Am 17.07.2015 um 16:49 schrieb Giuliano David: > > Can anyone point me in the right direction to achieve the same with > exim4? >
Just remove 127.0.0.1 from the relay host. If all other connection must authenticate, so must webapps then. BUT: none of the existing webapps does that NOR do they know how to do so. They simply call 'sendmail' via the php mail() function. If they do not have a real smtp engine build in, they never will send a message again. And even IF they build it in, that does not stop hacks from happening and your problem starts all over. What you need is a IDS System to stop the hacks from happening. Much easier and cheaper: update the apps asap the exploit is found :) ( and get paied for it ;) ) Marius -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
