[Exim] Exim on webservers

Top Page
Delete this message
Reply to this message
Author: Ollie Cook
Date:  
To: exim-users
Subject: [Exim] Exim on webservers
I wonder if I could pick people's brains regarding
running exim on webservers. A quick flick through
the mailing list archive didn't turn up much
discussion on this topic.

Our situtuation is that we have about a 50/50 split
between SuEXEC'd and non-SuEXEC'd users, and the
shared webservers are currently running Sendmail. Users'
scripts that don't run under SuEXEC run as www.

Obviously, CGI scripts run awry - or customers are
just selfish in what they expect the webserver to
do, so we are looking for a way to curtail this
kind of behaviour.

In terms of preventative measures I was thinking
of things along the lines of:

  -  For one local calling of exim, limit recipients
     in To:, Cc:, Bcc: headers to X


This can be achieved with max_recipients but causes
Exim to send out an error:

   "A message that you sent contained more recipients than allowed on this
    system. It was not delivered to any recipients."


Is there a way to prevent Exim sending this error,
since the caller doesn't have a local Mailbox? This would
I expect not cause the loading problem to be as reduced
as I would have wanted. Looking at the code, it doesn't seem
like this is configurable, although I'd like to be
proven wrong!

I have two thoughts on how to prevent customers
sending mail locally if they are making unreasonable
use of resources:

  1) if they are SuEXEC'd - disable their username
     from calling exim,
  2) if they aren't - block on the sender address
     that they are using in the From: header.


However, I can't see any options to achieve these
last two..? sender_reject would seem to be the
one for 2), but doesn't apply to anything but SMTP
input, since it looks at MAIL FROM:.

Anyones success stories etc. on running exim on
webservers would also be appreciated.

Cheers,

Ollie
-- 
Oliver Cook    Systems Administrator, ClaraNET
ollie@???               020 7903 3065