The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Exim spoofing feature acl_check_data doesnt work

Discussion in 'E-mail Discussions' started by osiem, Sep 14, 2013.

  1. osiem

    osiem Registered

    Joined:
    Sep 14, 2013
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello, I following this post http://forums.cpanel.net/f43/block-e-mail-forging-232571.html#post957772 to prevent spoofing e-mail from webmail (ex. Roundcube). I've paste thin into BEGINACL box:

    Code:
    acl_check_data:
    deny
     authenticated	 = *
     condition = ${if or {{ !eqi{$authenticated_id} {$sender_address} }\
      { !eqi{$authenticated_id} {${address:$header_From:}} }\
     }\
     }
     message	 = Spoof!
    But this feature doesn't work. Sender domain is @example.com and when I've used custom FROM e-mail in Roundcube @fbi.gov e-mail was delivered successfull :(

    How to repair this? I'm using the latest WHM & CPanel.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You can try enabling the following option under the "Mail" tab in "WHM Home » Service Configuration » Exim Configuration Manager":

    "EXPERIMENTAL: Rewrite From: header to match actual sender"

    If you enable this option, the From: header will be rewritten to be the email address of the actual message sender. If you choose the "remote" option, only messages that are being sent to remote destinations will be affected.

    Thank you.
     
Loading...

Share This Page