Stop E-mail bound with fake sender
- Thread starter walo
- Start date
nobaloney
NoBaloney Internet Svcs - In Memoriam †
You can verify all senders before agreeing to accept the message.
But why is exim accepting the email if it's not for someone on your server?
Jeff
But why is exim accepting the email if it's not for someone on your server?
Jeff
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Check your local whitelists. Locally hosted domains should never be listed in local whitelists.
Jeff
Jeff
SeLLeRoNe
Super Moderator
Ive a similar question.. im using exim SB conf and i would like to delete automatically all email incoming from same user as recipient but from a remote server...
i try to explain better...
server A hosting example.com and got [email protected] email
i would like to auto-stop all email from [email protected] to [email protected] that arrive from any server except server A (that will do a normal local delivery i suppose).
There is a way to do that in exim SP? And... why this is not a "standard" in that conf?
Thanks
i try to explain better...
server A hosting example.com and got [email protected] email
i would like to auto-stop all email from [email protected] to [email protected] that arrive from any server except server A (that will do a normal local delivery i suppose).
There is a way to do that in exim SP? And... why this is not a "standard" in that conf?
Thanks
nobaloney
NoBaloney Internet Svcs - In Memoriam †
I'm sure there's a way to do it. I believe it's been discussed in these forums previously.
I won't implement because I send emails to myself (for example from my netbook while travelling) all the time, and I need to be able to do it.
I'm sure I'm not the only one who would have a problem with this; I know from experience a lot of my clients send emails to themselves from outside servers.
So you're on your own.
Jeff
I won't implement because I send emails to myself (for example from my netbook while travelling) all the time, and I need to be able to do it.
I'm sure I'm not the only one who would have a problem with this; I know from experience a lot of my clients send emails to themselves from outside servers.
So you're on your own.
Jeff
walo
Verified User
- Joined
- Mar 19, 2005
- Messages
- 154
Enerybody send emails from any other machine, that is obvious. But when you do that you use the server's SMTP.
You have [email protected] in server1.com. If you send an email using SMTP from server2.com and using [email protected] as FROM you are faking the sender.
If server3.com receives that email it will bounce it and send the returned message to [email protected]. This is what we need to avoid.
It is more clear now?
You have [email protected] in server1.com. If you send an email using SMTP from server2.com and using [email protected] as FROM you are faking the sender.
If server3.com receives that email it will bounce it and send the returned message to [email protected]. This is what we need to avoid.
It is more clear now?
SeLLeRoNe
Super Moderator
hehe i think walo explained better.. but... a bit wrong maybe on last sentence
if you send email FROM [email protected] using smtp.server2.com (instead of smtp.server1.com) TO [email protected] that will dont allow you to receive that email cause the smtp server TO server1.com FROM server1.com BUT NOT with the correct server (cause server1.com is already on the server receiving
I know my english is very not good im sorry specially when i try to explain that things
i hope someone will catch what im trying to saying in the best way... is not a stop you to use ur email from more computer but.. to send email to yourself just using your own server....
[email protected] IS ON server1.com receiving email from [email protected] FROM smtp server2.com=DENY
hope u get it ^^
thanks
if you send email FROM [email protected] using smtp.server2.com (instead of smtp.server1.com) TO [email protected] that will dont allow you to receive that email cause the smtp server TO server1.com FROM server1.com BUT NOT with the correct server (cause server1.com is already on the server receiving
I know my english is very not good im sorry specially when i try to explain that things
i hope someone will catch what im trying to saying in the best way... is not a stop you to use ur email from more computer but.. to send email to yourself just using your own server....
[email protected] IS ON server1.com receiving email from [email protected] FROM smtp server2.com=DENY
hope u get it ^^
thanks
LawsHosting
Verified User
eg. if someone sends from mail.yahoo.com with an email address in the from field that they know exist on your server with the to field with the same email address as the from field - drop it? Am I right?
i.e.
To: [email protected]
From: [email protected]
Isn't that backscatter?
i.e.
To: [email protected]
From: [email protected]
Isn't that backscatter?
Last edited:
SeLLeRoNe
Super Moderator
yes thats correct, i thot was something easy to block and normal to block but appear is not 
nobaloney
NoBaloney Internet Svcs - In Memoriam †
It's easy to block. In my opinion, It's also wrong.
It's wrong because there's no requirement anywhere in RFCs that your return address match your server. And because many of us send emails back to ourselves when using foreign servers.
For example, I'm at the coffeeshop and using their free WiFi. I use their mailserver (very commonly done) and I send myself a copy so I can put it into my "sent" folder on my desktop when I get home.
Since this is something I need, and since the RFCs allow it, I'm not going to write it out of my exim.conf file.
Perhaps it's time for you (or even for DirectAdmin publishers) to decide to either make changes to my default file, or to not use it at all.
Please feel free to make your voice known, in a Feature Request so DirectAdmin staff can consider it.
Jeff
It's wrong because there's no requirement anywhere in RFCs that your return address match your server. And because many of us send emails back to ourselves when using foreign servers.
For example, I'm at the coffeeshop and using their free WiFi. I use their mailserver (very commonly done) and I send myself a copy so I can put it into my "sent" folder on my desktop when I get home.
Since this is something I need, and since the RFCs allow it, I'm not going to write it out of my exim.conf file.
Perhaps it's time for you (or even for DirectAdmin publishers) to decide to either make changes to my default file, or to not use it at all.
Please feel free to make your voice known, in a Feature Request so DirectAdmin staff can consider it.
Jeff
SeLLeRoNe
Super Moderator
I understand your point jal, but, there's a lot of spam email that use this way for send spam to an email.. they use the same email address as sender.. thats why i proposed this way.
well, this is just my opinion
well, this is just my opinion
LawsHosting
Verified User
What also annoys me is when spammers induldge in real backscatter: use your domain for emailing, sending CC mails to random addresses, when an address fails, that server sends bounces..... blah blah.......
Would love to know how much bandwidth is used for just spam, has to be a fair whack......
Would love to know how much bandwidth is used for just spam, has to be a fair whack......