My suggested rules covers them both. The first "deny" blocks mails with spoofed MAIL FROM adress, but the second deny (that you put in acl_data) blocks mails with spoofed MIME From. (ergo "From:" header). Having both is good because some spammers use a "correct" MAIL FROM but a spoofed "MIME From" that claims the mail was from yourself.
Den tis 5 feb. 2019 kl 17:28 skrev Evgeniy Berdnikov via Exim-users <[email protected]>: > > On Tue, Feb 05, 2019 at 04:48:46PM +0100, Sebastian Nielsen via Exim-users > wrote: > > in acl_mail (before SPF check): > > > > accept > > authenticated = * > > sender_domains = +local_domains > > set acl_m0 = authorizedrelay > > deny > > message = You can't spoof the domains this server is authorative for > > sender_domains = +local_domains > > > > > > then in acl_data: > > deny > > message = You can't spoof the MIME From this server is authorative for > > condition = ${if match > > {$h_from:}{^(?i).*<.*@(.*YOUR_DOMAIN_HERE>\$}{yes}{no}} > > condition = ${if eq {$acl_m0}{authorizedrelay}{no}{yes}} > > The $h_from: refers to mail header "From:", but you previously wrote > about MAIL FROM address, which is generally a different thing. > > You have better to run Exim with debugging (-d+acl) and study the output. > > > Den tis 5 feb. 2019 kl 15:37 skrev Al T. via Exim-users > > <[email protected]>... > > > I have manually tested both of these policies and they are working as they > > > should, except in one case: if the MAIL FROM and RCPT TO address are the > > > same, > > > the mail is accepted without requiring authentication, and without > > > validating > > > the SPF record. This means some spam gets through by simply claiming to be > > > from me to me. > > -- > Eugene Berdnikov > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
