On Fri, 10 Jun 2005, Ralf Hauser wrote:
> If there is no link userName/fromAddress-tls_peerDN and no authenticator
> checking for that, how do avoid the following scenario:
>
> <<An exim installation has in its tls_try_verify_hosts both acm.org and
> cus.cam.ac.uk with the corresponding certificates in place.
>
> If it works as you suggest, how can it be prevented that I authenticate
> based on my acm.org certificate but identify myself and send mail in the
> name of a user of the domain cus.cam.ac.uk?>>
If a sender has been authenticated (either with a TLS CERT or with SMTP
AUTH) and you know they can only legitimately use one email address, you
can add an ACL clause like the following (which is for the SMTP AUTH case)
deny
message = Sender address does not match authenticated user
authenticated = *
senders = ! $authenticated_id@$primary_domain
Tony.
--
<fanf@???> <dot@???>
http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}