Re: [exim] Verify sender ignored

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Ian Eiloart
Date:  
À: mailing@securitylabs.it
CC: exim users
Sujet: Re: [exim] Verify sender ignored

On 7 Jul 2011, at 19:32, mailing@??? wrote:

> Hello, I'm trying to verify the sender of my messages so that my users (authenticated) can't send with FROM something like user@???, but with the real and public email address. But actually every senders is accepted. This is my ACL, I suppose that deny !verify = sender/callout (or without callout) will do the job, but it's not, every sender is accepted:


Are you referring to "MAIL FROM" in the envelope, or to the "From:" header? I don't see any ACL there that looks at message headers explicitly - though they're often set to identical values by the MTA.

The best way to manage domain expression in message headers is with rewrite rules, not ACLs. Better to fix the header if you know what it should be, than to bounce a message to a user who may not know.

If you're referring to the envelope, then your controls depend on the value of +local_domains, and you haven't said what that is.

--
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148