Weblog entry #6 for forrest
See all weblog entries made by forrest.
#6
exim question
Posted by forrest on Sun 4 Jan 2009 at 03:30
I'm running a mailserver for my home network on debian etch. It recently occurred to me that a lot of incoming spam I get claims to be from someone@mydomain.com (where mydomain.com means my own domain).
Any valid mail claiming to be from a user @mydomain.com would originate from inside my NATted local network (192.168.xxx.xxx).
Is there a magic incantation I can put in my exim config to reject any outside mail claiming to be from @mydomain.com ?
Any valid mail claiming to be from a user @mydomain.com would originate from inside my NATted local network (192.168.xxx.xxx).
Is there a magic incantation I can put in my exim config to reject any outside mail claiming to be from @mydomain.com ?
Comments on this Entry
Posted by Anonymous (92.128.xx.xx) on Sun 4 Jan 2009 at 10:54
Depends if you mean mail with an envelope from of "mydomain.com" or a From: header address. The easiest approach is to add in an ACL (see the Exim docs for details) - for the envelope address add something like this to acl_check_rcpt
deny message = Mail from $sender_address_domain sent from external network
sender_domains = example.com
hosts = ! 192.168.0.0/16
log_message = mail from $sender_address_domain sent externally
For the From: header address add something like this to acl_check_data
deny message = Mail from ${domain:$h_From:} sent from external network
condition = ${if match{${domain:$h_From:}}{example.com} {yes}}
hosts = ! 192.168.0.0/16
log_message = mail from ${domain:$h_From:} sent externally
(these are untested, so be careful if implementing)
[ Parent | Reply to this comment ]
I've tested them for a while now (with "warn" instead of "deny") and I'm confident these rules do exactly what I need.
I'm putting them in for real now.
Thanks a million!
I'm putting them in for real now.
Thanks a million!
[ Parent | Reply to this comment ]