'Re: [exim] block emails with more than one 'Received: from' header'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       exim-users
Subject:    Re: [exim] block emails with more than one 'Received: from' header
From:       Heiko Schlittermann <hs () schlittermann ! de>
Date:       2010-01-26 14:44:49
Message-ID: 20100126144449.GF21311 () jumper ! schlittermann ! de
[Download RAW message or body]

[Attachment #2 (multipart/signed)]

Hello Charlie,

Charlie <mi6@orcon.net.nz> (Di 26 Jan 2010 08:20:26 CET):
> Hello,
> I am currently providing an email service to a hotel.
> All SMTP traffic from the hotel is redirected to my Exim server, which 
> authenticates it based on the hotel's IP address.
> This all works great, except recently we have found that spammers have found 
> a way to access a computer within the hotel's network, and have thus been 
> able to use my server to send emails.
> The only means by which I think I can restrict traffic so that it *truly* 
> comes from within the hotel's IP address, is to make it so that the emails 
> must have *only one* 'Received: from' header.
(…)

Despite the fact that I'm not sure how safe your approach is (in both
aspects: blocking illegitimate messages and allowing the rest) - you
should be able to use the $received_count variable:

    (from the spec:

    $received_count

        This variable contains the number of Received: header lines in the message,
        including the one added by Exim (so its value is always greater than zero).
        It is available in the DATA ACL, the non-SMTP ACL, and while routing and
        delivering.

More I'd think about real smtp authentication as suggested somewhere
else in this thread. (If this helps, of course depends on *how* the PC in the hotel
is taken under control of somebody else…)

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -

["signature.asc" (application/pgp-signature)]

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[prev in list] [next in list] [prev in thread] [next in thread] 