Re: [exim] Verify sender ignored

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMmailing@securitylabs.it at <-
MBen Allen at ->
Delete this message
Reply to this message
Author: Ian Eiloart
Date:  
To: mailing@securitylabs.it
CC: exim users
Subject: Re: [exim] Verify sender ignored

On 7 Jul 2011, at 19:32, mailing@??? wrote:

> Hello, I'm trying to verify the sender of my messages so that my users (authenticated) can't send with FROM something like user@???, but with the real and public email address. But actually every senders is accepted. This is my ACL, I suppose that deny !verify = sender/callout (or without callout) will do the job, but it's not, every sender is accepted:

Are you referring to "MAIL FROM" in the envelope, or to the "From:" header? I don't see any ACL there that looks at message headers explicitly - though they're often set to identical values by the MTA.

The best way to manage domain expression in message headers is with rewrite rules, not ACLs. Better to fix the header if you know what it should be, than to bounce a message to a user who may not know.

If you're referring to the envelope, then your controls depend on the value of +local_domains, and you haven't said what that is.

--
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Gmail's new 'suspicious sender' flagRe: [exim] Verify sender ignored->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)