Re: [Exim] header_sender issue

Top Page
Delete this message
Reply to this message
Author: Edgar Lovecraft
Date:  
To: exim-users
Subject: Re: [Exim] header_sender issue
Joshua Alexander wrote:
>
> I was having trouble with my Exim not letting me send mail from some
> accounts (but not others, no idea why) and the reject log said "there is
> no valid sender in any header line", so I commented out the following
> line from exim.conf:
>
> require verify = header_sender
>
> Since I'm not sure exactly what this does, and it's probably
> important, I'm trying to find out what it does... not having much luck.
>
> Am I committing the 8th deadly sin by turning it off? How can I leave it
> on and still send mail from those troublesome accounts?
>

--
No you are not, you just have to be carefull about using either of the
header checks below (verify=header_sender and verify=header_syntax) as
poorly formated email mesages will get 'blocked'. There are serveral
broken clients that do not follow RFC's on a message header format
(possibly alot more than several), the most notable of wihich are the very
common MS Outlook express and MS Outlook.
As a good example use OE and send a message with no address in the TO:
field and put them all in the BCC: or CC: fields, they will not pass the
header_syntax checks, the same can be done by sending a message with an
improper/malformed From:/Reply-To:/Sender: headers.
Look at the documentation snippits below and see if you have any other
questions.

--EAL--

from the manual:
http://www.exim.org/exim-html-4.30/doc/html/spec_38.html#SECT38.12

verify = header_sender/<options>

This condition is relevant only in an ACL that is run after a message has
been received, that is, in an ACL specified by acl_smtp_data. It checks
that there is a verifiable sender address in at least one of the Sender:,
Reply-To:, or From: header lines. Details of address verification and the
options are given in the next section. You can combine this condition with
the senders condition to restrict it to bounce messages only:

  deny    senders = :
          message = A valid sender header is required for bounces
         !verify  = header_sender



--------------------------------------------------------------------------

verify = header_syntax

This condition is relevant only in an ACL that is run after a message has
been received, that is, in an ACL specified by acl_smtp_data or
acl_not_smtp. It checks the syntax of all header lines that can contain
lists of addresses (Sender:, From:, Reply-To:, To:, Cc:, and Bcc:).
Unqualified addresses (local parts without domains) are permitted only in
locally generated messages and from hosts that match
sender_unqualified_hosts or recipient_unqualified_hosts, as appropriate.

Note that this condition is a syntax check only. However, a common spamming
ploy is to send syntactically invalid headers such as

To: @

and this condition can be used to reject such messages.