> If it has come from outside your machine, no, unless you use encryption.
> You can check the IP address of the calling host; you can check the ident
> information that that host sent you, but every byte in the message
> itself can be forged.
>
The "helo_verify_nets" option will check the IP address but it doesn't fail
(i.e. disallow the connection) if someone is forging their address - I gather
that the RFC(s) state that any argument to the HELO/EHLO must be accepted.
Other than that I don't know how to ensure that "postmaster@???"
is "postmaster@???" if you get my meaning :-) Even then though I
don't think I can really verify the postmaster bit. Or am I misunderstanding
your reply?
I appreciate that we are pushing exim a bit with the mailing list stuff, but
I'd still rather avoid an MLM if possible. I'll keep it in mind though.
Piete Brooks' idea of freezing the message and then verifying it manually is
possible since the system-wide messages are only sent occassionally, and the
lists are obviously very enticing to abuse by users! Thanks.
John.
***************************************************************************
John Horne, E-mail: J.Horne@???
Computing Service, Phone : +44 (0) 1752 233911
University of Plymouth, UK. Fax : +44 (0) 1752 233919
--
* This is sent by the exim-users mailing list. To unsubscribe send a
mail with subject "unsubscribe" to exim-users-request@???
* Exim information can be found at http://www.exim.org/
