Hello Charlie, Charlie <[email protected]> (Di 26 Jan 2010 08:20:26 CET): > Hello, > I am currently providing an email service to a hotel. > All SMTP traffic from the hotel is redirected to my Exim server, which > authenticates it based on the hotel's IP address. > This all works great, except recently we have found that spammers have found > a way to access a computer within the hotel's network, and have thus been > able to use my server to send emails. > The only means by which I think I can restrict traffic so that it *truly* > comes from within the hotel's IP address, is to make it so that the emails > must have *only one* 'Received: from' header. (…)
Despite the fact that I'm not sure how safe your approach is (in both
aspects: blocking illegitimate messages and allowing the rest) - you
should be able to use the $received_count variable:
(from the spec:
$received_count
This variable contains the number of Received: header lines in the
message,
including the one added by Exim (so its value is always greater than
zero).
It is available in the DATA ACL, the non-SMTP ACL, and while routing and
delivering.
More I'd think about real smtp authentication as suggested somewhere
else in this thread. (If this helps, of course depends on *how* the PC in the
hotel
is taken under control of somebody else…)
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann HS12-RIPE -----------------------------------------
gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B -
signature.asc
Description: Digital signature
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
