[Wolves] Exim relay problem
Wayne Morris
wayne at machx.co.uk
Wed Jun 14 14:29:53 BST 2006
Hi,
Just noticed that my exim 4 email server (on FC3) has become an open relay.
Here are the first few lines of a sample incoming spam email:
"1FqI2N-0000re-FV-H
root 0 0
<apache at webserve2.machx.co.uk>
1150240267 0
-helo_name webserve2.machx.co.uk
-host_address 127.0.0.1.54172
-host_name localhost
-interface_address 127.0.0.1.25
-received_protocol esmtp
-body_linecount 14
XX
1
infostreetmoda.com
194P Received: from localhost ([127.0.0.1] helo=webserve2.machx.co.uk)
by webserve2.machx.co.uk with esmtp (Exim 4.43)
id 1FqI2N-0000re-FV
for info at streetmoda.com; Wed, 14 Jun 2006 00:11:08 +0100
135P Received:"
Maybe I'm reading it wrong, but it appears to be getting through because
the relayer is spoofing its address as 127.0.0.1 which EXIM was set to
allow.
However, I have blocked relaying fro 127.0.0.1 and its still getting
through.
Any ideas?
--
Wayne Morris
Machx
T 01902 490554
F 01902 405353
M 07960 859346
W www.machx.co.uk
More information about the Wolves
mailing list