On Friday 22 August 2008, Oliver von Bueren wrote:
> [EMAIL PROTECTED] wrote:
> > How can I prevent Sender Forgery for my server. Alot of people in my
> > company are getting e-mails from themselves. Any Ideas will be greatly
> > appreciated.
>
> Only allow local domains to be used on authenticated SMTP sessions on
> the submission port.
"local domains" is the problem. People have mostly non local domains. They get
emails from outside world.
Deny mail commit from local domains without smtp auth.
deny message = Not allowed without SMTP AUTH
domains = +local_domains
sender_domains = +local_domains
!authenticated = *
Note this has one big weakness. You can send mail with
MAIL FROM: <[EMAIL PROTECTED]>
and then still put
From: [EMAIL PROTECTED]
and this will go trough.
Some $h_from rule checking would be needed, too.
--
Arkadiusz MiĆkiewicz PLD/Linux Team
arekm / maven.pl http://ftp.pld-linux.org/
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
