Exim acl to require auth on connections trying to use local domains
Hi!
I read some threads related to this. But they're trying to block this instead of requiring authentication on the server.
The problem it's the SMTP Server (exim) allows to receive external connections spoofing local domain addresses.
The domain has perfect SPF, DKIM and DMARC registers. That kind of messages are not banned by these technologies because the sender it's not another email server. These are direct connections to the SMTP server like a legal user/owner of an email address managed by that server.
You can test it within a simple telnet to the port 25 on your server running these commands:
I see on stackoverflow a little acl for Exim, but I don't know where I should place it and if it's ok.
helo yourdomain.gld
mail from:
rcpt to:
data
Subject: Spoof test
Some text here
.
I see on stackoverflow a little acl for Exim, but I don't know where I should place it and if it's ok.
-
You can add custom ACL's for exim at WHM>>Service Configuration>>Exim Configuration -> Advanced Editor or alternatively they can be added to /etc/exim.conf.local
The exim configuration manager documentation may be useful for you as well: Exim Configuration Manager - Version 84 Documentation - cPanel Documentation0 -
Hi! Thanks for answer. Yes I know it, but I don't know where to place that code (function or section I see on the advanced editor). 0
Please sign in to leave a comment.
Comments
3 comments