http://www.exim.org/mailman/listinfo/exim-users>,<mailto:[EMAIL PROTECTED]>

List-Archive: <http://www.exim.org/mail-archives/exim-users>
List-Post: <mailto:[email protected]>
List-Help: <mailto:[EMAIL PROTECTED]>

List-Subscribe: 
<http://www.exim.org/mailman/listinfo/exim-users>,<mailto:[EMAIL PROTECTED]>

Errors-To: [EMAIL PROTECTED]
Return-Path: [EMAIL PROTECTED]

X-OriginalArrivalTime: 26 Jun 2005 00:47:55.0064 (UTC) 
FILETIME=[B0827380:01C579E8]


On Saturday June 25 2005 1:54 pm, .|MoNK|Cucumber . wrote:

> We have this blocked inbound from the net (not allowing anything
> from the internal domain to come in), however, people can still
> spoof from addresses internally.

How do you block it inbound from the net?

--
Paul Johnson
Email and Instant Messenger (Jabber): [EMAIL PROTECTED]
http://ursine.ca/~baloo/
<< attach4 >>
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/




--

## List details at http://www.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/

## Please use the Wiki with this list - http://www.exim.org/eximwiki/






















					Reply via email to