> if you want them to be able to send mail as any user in a domain, then they
> or the process senging the mail has to be in the trusted user or group list.
>
> if you make them trusted users (or set something up to go between the use
> and exim, does the validity checking s[gu]id and passes it onto exim) and
> want to limit them to which domains they can do this as, set up a rewrite
> rule which looks up the user in a file and gets a domain that is valid for
> them to send as, if this doesn't match, rewrite it to go to/from elsewhere.
>
> I don't really know why you'd both, though, faking email is so easy if you
> have a relay to use.
>
> (I have myself as a trusted user and I edit my from line when I send mail
> out if I want it to come from elsewhere).
>
> P.
The system is currently not in place, I am trying to establish the feasability
of this - admittedly an idea which hadn't occured to me was to use a setuid
trusted program between the user and exim. However whilst flexible that
strikes me as being icky - part of the point of using such a wonderful
mailer as exim is to avoid having to do things like that.
Your second idea is a lot better, and to my mind looks a lot more promising,
I think I can either get it to always rewrite the 'from' domain that any
user sends out according to a lookup in a table, or alternatively only allow
from domains for a specific user according to a match from a lookup.
The reason that I am doing it like this, rather than getting them to relay
is that I don't want to allow them complete freedom, I merely wish to allow
these users some flexibility.
Julian
--
*** Exim information can be found at
http://www.exim.org/ ***
