On 2012-05-31 at 14:59 +0200, Laurent Rahuel wrote:
> I know this has been asked many times but none of my googling requests
> gave a suitable answer.
> I wan't to get rid of Return-Path and Sender rewriting when an email is
> send via an authenticated connexion.
>
> Sending email via my smtp on port 25 without authentication will leave
> return-path and sender as configured in my mail client
> firstname.lastname@???.
> Sending email via the same smtp server on port 465 with an
> authentication will change return-path and sender with
> login@???
>
> I tried many of the possible solutions I found on the Internet but none
> of them worked (submission/retain_sender, submission/domain=,
> submission/domain=domain.com/name=...)
>
> Does anybody have any clue ?
I suspect that your RCPT ACL is doing "accept authenticated = *"
*Before* the submission checks you talk about.
Look at the headers of this mail; I think it does what you want. I'm
using authenticated SMTP over TLS to talk to the mail-server.
*Early* in my RCPT ACL I have:
warn authenticated = *
set acl_m_sign_message = yes
control = submission/sender_retain
The $acl_m_sign_message variable is used to DKIM-sign the message later.
I set it to "no" at the beginning of the ACL.
To limit the Received: header I use:
received_header_text = "Received: \
${if def:authenticated_id {from authenticated user }{\
${if def:sender_rcvhost {from $sender_rcvhost\
${if def:sender_helo_name { (helo=$sender_helo_name)}}\n\t}}}}\
by ${primary_hostname} \
${if def:received_protocol {with $received_protocol}} \
${if def:tls_cipher {($tls_cipher)}}\
\n\tid $message_exim_id"
That's all it takes.
-Phil
