Also the test: If From.domain == <ANY DOMAIN SERVER HANDLES> && SMTP-AUTH==FALSE should also be used.
I use it on my server. If you try to send with anything that ends in @sebbe.eu my server will just reject the email. (And SMTP AUTH on my server is restricted to 192.168.*.* to prevent bots from guessing the password - which have happened several times before I added the IP restriction, that’s why the server will not permit you authenticating) -----Ursprungligt meddelande----- Från: Cyborg via Exim-users <[email protected]> Skickat: den 25 maj 2022 18:03 Till: [email protected] Ämne: Re: [exim] stopping spam with forged from: Am 25.05.22 um 17:20 schrieb Evgeniy Berdnikov via Exim-users: > On Wed, May 25, 2022 at 08:38:32AM -0600, Chad Leigh Shire.Net LLC via > Exim-users wrote: >> What is the best strategy to combat and right out reject mail that >> has the from: and the recipient address the same? Or alternately to >> force things like SPF checking against the from: in addition to the >> envelope-sender? (Not sure if that is a good idea — will it mess up >> legit email from mail processors etc ) > Such a mail may be a test message that user sent to its own address. > So blind comparison of From: and To: is not a good idea, especially taking > into accout that To: can contain several destination addresses and > may be used as Cc: field to keep own copy of outgoing mail. > > Take a look at DMARC. but, a valid user would use SMTP-Auth which the spammer won't use. so the test: ( From == To || From in To || From in CC ) && SMTP-AUTH==FALSE would be a valid methode IMHO. It ofcourse requires the use of amtp-auth, but that should be enabled anyway or the server will become or is an open relay for anyone. best regards, Marius -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/ -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
