Terry wrote: > Hi over the last 2 weeks I am suddenly getting a lot of spam that claims > I sent it which of course i didnt. > What sort of acl could I use to catch it ? > > Here is what shows in my logs > > I'm quite surprised that only Ian Eiloart suggested the solution which really stops this specific kind of problem. All the SA and the like are just working around the problem, IMHO. The error in the configuration is, that someone can send a message claiming to be from your local domain without authentication through your server. Or to put it the other way round: On the normal SMTP port 25, do not allow sender addresses from the domains you are hosting on that server. Such messages should only be submitted through the submission port, like 587, which of course does only accept authenticated stuff.
After implementing this, look for a dynamic IP DNS list (including Dialup, xDSL, Cable, ... without static IPs) and block any attempt to send through port 25 if on it. That gets rid of quite a lot as well. Of course, this implies that you have implemented a submission system like I mentioned above. You'll find plenty of messages on the list describing that. Oliver -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
