EXIM Config file - incoming forwarded mail
Good Afternoon
I'm hoping someone can help.
We own 'example.com'.
UserA has a Hotmail account (UserA@hotmail.com) that is forwarding to UserA@example.com
If userB@example.com sends an email to UserA@hotmail.com - the message is re-directed to userA@example.com and the 'From' header remains as 'userB@example.com'. So our EXIM implementation looks at 'userB@Example.com' and rejects it as it's unauthenticated and not allowed to send via this Hotmail server.
How do we allow this forwarding to happen, but at the same time prevent email messages spoofing 'Example.com'? The obvious would be to tell UserB to email UserA@example.com directly - but we have a scenario where we are seeing lots of forwarded mail inbound to our EXIM environment for example.com. Any help would be greatly appreciated.
-
So our EXIM implementation looks at 'userB@Example.com[/EMAIL]' and rejects it as it's unauthenticated and not allowed to send via this Hotmail server.
Hello, Could you let us know the specific output to /var/log/exim_mainlog for one of the affected messages? EX:exigrep MSGID /var/log/exim_mainlog
Thank you.0 -
Thanks Michael. Here is the extract from the log:- 2017-03-07 15:15:23 [27538] H=mail-db5eur01lp0180.outbound.protection.outlook.com (EUR01-DB5-obe.outbound.protection.outlook.com) [213.199.154.180]:14906 I=[13.74.30.133]:25 X=TLSv1.2:AES256-SHA256:256 CV=no F= rejected RCPT : Invalid sender address: userB@example.com The ACL that is causing this is in the acl_smtp_rcpt section:- # Do not allow @example.com senders via MX from unknown IPs deny message = Invalid sender address: $sender_address sender_domains = ^(DOMSUFFS)\$ !hosts = net-iplsearch;/etc/exim/mx-allowed-ips # Do not allow @example.com mail for disallowed senders via MX deny message = Invalid sender address: $sender_address sender_domains = ^(DOMSUFFS)\$ !senders = lsearch;/etc/exim/mx-allowed-senders Any help or advice would be greatly appreciated. Cheers! 0 -
The ACL that is causing this is in the acl_smtp_rcpt section:- # Do not allow @example.com senders via MX from unknown IPs deny message = Invalid sender address: $sender_address sender_domains = ^(DOMSUFFS)\$ !hosts = net-iplsearch;/etc/exim/mx-allowed-ips # Do not allow @example.com mail for disallowed senders via MX deny message = Invalid sender address: $sender_address sender_domains = ^(DOMSUFFS)\$ !senders = lsearch;/etc/exim/mx-allowed-senders
Hello, Is this a custom ACL rule you have implemented? I don't see it included in the default Exim configuration offered in cPanel. Have you considered alternatives to prevent email spoofing, such as enforcing DKIM verification? Thank you.0
Please sign in to leave a comment.
Comments
3 comments