> I see this as a problem because anyone from anywhere can "pretend" to
be
> me, as the from address
> and send to any user at any local domain without being required to
> authenticate with a password
> in thier mail client and the message gets delivered.
[...]
>That is the normal setup for internet hosts (take gmail or yahoo),
>anybody can send send mail to local domains, even if they do not
>fiddle with the from. - How else could yould you expect to receive mail
>from external hosts at all?
>cu andreas
Well I guess there must be something in a language barrier - translation
error,
as the stated behaviour is NOT normal or even acceptable, any open or semi
open relay just should not be.
The original question was not about other servers sending to local users,
the question
is about how to implement smtp authentication as was common in exim3 with 1
simple option
(and it stopped any email client from sending without user-password)
but has been abandoned in exim4, and replaced by several options that must
be implemented
by using the new ACL's.
http://www.exim.org/viewvc/exim/exim-doc/doc-txt/Exim4.upgrade?revision=1.1&view=markup
was posted by Jeroen van Aart as a good starting point, and is the closest
thing I have seen
to a cross reference chart.
Thanks for the help.
