This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ASL V7 allows well known SPAM hacks

Hello, we just have to found out the hard way (beeing on a RBL) that V7 does not protect against 'old' SPAM hacks like:
RCPT TO:
RCPT TO:
RCPT TO:

These -and maybe other constructs- were filtered in V6. We strong believe that a security device should kill such hacks as default.

We opened a case at Astaro and will post their answers.

Regards, Peter

This thread was automatically locked due to age.

0 pebo over 17 years ago

To behave V7 like V6 Astaro suggests:

1. edit the following file:
/var/chroot-smtp/etc/exim.conf

2. insert:
# recipient characters
deny message = Restricted characters in address
local_parts = ^[.] : ^.*[@%!|]
Cancel
Vote Up 0 Vote Down

Cancel
0 tom_01 over 17 years ago in reply to pebo

It would be better fix your backend system(s) not to accept such addresses in the first place. These "hacks" (which they really aren't) are about 15 years old now ... [:)]
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 17 years ago in reply to tom_01

Tom, not to be a smart alec, but why on earth would Astaro remove this setting? I agree that backend systems should be configured properly, but why not keep this functionality. It makes no sense.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel