Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

EXIM Config file - incoming forwarded mail

Discussion in 'E-mail Discussion' started by dhep27, Mar 13, 2017.

  1. dhep27

    dhep27 Registered

    Joined:
    Mar 13, 2017
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Devon
    cPanel Access Level:
    Website Owner
    Good Afternoon

    I'm hoping someone can help.

    We own 'example.com'.
    UserA has a Hotmail account (UserA@hotmail.com) that is forwarding to UserA@example.com

    If userB@example.com sends an email to UserA@hotmail.com - the message is re-directed to userA@example.com and the 'From' header remains as 'userB@example.com'. So our EXIM implementation looks at 'userB@Example.com' and rejects it as it's unauthenticated and not allowed to send via this Hotmail server.

    How do we allow this forwarding to happen, but at the same time prevent email messages spoofing 'Example.com'? The obvious would be to tell UserB to email UserA@example.com directly - but we have a scenario where we are seeing lots of forwarded mail inbound to our EXIM environment for example.com. Any help would be greatly appreciated.
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,896
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Could you let us know the specific output to /var/log/exim_mainlog for one of the affected messages? EX:

    Code:
    exigrep MSGID /var/log/exim_mainlog
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. dhep27

    dhep27 Registered

    Joined:
    Mar 13, 2017
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Devon
    cPanel Access Level:
    Website Owner
    Thanks Michael. Here is the extract from the log:-

    2017-03-07 15:15:23 [27538] H=mail-db5eur01lp0180.outbound.protection.outlook.com (EUR01-DB5-obe.outbound.protection.outlook.com) [213.199.154.180]:14906 I=[13.74.30.133]:25 X=TLSv1.2:AES256-SHA256:256 CV=no F=<userB@example.com> rejected RCPT <userA@example.com>: Invalid sender address: userB@example.com

    The ACL that is causing this is in the acl_smtp_rcpt section:-

    # Do not allow @example.com senders via MX from unknown IPs
    deny message = Invalid sender address: $sender_address
    sender_domains = ^(DOMSUFFS)\$
    !hosts = net-iplsearch;/etc/exim/mx-allowed-ips

    # Do not allow @example.com mail for disallowed senders via MX
    deny message = Invalid sender address: $sender_address
    sender_domains = ^(DOMSUFFS)\$
    !senders = lsearch;/etc/exim/mx-allowed-senders

    Any help or advice would be greatly appreciated. Cheers!
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,896
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Is this a custom ACL rule you have implemented? I don't see it included in the default Exim configuration offered in cPanel. Have you considered alternatives to prevent email spoofing, such as enforcing DKIM verification?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice