Re: [Exim] tmda question

Top Page
Delete this message
Reply to this message
Author: Jason R. Mastaler
Date:  
To: exim-users
Subject: Re: [Exim] tmda question
Oliver von Bueren <maillist@???> writes:

> As you've written, it needs this to have the envelope-from address
> changed from the user's normal origin address.


Right. To clarify, when I send a message to this list for example,
TMDA "tags" the message by changing the address in my "From:" header
to <jason-list-exim-users@???>, and also sets the envelope
sender address to the same using `sendmail -f'.

If the user cannot use `-f', only the From: header address can be
modified. This isn't the end of the world, but ideally the envelope
sender should match so that bounces come back to the right place.

> This opens up the possibility for all local users which can use TMDA
> to tag outgoing messages (and therefor must be trusted exim users)
> to also fake the origin to whatever they like, and I think this is a
> real security concern for systems with shell users, esp. if it's not
> in a controlled area. I would not like that idea on a
> school/college/university/.. system.


Exim seems to allow fine-grained control over who is a "trusted user"
and who isn't. I don't see the problem with allowing only select
users this privilege. If becoming a "trusted user" opens up more than
just the ability to use `-f', then perhaps this should be changed in
Exim (i.e, make a `envelope_sender_users' setting or something that
just allows access to this option but nothing else).

Anyway, I personally don't feel the ability to set the envelope sender
address is a security concern as one can always trace the message back
to the true originator through the mail headers, logs, etc. Sendmail,
qmail and Postfix have no such restrictions on the use of the `-f'
option, so my I'm not alone in this belief.

> I've read through your pages and in generally, it's a very
> interesting tool, but I can't figure all the details how it really
> works so I'm a bit lost in how I could implement it on my system.


The introduction at http://software.libertine.org/tmda/ explains how
things work in general, and the "try sending me a test message" link
should give you a better idea.

As far as implementation, I'd suggest starting at
http://software.libertine.org/tmda/config.html reading through each
section, and then asking specific questions on the tmda-users mailing
list. And actually, the rest of your questions probably belong there
as well since they aren't Exim specific.