Another Wednesday, Another Joe-Job

Yesterday, another of our mailboxes got joe-jobbed, just like last week. Again, it was one of our Exim servers (yes, one got done along with a qmail last week). Again, it was an address that should never appear as the SMTP sender. Again, I put something like

        deny
          message = 553 That address is not used for outgoing email so should never get errors - please telephone us if in error
          senders = :
          recipients = !/etc/exim4/permitted-envelopes

into /etc/exim4/local-rcpt.acl, added CHECK_RCPT_LOCAL_ACL_FILE = /etc/exim4/local-rcpt.acl to /etc/exim4/conf.d/main/02_local_options, put all permitted envelope addresses into /etc/exim4/permitted-envelopes, then ran update-exim4.conf and /etc/init.d/exim4 reload and the flood stopped.

So far, it seems to be working like it should. Is there a drawback I haven’t spotted yet, apart from the obvious problem of needing to list all outgoing envelope addresses?

This entry was posted in Education, Training and Information, GNU/Linux, ThePhoneCoop, Web Development and tagged , , , , , , . Bookmark the permalink.

One Response to Another Wednesday, Another Joe-Job

Leave a Reply

Your email address will not be published.