Of course you can, have a look at: http://slett.net/spam-filtering-for-mx/collateral.html#signedsender and: http://slett.net/spam-filtering-for-mx/exim-sign.html
What I do is using signed envelope sender and accepting bounces for those ones. Bounces addressed to real users but not signed are also accepted but they are just eaten by a blackhole acl. I think Tony Finch has also done an implementation, but I cannot find back the exact url. On Tue, 28 Jun 2005 09:23:52 +0100 [EMAIL PROTECTED] wrote: > On 27 Jun 2005 at 18:07, Mark Smith wrote about > "RE: [exim] Supressing bounce messag": > > |... > | (I wrote:) > | > OK, then how about addressing the problem at its source? You > | > shouldn't be generating bounces to external senders in the > | > first place. Undeliverable mail should be rejected at SMTP time. > | > | We don't generate bounces to external senders, only local senders, and we > | only do that because some MUAs don't cope well with rejections at SMTP time. > > Right. Good. > > | The situation I'm trying to address is the unlikely event that someone on > | our system (a local user or a hacker) starts Joe-Jobbing somebody. We don't > | want to send misdirected bounces to the addresses that are being spoofed. > > But if all the hacker's victim addresses are valid, that's OK? ;) > > Can you prohibit spoofed senders (at least spoofed external senders) > instead? > > - Fred -- http://www.octools.com .O. ..O OOO PGP key: http://www.llorien.org/gnupg/key.pub
pgpRuON4WY0ft.pgp
Description: PGP signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
