After long last, I'm finally fed up with the spoofed emails from
addresses such as:
admin@
support@
info@
staff@
I successfully blocked these by adding the following to my configure:
deny senders = [EMAIL PROTECTED]:[EMAIL PROTECTED]
message = Spoofers not welcome here!
However, I need a rule that will wildcard in all local domains, but also
allow for a whitelist:
allow senders = [EMAIL PROTECTED]
deny senders = admin
domains = +local_domains
message = Spoofers not welcome here!
But, with this, Exim refuses to run. What do I need to do in order to
block all mail from admin@ any local domain?
I also notice that the above only checks the envelope sender, not the
headers. What's to prevent some damned virus/trojan/spambot from the
following:
mail from: [EMAIL PROTECTED]
rcpt to: [EMAIL PROTECTED]
...
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
To the average user, this still appears to be an official
corrospondance, even though it's a spoofed.
Last question: What is the potential gain from emailing someone an
"offical" notice that their account will be closed, their password has
been changed, etc...? It only seems to cause confusion without purpose.
Thanks,
--
Troy Settle
Pulaski Networks
866.477.5638
http://www.psknet.com
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
