Autor: Dave C. Data: Dla: Philip Hazel CC: exim-users Temat: Re: [Exim] Weird behavious WRT Sender: header
On Thu, 29 Nov 2001, Philip Hazel wrote:
> On Wed, 28 Nov 2001, Dave C. wrote:
>
> > Ok, the source doesnt lie, and it answers this question.
> >
> > if there is a Sender: header present in the incoming messages, it is
> > removed (Its still in the -Mvh output, and I just figured out the "*"
> > before it means it was 'removed'), presumably becuase exim is going to
> > force insert a Sender: headers with the local users login info.
>
> Correct.
>
> > Apparently the code that removes the Sender: header wasn't updated to
> > allow for untrusted_set_sender.
>
> No, the current state is deliberate. The point of untrusted_set_sender
> is to allow untrusted users to set the envelope sender of the message.
> It does not make such users "trusted". Because they are not trusted,
> Exim insists on recording the true sender of the message somewhere,
> namely, in the Sender: header, if From: doesn't match the sender.
>
> Setting no_local_from_check means "don't check that From: matches the
> real sender". That turns off *adding* a Sender:. I'm not at all sure
> this should also include not removing an existing Sender, but perhaps it
> should.
>
> > That doesnt make me happy though. This particular webserver is running
> > suidCGI type scripts, but the local user logins dont corrospond to
> > any valid email addresses. I just want to force a
> >
> > "Sender: <MAILER-DAEMON@???>"
> >
> > on all messages sent through this script..
>
>
> 1. Make the caller of Exim trusted. Then Sender: headers won't be
> stripped.
>
> or
>
> 2. Detect the messages in a system filter, and use "headers remove" and
> "headers add".
>
Well, my solution in this case was to use my patch.
> On Wed, 28 Nov 2001, Dave C. wrote:
>
> > I've attached a very short patch which skips removing the "Sender:"
> > header if untrusted_set_sender is set..
>
> Is there some reason that you can't make the caller trusted?
>
> I think this patch, if added, should be conditional on
> no_local_from_check, not on untrusted_set_sender.
Er.. yeah.. Or maybe it should be dependent on *both*
>
> (In Exim 4, untrusted_set_sender is extended to be a list of possible
> senders which can be set ["*" means "anything"], incidentally.)
BTW, did you catch that there is no canonical documentation for
'no_local_from_check' in the spec? Its only referred to from the
explanations for other options (two of them, specifically) - if you are
collecting bugs & errata for a 3.34 release.