Exim acl to require auth on connections trying to use local domains

NetVicious

Member
Feb 4, 2013
14
0
1
cPanel Access Level
Reseller Owner
Hi!
I read some threads related to this. But they're trying to block this instead of requiring authentication on the server.

The problem it's the SMTP Server (exim) allows to receive external connections spoofing local domain addresses.

The domain has perfect SPF, DKIM and DMARC registers. That kind of messages are not banned by these technologies because the sender it's not another email server. These are direct connections to the SMTP server like a legal user/owner of an email address managed by that server.

You can test it within a simple telnet to the port 25 on your server running these commands:

Code:
helo yourdomain.gld<intro>
mail from:<[email protected]><intro>
rcpt to:<[email protected]><intro>
data<intro>
Subject: Spoof test<intro>
Some text here<intro>
.<intro>
<intro>
I see on stackoverflow a little acl for Exim, but I don't know where I should place it and if it's ok.

Code:
accept
   message = must auth
   domains = +local_domains : +relay_to_domains
   senders = : regex-expresion
I know this kind of acls should break mails received FROM mailing list. Because SPF and other technologies leave this little hole to continue allow receiving spoofed emails from mailing lists to know which was the real sender of the email sent to the mailing list.
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
8,052
652
263
Houston
cPanel Access Level
DataCenter Provider

NetVicious

Member
Feb 4, 2013
14
0
1
cPanel Access Level
Reseller Owner
Hi! Thanks for answer.
Yes I know it, but I don't know where to place that code (function or section I see on the advanced editor).