Re: [Exim] Adding Sender:

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Marc Haber
CC: exim-users
Subject: Re: [Exim] Adding Sender:
On Fri, 10 Dec 1999, Marc Haber wrote:

> When I use my normal setup, the MUA delivers the messages to the MTA
> via SMTP. This works flawlessly. However, when I use a UNIX MUA like
> mutt that way (which presumably delivers messages directly by calling
> exim or /bin/mail), a Sender: header is added which in turn causes
> some mailing list managers (this happened in fact on this mailing
> liste ;-) ) to reject my message because they honor Sender: instead of
> From: for sender verification.


Exim does this as a security measure, and also in accordance with RFC
822:

     4.4.2.  SENDER / RESENT-SENDER


        This field contains the authenticated identity  of  the  AGENT
        (person,  system  or  process)  that sends the message.  It is
        intended for use when the sender is not the author of the mes-
        sage,  or  to  indicate  who among a group of authors actually
        sent the message.  If the contents of the "Sender" field would
        be  completely  redundant  with  the  "From"  field,  then the
        "Sender" field need not be present and its use is  discouraged
        (though  still legal).  In particular, the "Sender" field MUST
        be present if it is NOT the same as the "From" Field.


The only authenticated identity Exim has is the login id of the process
that called it.

It is true that these days, when anybody can connect a personal computer
to the net and inject any old mail they like, Sender is not as important
as it used to be. Nevertheless, on shared systems it is of use for
tracking who among thousands of users sent that abusive message. I
suppose that now Exim is also used on non-shared systems, I should
provide an option for not adding Sender.


-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.