The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

EXIM Config file - incoming forwarded mail

Discussion in 'E-mail Discussions' started by dhep27, Mar 13, 2017.

  1. dhep27

    dhep27 Registered

    Joined:
    Mar 13, 2017
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Devon
    cPanel Access Level:
    Website Owner
    Good Afternoon

    I'm hoping someone can help.

    We own 'example.com'.
    UserA has a Hotmail account (UserA@hotmail.com) that is forwarding to UserA@example.com

    If userB@example.com sends an email to UserA@hotmail.com - the message is re-directed to userA@example.com and the 'From' header remains as 'userB@example.com'. So our EXIM implementation looks at 'userB@Example.com' and rejects it as it's unauthenticated and not allowed to send via this Hotmail server.

    How do we allow this forwarding to happen, but at the same time prevent email messages spoofing 'Example.com'? The obvious would be to tell UserB to email UserA@example.com directly - but we have a scenario where we are seeing lots of forwarded mail inbound to our EXIM environment for example.com. Any help would be greatly appreciated.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you let us know the specific output to /var/log/exim_mainlog for one of the affected messages? EX:

    Code:
    exigrep MSGID /var/log/exim_mainlog
    Thank you.
     
  3. dhep27

    dhep27 Registered

    Joined:
    Mar 13, 2017
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Devon
    cPanel Access Level:
    Website Owner
    Thanks Michael. Here is the extract from the log:-

    2017-03-07 15:15:23 [27538] H=mail-db5eur01lp0180.outbound.protection.outlook.com (EUR01-DB5-obe.outbound.protection.outlook.com) [213.199.154.180]:14906 I=[13.74.30.133]:25 X=TLSv1.2:AES256-SHA256:256 CV=no F=<userB@example.com> rejected RCPT <userA@example.com>: Invalid sender address: userB@example.com

    The ACL that is causing this is in the acl_smtp_rcpt section:-

    # Do not allow @example.com senders via MX from unknown IPs
    deny message = Invalid sender address: $sender_address
    sender_domains = ^(DOMSUFFS)\$
    !hosts = net-iplsearch;/etc/exim/mx-allowed-ips

    # Do not allow @example.com mail for disallowed senders via MX
    deny message = Invalid sender address: $sender_address
    sender_domains = ^(DOMSUFFS)\$
    !senders = lsearch;/etc/exim/mx-allowed-senders

    Any help or advice would be greatly appreciated. Cheers!
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Is this a custom ACL rule you have implemented? I don't see it included in the default Exim configuration offered in cPanel. Have you considered alternatives to prevent email spoofing, such as enforcing DKIM verification?

    Thank you.
     
Loading...

Share This Page