On 2018-02-23, Rob Gunther via Exim-users <exim-users@exim.org> wrote:
> I am trying to add SRS to a server to deal with mail forwarding, following
> these instructions <https://github.com/Exim/exim/wiki/SRS>.
>
> I have the forwarding part working.
>
> The reverse part works as well, but I want to tweak it.  If a hash has
> expired or someone is trying to hack it the router rejects the mail.  When
> the router rejects the message, it returns an undelivered notice back to
> the sender.

> I could see this being used much like DNS amplification, someone could
> pound a victims email address using our server.

add "require verify=recipient" in the RCPT ACL
(this will run the router to check the address befror the email is
accepted)

> I would prefer if the SRS hash is invalid and the router rejects, that it
> sends the message to :blackhole:

generally not a good idea to drop mail 

> Is there a way for me to specify in a router if it fails, direct the
> message to :blackhole:

that would require a second router 

-- 
This email has not been checked by half-arsed antivirus software 

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
  • [exim] SRS reverse Rob Gunther via Exim-users
    • Re: [exim] SRS reverse Jasen Betts via Exim-users

Reply via email to