Re: [exim] Preventing Authenticated Users From Sending As Ot…

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMLena at <-
MM 
Delete this message
Reply to this message
Author: Peter Bowyer
Date:  
To: exim users
Subject: Re: [exim] Preventing Authenticated Users From Sending As Other Accounts
2009/10/22 <Lena@???>:
>> From: Brad Melanson
>
>> local authenticated users are able to send email as any address they wish,
>> including other local users. This poses a security concern for my clients
>> and was hoping to plug this hole.
>
> Which exactly security concern?

Pretty obviously - an authenticated user spoofing another (possibly
authenticated) user's email. The OP has been offered a simple ACL fix
for this earlier in the thread.

--
Peter Bowyer
Email: peter@???
Follow me on Twitter: twitter.com/peeebeee

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] [exim-dev] Mail Server Tutorial[exim] Unusual Behavior->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)