Re: [exim] Better way to write this condition?

Top Page
Delete this message
Reply to this message
Author: Troy Engel
Date:  
To: exim-users
Subject: Re: [exim] Better way to write this condition?
Ian Eiloart wrote:
>
> You need to implement Message Submission Agent. Require users of
> fluid.com to use your mail servers. Require them to authenticate when
> sending email - with encryption of course. Provide port 587 for them, so
> that their ISPs don't intercept their email when sending from home.


As far as the fluid.com, that's all taken care of -- we do use
authentication, TLS/SSL, etc. All is well on that front.

What I have additionally is email coming from users sending from their
personal domains that are allowed; think 'frank@???' owns
'frank@???'; Frank is allowed (by my domains.trusted) to
send an email from his domain to a protected alias - say 'staff@???'.

So, what I want to maybe tighten down securely is somehow checking that
a spammer (sic) doesn't try to fake 'From: frank@???' using
$sender_host_address (or whatever); you know, use some sort of secondary
checking mechanism to ensure it really *is* Frank sending that email...

-te

--
Troy Engel | Systems Engineer
Fluid, Inc | http://www.fluid.com