Prevent email spoofing

GoWilkes

Well-Known Member
Sep 26, 2006
644
28
178
cPanel Access Level
Root Administrator
I found a script online that can be added to exim.conf, that is supposed to prevent email spoofing:

check_recipient:
deny
message = "Incorrect from address <${sender_address}>. Please use <${authenticated_id}> instead"
authenticated = *
! condition = ${if match_address{${sender_address}}{$authenticated_id} }

Giving credit where credit is due:

cPanel - Prevent Mail Spoofing | Ruy Rocha

I tried using it to prevent a virus from sending out spam, and it DID work. But my question is, will this prevent people from using legitimately forwarded accounts from sending email, too?

Eg, if my account is [email protected], and I have a bunch of forwarders set up on the server:

[email protected] -> [email protected]
[email protected] -> [email protected]
[email protected] -> [email protected]

Would I still be able to send emails as [email protected], even though the account username is [email protected]? Or would this also be blocked?

If this would also be blocked, can you guys suggest a modification to the script that WOULD allow legitimately forwarded accounts?
 

GoWilkes

Well-Known Member
Sep 26, 2006
644
28
178
cPanel Access Level
Root Administrator
After some work, I've found that the script DOES prevent the client from using legitimately forwarded emails as a return address.

Any suggestions on how to modify the script to allow legitimately forwarded accounts? Or at the very least, to only check that the domain matches instead of the entire address?