Re: [exim] SRS reverse

2018-02-23 Thread Jasen Betts via Exim-users
On 2018-02-23, Rob Gunther via Exim-users  wrote:
> I am trying to add SRS to a server to deal with mail forwarding, following
> these instructions .
>
> I have the forwarding part working.
>
> The reverse part works as well, but I want to tweak it.  If a hash has
> expired or someone is trying to hack it the router rejects the mail.  When
> the router rejects the message, it returns an undelivered notice back to
> the sender.

> I could see this being used much like DNS amplification, someone could
> pound a victims email address using our server.

add "require verify=recipient" in the RCPT ACL
(this will run the router to check the address befror the email is
accepted)

> I would prefer if the SRS hash is invalid and the router rejects, that it
> sends the message to :blackhole:

generally not a good idea to drop mail 

> Is there a way for me to specify in a router if it fails, direct the
> message to :blackhole:

that would require a second router 

-- 
This email has not been checked by half-arsed antivirus software 

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/


[exim] SRS reverse

2018-02-23 Thread Rob Gunther via Exim-users
I am trying to add SRS to a server to deal with mail forwarding, following
these instructions .

I have the forwarding part working.

The reverse part works as well, but I want to tweak it.  If a hash has
expired or someone is trying to hack it the router rejects the mail.  When
the router rejects the message, it returns an undelivered notice back to
the sender.

I could see this being used much like DNS amplification, someone could
pound a victims email address using our server.

I would prefer if the SRS hash is invalid and the router rejects, that it
sends the message to :blackhole:

Is there a way for me to specify in a router if it fails, direct the
message to :blackhole:



Rob
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/