Autore: Heiko Schlittermann Data: To: exim-users Oggetto: Re: [exim] authenticating from address for outgoing email?
Jeff Lasman <blists@???> (Sat Mar 26 18:28:45 2011): > Some (not many) of the users of the exim.conf file I maintain have requested
> that we check to make sure the authenticated user sending email only use a
> From address we have on file for them.
>
> They suggest we only send email if the From address is the same as the domain
> registered to the authenticated sender.
It's completly up to you, to enforce a policy for using your mail
server as relay. The first and most common enforcement is some sort
of authentication (username/password, sending IP address, …)
> I once thought the RFCs said something about that, but I can't find it
> anywhere. I'm probably not googling as well as I should.
I do not know all the RFCs, but I'm quite sure that your googling was
well enough.
I think, the default exim configuration switches into "submission mode"
if the connection is authenticated. This mode forces (per default)
forces the sender address being the same as the authenticated id. It
sets the return path and it sets a Sender:-header if the From:-header
does not match the authenticated id.
(It's up to the authenticator to set the auth_id to something sensible,
and it's up to the "control = submission" ACL statement how to use the
auth_id for generating the return path, and the Sender:-header, if at
all.)