Author: Mike Richardson Date: To: exim-users Subject: Re: [exim] SMTP-Auth,
specific users addicted to specific email adresses
On Thu, Nov 04, 2004 at 04:01:51PM +0100, Mirko Grÿffffe4fen wrote: > hi all,
>
> this whole authentication stuff is running well on my
> system (cram_md5).
> because i´m hosting some domains for different people,
> i need to know how a user can authenticate at exim and
> send mails only by his real email adress.
> so, that also autherized senders can´t fake their
> adresses.
Not quite an answer to your question but we add a couple of extra headers to
the emails which contain the user's real email address, their name and the
IP of the computer they are connecting from (nothing which isn't normally
found in the header and body of a legitmate email.) This is read from an LDAP
server but once you have a user name you can look that info up anywhere.
It doesn't stop people faking their own headers but tracing the true
originator is much, much easier.
Mike
--
Mike Richardson
Messaging and Collaboration
Manchester Computing
Email: mike.richardson@???
*Plain text only please - attachments stripped on arrival*