Hello, The setup is an email server receiving and sending on behalf of another local email machine.
Someone has managed to find a vulnerability in our system. a small amount of spam is being relayed via an user. When I found this out, I put deny receipients = [EMAIL PROTECTED] in the acl_check_rcpt of the locally relaying email server (the email server that sends to the local email machine). This works sometimes only. The ones that got through look like this in the log: 2005-09-07 00:46:25 1ECrpI-0006Tx-TY <= <> R=1ECrAq-0006L7-Tr U=An_user P=local S=102002 2005-09-07 00:46:25 1ECrAq-0006L7-Tr Completed 2005-09-07 00:46:25 1ECrpI-0006Tx-TY => [EMAIL PROTECTED] R=aaaa T=aaaa H=local_host [local ip address] 2005-09-07 00:46:25 1ECrpI-0006Tx-TY Completed This gets sent to the second machine which is followed by the second machine sending out spam to a bunch of email addresses. What is the hole that I have missed and how do I plug it? I have attempted to put the deny in the config files of the local email host as well. I will see if this fixes the problem tonight. How can I guarantee that no email to the ExistingUser gets through? The user should not be receiving any email. It is vital that the user be able to send email, however. Thanks, Guru __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
