[SA-exim] Klezmail with forged envelope

[Rick Moen]

This is rather amusing:  I'm getting chastised by my own MTA, based on a
Danish MTA trying to send it Klezmail with a forged Return-path.  Is
there something I can easily tweak in SA-Exim to prevent this effect?

----- Forwarded message from Mail Delivery System <Mailer-Daemon at linuxmafia.com> -----

Return-path: <>
Envelope-to: rick at linuxmafia.com
Delivery-date: Thu, 01 Apr 2004 23:00:51 -0800
Received: from Debian-exim by linuxmafia.com with local (Exim 4.30 #1)
	id 1B9Ifb-0007lK-GI
	for <rick at linuxmafia.com>; Thu, 01 Apr 2004 23:00:51 -0800
X-Failed-Recipients: rick at linuxmafia.com
Auto-Submitted: auto-generated
From: Mail Delivery System <Mailer-Daemon at linuxmafia.com>
To: rick at linuxmafia.com
Subject: Mail delivery failed: returning message to sender
Message-Id: <E1B9Ifb-0007lK-GI at linuxmafia.com>
Date: Thu, 01 Apr 2004 23:00:51 -0800
X-SA-Exim-Mail-From: 
X-SA-Exim-Scanned: No; SAEximRunCond expanded to false
Lines: 295

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  rick at linuxmafia.com
    This message has been rejected because your message
    looks like you are infected by the Klez Virus and you
    are spamming us and wasting our resources as a result
    and your system is spamming us because you are infected.
    If you have to use windows, you should at least not
    use outlook.
    It is inherently insecure;
    you are generating lots of wasted bandwidth, as well as
    support headackes by using it, and you are jeopardizing
    Please seriously consider using another mail client
    
    In the event you were discussing virus signatures, please
    escape them so as not to trip this filter

------ This is a copy of the message, including all the headers. ------
------ The body of the message is 41391 characters long; only the first
------ 16384 or so are included here.

Return-path: <rick at linuxmafia.com>
Received: from d40a7d3e.rev.stofanet.dk ([212.10.125.62]:1775 helo=linuxmafia.com)
	by linuxmafia.com with esmtp (Exim 4.30 #1)
	id 1B9IfT-0007l1-Lv
	for <rick at linuxmafia.com>; Thu, 01 Apr 2004 23:00:44 -0800
From: rick at linuxmafia.com
To: rick at linuxmafia.com
Date: Fri, 2 Apr 2004 08:59:57 +0200
MIME-Version: 1.0
X-Priority: 3
X-MSMail-Priority: Normal
X-SA-Exim-Mail-From: rick at linuxmafia.com
Subject: Mail Delivery (failure rick at linuxmafia.com)
Content-Type: multipart/related;
	type="multipart/alternative";
	boundary="----=_NextPart_000_001B_01C0CA80.6B015D10"
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on 
	uncle-enzo.linuxmafia.com
X-Spam-Level: ****
X-Spam-Status: No, hits=4.6 required=5.0 tests=AWL,BAYES_44,HTML_MESSAGE,
	HTML_RELAYING_FRAME,MICROSOFT_EXECUTABLE,MIME_SUSPECT_NAME,
	MISSING_MIMEOLE,NO_REAL_NAME,PRIORITY_NO_NAME autolearn=no 
	version=2.63
X-SA-Exim-Version: 3.1 (built Wed Aug 20 09:38:54 PDT 2003)
X-SA-Exim-Scanned: Yes

[Klez contents snipped more thoroughly than last time, so that Marc's
MTA doesn't reject my posting again.]

----- End forwarded message -----