I wonder if I could pick people's brains regarding
running exim on webservers. A quick flick through
the mailing list archive didn't turn up much
discussion on this topic.
Our situtuation is that we have about a 50/50 split
between SuEXEC'd and non-SuEXEC'd users, and the
shared webservers are currently running Sendmail. Users'
scripts that don't run under SuEXEC run as www.
Obviously, CGI scripts run awry - or customers are
just selfish in what they expect the webserver to
do, so we are looking for a way to curtail this
kind of behaviour.
In terms of preventative measures I was thinking
of things along the lines of:
- For one local calling of exim, limit recipients
in To:, Cc:, Bcc: headers to X
This can be achieved with max_recipients but causes
Exim to send out an error:
"A message that you sent contained more recipients than allowed on this
system. It was not delivered to any recipients."
Is there a way to prevent Exim sending this error,
since the caller doesn't have a local Mailbox? This would
I expect not cause the loading problem to be as reduced
as I would have wanted. Looking at the code, it doesn't seem
like this is configurable, although I'd like to be
proven wrong!
I have two thoughts on how to prevent customers
sending mail locally if they are making unreasonable
use of resources:
1) if they are SuEXEC'd - disable their username
from calling exim,
2) if they aren't - block on the sender address
that they are using in the From: header.
However, I can't see any options to achieve these
last two..? sender_reject would seem to be the
one for 2), but doesn't apply to anything but SMTP
input, since it looks at MAIL FROM:.
Anyones success stories etc. on running exim on
webservers would also be appreciated.
Cheers,
Ollie
--
Oliver Cook Systems Administrator, ClaraNET
ollie@??? 020 7903 3065
