Re: [exim] Exim4, Authentication and Sender, Reurn-Path rew…

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: Laurent Rahuel
CC: exim-users
Subject: Re: [exim] Exim4, Authentication and Sender, Reurn-Path rewriting (exim-4.63-10.el5)
On 2012-05-31 at 14:59 +0200, Laurent Rahuel wrote:
> I know this has been asked many times but none of my googling requests
> gave a suitable answer.
> I wan't to get rid of Return-Path and Sender rewriting when an email is
> send via an authenticated connexion.
>
> Sending email via my smtp on port 25 without authentication will leave
> return-path and sender as configured in my mail client
> firstname.lastname@???.
> Sending email via the same smtp server on port 465 with an
> authentication will change return-path and sender with
> login@???
>
> I tried many of the possible solutions I found on the Internet but none
> of them worked (submission/retain_sender, submission/domain=,
> submission/domain=domain.com/name=...)
>
> Does anybody have any clue ?


I suspect that your RCPT ACL is doing "accept authenticated = *"
*Before* the submission checks you talk about.

Look at the headers of this mail; I think it does what you want. I'm
using authenticated SMTP over TLS to talk to the mail-server.

*Early* in my RCPT ACL I have:

  warn    authenticated = *
          set acl_m_sign_message = yes
          control       = submission/sender_retain


The $acl_m_sign_message variable is used to DKIM-sign the message later.
I set it to "no" at the beginning of the ACL.

To limit the Received: header I use:

received_header_text = "Received: \
        ${if def:authenticated_id {from authenticated user }{\
        ${if def:sender_rcvhost {from $sender_rcvhost\
        ${if def:sender_helo_name { (helo=$sender_helo_name)}}\n\t}}}}\
        by ${primary_hostname} \
        ${if def:received_protocol {with $received_protocol}} \
        ${if def:tls_cipher {($tls_cipher)}}\
        \n\tid $message_exim_id"


That's all it takes.

-Phil