Re: EXIM, Help stop relaying spam
On Tue, 3 Aug 1999, David Warnock wrote:
> How do we stop this problem?
>
> I have spent a whole day pulling my hair out trying to stop exim
> allowing other people in but I have not suceeded unless I also stop us
> being able to send (or in some cases recieve).
>
> Our setup is that our firewall forwards port 25 onto the main server
> which is running exim. This is using redir at present and I think that
> is part of the problem. If someone telnets onto exim they appear to be
> coming from the firewall.
That is correct. You need to either put your mailhost outside the firewall
where it can connect directly or put it ON the firewall. Note that you do
not need to do a lot on the firewall ... just collect mail bound for your
domain and relay it on to the internal mailhost while denying relays and
such.
> relay_domains = *.sundayta.co.uk
This means that you are going to relay ALL mail for *.sundayta.co.uk
regardless of where the mail is from.
> relay_domains_include_local_mx = true
You can turn this off because a spammer can simply put you host in his DNS
makeing you an MX host and you will relay for him.
> rbl_domains = rbl.maps.vix.com
> rbl_reject_recipients = true
> rbl_warn_header = false
This is never going to work in your configuration because all connections
appear from your firewall.
>
> sender_host_reject_relay = *
> sender_host_reject_relay_except =
> romans.sundayta.co.uk:proverbs.sundayta.co.uk
The above is the wrong syntax I think. It should be user@domain or
*@domain. In any case, it will allow anyone that puts
<any-user>@[romans|proverbs].sundayta.co.uk in their sender header to
relay mail through your machine.
> I would like to reject all hosts apart from some named machines at
> sundayta.co.uk but whenever I try that I stop all incoming mail from
> other hosts which is obviously not correct.
>
> Any help much appreciated while I still have some hair left.
Put the mailhost on the net so it can see the connections directly.
Reply to: