I'm sorry but that doesn't really answer my question although I admit I
already ran into that problem, did notice that solution, didn't really like
it since you still have to allow spoofing and chose this one instead.
http://datadisk.co.uk/html_docs/exim/address_header.htm#rewriting
On Thu, Nov 29, 2012 at 11:32 PM, Phil Pennock <exim-users@???>wrote:
> On 2012-11-29 at 11:20 +0100, Han Boetes wrote:
> > We have a webserver running suphp. Very nice since it's no longer apache
> > sending emails but the actual user and now we really can block spamming.
> > All outgoing mail -- even local mail -- is sent through a an antispam
> > server and then delivered where it should.
>
> Last time I had PHP enabled (some years ago), I did something similar to
> what I helped set up at the ISP I used to work at. Except I was using
> mod_macro in Apache instead of script-generated Apache configs, as the
> ISP used.
>
> For running with suphp, that means in Apache:
> SetEnv PHPRC /www/sites/%dirname/etc
>
> Once you have that, in the per-site php.ini you can set:
> mail.force_extra_parameters = -fwebmaster@???
>
> This lets you use local Sendmail-style submission, instead of SMTP, so
> in combination with a dedicated uid, means that you can identify the
> user. You can then use $originator_uid in the client authenticator for
> the outbound mail.
>
> This will let you use the real UID for authenticating the bounce
> messages per-site. If you're happy with just one account for all bounce
> messages, then Mike's approach is simpler with fewer changes.
>
> Using "mail.add_x_header = On" in php.ini is also advisable.
>
> -Phil
>
--
# Han
