Hi,
soumya tr <soumya.324@???> (Mo 17 Feb 2014 18:32:08 CET):
> Hi,
>
> I am in the process of adding some condtions to prevent from address
> spoofing. But now I am confused on weather to use $h_from or
> $sender_address .
>
> Which one should I use? Please help
The $sender_address is the envelope sender. $h_from gets its value from
the "From:" header.
Both may be forged.
The "From:" is even more forged mostly. (As many MTA take care about
checking the envelope sender in some way, but don't care about the
message headers.)
The $sender_address is guaranteed to contain a valid address (or is
empty, if the envelope sender was empty (bounce), since Exim extracts
this from the SMTP MAIL FROM command.
The $h_from contains that what the sender put into the "From:" header,
this can be literally anything. Except you do not use "verify = header",
Exim does not take care about the (syntactical) correctness of this
header.
To make it more complicated, the "From:" header may contain multiple
addresses, thus checking is more difficult, but possible.
And, if you receive your own message via a mailing list (like this
exim-users), it contains your own address in the "From:" header. But the
envelope sender (sender_address) is set to something like
"<exim-users-bounces+…@exim.org>". It's this should be far away from
spoofing.
Now it's up to you :)
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: 7CBF764A -
gnupg fingerprint: 9288 F17D BBF9 9625 5ABC 285C 26A9 687E 7CBF 764A -
(gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B)-
