Hi all, I'm using Exim version 4.69 and am having an issue with relaying... it seems that by simply supplying a null/empty Envelope Sender anyone can relay email to anywhere they'd like.
##################### ...snip... >>> RSET <<< 250 Reset OK >>> MAIL FROM: <> <<< 250 OK >>> RCPT TO: <[email protected]> <<< 250 Accepted ...snip... ##################### I've read through all the Exim list archives I can find, and a number of other articles talking about null and empty Envelope Sender issues, but I can't find what I need to solve this issue. It seems to me that this should be basic but for some reason I can't figure it out or find anyone adressing this particular problem. I'm going to post a couple excerpts from the config file that might(?) be relevant and useful in figuring out this situation... excerpt from exim config: ################################ *...snip...* acl_smtp_connect = check_connect acl_smtp_helo = check_helo acl_smtp_rcpt = check_recipient acl_smtp_data = check_message acl_smtp_auth = check_auth *...snip...* begin acl check_connect: accept hosts = +whitelist endpass warn dnslists = hostkarma.junkemailfilter.com=127.0.0.1 set acl_c1 = white - dnswl - $sender_fullhost log_message = GREYLIST CONNECT - WHITE Hostname $sender_host_name $sender_host_address warn dnslists = hostkarma.junkemailfilter.com=127.0.0.3 set acl_c1 = yellow - $sender_fullhost log_message = GREYLIST CONNECT - YELLOW Hostname $sender_host_name $sender_host_address deny hosts = +hardblacklist log_message = BLACKLIST CONNECT Hostname $sender_host_name $sender_host_address deny dnslists = hostkarma.junkemailfilter.com=127.0.0.2 log_message = GREYLIST CONNECT - BLACK Hostname $sender_host_name $sender_host_address deny log_message = SPAM RBL $dnslist_domain !dnslists = hostkarma.junkemailfilter.com=127.0.0.1,127.0.0.3 dnslists = nomail.rhsbl.sorbs.net/$sender_address_domain : cbl.abuseat.org :\ web.dnsbl.sorbs.net : socks.dnsbl.sorbs.net :\ http.dnsbl.sorbs.net : blackholes.mail-abuse.org warn log_message = DNS CHECK REVERSE $sender_host_address. !verify = reverse_host_lookup accept check_helo: accept hosts = +whitelist endpass deny message = Your server announces itself \ ($sender_helo_name) with a plain \ IP address which is in breach of RFC2821. \ Please read http://www.faqs.org/rfcs/rfc2821.html \ and fix before attempting to resend. condition = ${if isip {$sender_helo_name} {1}{0} } log_message = HELO IP $sender_helo_name warn condition = ${if !match{$sender_helo_name}{\\.}{yes}{no}} log_message = HELO NO-FQDN $sender_helo_name deny log_message = HELO MISMATCH Forged HELO for ($sender_helo_name) set acl_m5 = ${lookup{$sender_helo_name} \ partial-lsearch{/usr/local/etc/exim/helo-check} \ {${if eq{$value}{}{$sender_helo_name}{$value}}}{}} message = You are not really $sender_helo_name. Go Away. condition = ${if !eq{$acl_m5}{} {1}} condition = ${if !match{$sender_host_name}{${rxquote:$acl_m5}\N$\N} {1}} warn !verify = helo log_message = HELO VERIFY for ($sender_helo_name) ($sender_host_name) accept check_recipient: *...snip...* ################################ Please let me know any ideas you have... I can post more/specific parts of the config file too of course. Thanks in advance for your time! Amrahd -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
