On Wed, Aug 10, 2011 at 11:41:36AM +0100, Dominic Benson wrote: > On 10/08/11 11:20, Bill Hayles wrote: >> Hi, Dominic and The Doctor >> >> On Wed, 10 Aug 2011 10:23:43 +0100 in message >> number<[email protected]>, received here on 10/08/2011 >> 11:47:16, Dominic Benson<[email protected]> said: >> >> The Doctor wrote >> >>> someone hijecked www to senjd thousands of spam and exim did not drop it >> Perhaps The Doctor could expand on that. If he means that thousands of >> spam were sent via his webmail program, then the normal condition is for >> them to be accepted unconditionally as webmail users are assumed >> legitimate, having had to log on. >> >> If that is the case, then it is the webmail configuration that needs >> looking at, and not Exim. > > I agree with regard to spam checking - although there is a case for AV > scanning outbound messages and then bouncing them if necessary. People do > accidentally send infected attachments, after all. > > Regardless of whether it was webmail, the real fix is to protect it from > the original abuse.
Or a trojan script >>> Depending on how the mail was initiated, it could be >>> >>> accept hosts = : >> But that is normally safe (I certainly have it) as you assume anything >> not sent by TCP/IP, i.e. originating from 127.0.0.1 is legitimate. >> If it isn't, then again, trying to configure Exim to fix the problem >> isn't, IMHO, the right way to go about it > With webmail, it is only as legitimate as authenticated SMTP. So it isn't > necessarily unreasonable to have some last-ditch anti-abuse measures. Or > AV. My point was not that the statement is unsafe, rather that if you wish > such messages to be subject to other conditions, they need to be inserted > before it in the ACL. > Key word is before. > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > > > -- > This message has been 'sanitized'. This means that potentially > dangerous content has been rewritten or removed. The following > log describes which actions were taken. > > Sanitizer (start="1312973125"): > Split unusually long word(s) in header. > SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): > Match (names="unnamed.txt", rule="2"): > Enforced policy: accept > > Total modifications so far: 1 > > > Anomy 0.0.0 : Sanitizer.pm > $Id: Sanitizer.pm,v 1.94 2006/01/02 16:43:10 bre Exp $ -- Member - Liberal International This is [email protected] Ici [email protected] God, Queen and country! Never Satan President Republic! Beware AntiChrist rising! http://twitter.com/rootnl2k http://www.facebook.com/dyadallee IT is done! http://groups.google.com/group/rec.arts.drwho/about -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
