[exim] only relay mail for our domain in relay_from_hosts..
We had 2 accounts get compromised in the latest 'please reply with your password ( ) ' scam.. so what I am looking to do to prevent this from impacting us in the future is.. I would like exim to *only* send mail if it is from our domain.. in the acl_smtp_mail I have tried.. acl_check_mail: require domains = mydomain.org accept which passes exim -bV but gives a 451 and: cannot test domains condition in MAIL ACL How would I accomplish what I am looking for.. Thanks in advance. -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] only relay mail for our domain in relay_from_hosts..
On Thu, Aug 05, 2010 at 11:37:47AM -0400, B. Cook wrote: in the acl_smtp_mail I have tried.. acl_check_mail: require domains = mydomain.org accept which passes exim -bV but gives a 451 and: cannot test domains condition in MAIL ACL In acl_smtp_mail, you probably want sender_domains, not domains. To quote the spec, domains = domain list This condition is relevant only after a RCPT command ... sender_domains = domain list This condition tests the domain of the sender of the message ... Regards, -- Dave Evans http://djce.org.uk/ http://djce.org.uk/pgpkey signature.asc Description: Digital signature -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] only relay mail for our domain in relay_from_hosts..
W dniu 2010-08-05 17:37, B. Cook pisze: We had 2 accounts get compromised in the latest 'please reply with your password ( ) ' scam.. so what I am looking to do to prevent this from impacting us in the future is.. I would like exim to *only* send mail if it is from our domain.. Hi! Maybe this acl would be usefull for you: acl_check_data: deny authenticated = * condition = ${if or {{!eqi{$authenticated_id}{$sender_address}}\ {!eqi{$authenticated_id} {${address:$header_From:}} }}} message = You must send as the ID you authenticate with. Regards, Marcin -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] only relay mail for our domain in relay_from_hosts..
I will test that and see what it does.. it *looks* like it will also only take mail from domain list as well.. or am I missing something.. Will try and report back; thanks. On 8/5/10 12:15 PM, Dave Evans wrote: On Thu, Aug 05, 2010 at 11:37:47AM -0400, B. Cook wrote: in the acl_smtp_mail I have tried.. acl_check_mail: require domains = mydomain.org accept which passes exim -bV but gives a 451 and: cannot test domains condition in MAIL ACL In acl_smtp_mail, you probably want sender_domains, not domains. To quote the spec, domains =domain list This condition is relevant only after a RCPT command ... sender_domains =domain list This condition tests the domain of the sender of the message ... Regards, -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] only relay mail for our domain in relay_from_hosts..
Yes if people were authenticating that would be great.. I found this to 'force' that.. accept authenticated = * control= submission/domain= back to my problem.. People sign into squirrelmail as username which can append @domain.org silently.. imap and other smtp auth things.. need n...@domain.org.. I'm trying to help myself from squirrelmail abuse :/ domainlist sendfrom_domains = domain.org acl_check_mail: require domains = +sendfrom_domains accept temporarily rejected MAIL n...@gmail.com: cannot test domains condition in MAIL ACL On 8/5/10 12:19 PM, Marcin Mirosław wrote: W dniu 2010-08-05 17:37, B. Cook pisze: We had 2 accounts get compromised in the latest 'please reply with your password ( ) ' scam.. so what I am looking to do to prevent this from impacting us in the future is.. I would like exim to *only* send mail if it is from our domain.. Hi! Maybe this acl would be usefull for you: acl_check_data: deny authenticated = * condition = ${if or {{!eqi{$authenticated_id}{$sender_address}}\ {!eqi{$authenticated_id} {${address:$header_From:}} }}} message = You must send as the ID you authenticate with. Regards, Marcin -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] only relay mail for our domain in relay_from_hosts..
W dniu 2010-08-05 18:32, B. Cook pisze: Yes if people were authenticating that would be great.. Why they aren't? People uses login and password to login into webmail. I found this to 'force' that.. accept authenticated = * control= submission/domain= back to my problem.. People sign into squirrelmail as username which can append @domain.org silently.. imap and other smtp auth things.. need n...@domain.org.. It needs what you configured, imap/pop3/smtp can use login in form login or lo...@domain, all is in your hands. I'm trying to help myself from squirrelmail abuse :/ Squirrelmail can send auth to smtp server using login and pass used while user logged to webmail. I'm not sure how it is configured, where are used login = login and where login=u...@domain . Regards, Marcin -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/