?
Solved

Exim - Stop user from sending email with fake FROM address

Posted on 2011-04-21
2
Medium Priority
?
961 Views
Last Modified: 2012-05-11
My server host multiple domains, I have found some users sending spam, they login to SMTP using account 'user@domain.com' but sending email with SMTP FROM is name@gmail.com. How do I stop that emails?
0
Comment
Question by:Nigel Pham
2 Comments
 
LVL 41

Accepted Solution

by:
noci earned 1500 total points
ID: 35450114
Adding this to the acl for receipt to... (that follows the last mail from...)
 
acl_check_rcpt:
 ...
     deny
         authenticated = *
         condition     = ${if !eqi{$authenticated_id}{$sender_address}}
         message       = Invalid authentication (you can only send From:$authenticated_id)
         log_message   = acl_check_rcpt Invalid authentication (From:$sender_address, Auth:$authenticated_id)
...

Or check chapter 44 of the exim specification:
http://www.exim.org/exim-html-current/doc/html/spec_html/ch44.html

on control = submission.
0
 

Author Closing Comment

by:Nigel Pham
ID: 35713929
The solution requires some modification to allow special case such as WebMail on the same server (WebMail sending emails without authentication).
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Fine Tune your automatic Updates for Ubuntu / Debian
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
Suggested Courses
Course of the Month17 days, 2 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question