Re: [exim] Apache <=> Exim

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Dave Evans
Datum:  
To: exim-users
Betreff: Re: [exim] Apache <=> Exim
On Thu, Jul 31, 2008 at 05:07:18PM -0700, Phil Pennock wrote:
> On 2008-07-31 at 15:00 +0100, Mike Cardwell wrote:
> > Shove this (untested) in your data acl:
>
> The DATA ACLs are for when there is a DATA command, which implies SMTP.
> PHP on Unix uses the sendmail command interface, which is why I
> suggested $caller_uid in the acl_not_smtp ACL. Using $sender_ident and
> a data ACL will help for the SMTP case though, yes. And protecting both
> is helpful.


On the web hosting I used to run (as mentioned in the thread referenced
earlier, "Feature req: env var logging"), I only allowed the sendmail
interface, not SMTP, for exactly that reason: so that Exim could reliably know
what local user was sending the mail, and read their CGI environment variables
(to track abuse).

--
Dave Evans
http://djce.org.uk/
http://djce.org.uk/pgpkey