Hi everbody.
On a shared web hosting server with exim4 as mail server I would like to
prevent php applications from sending mail without authentication via
SMTP on localhost.
This is a piece of war against bugged php script suffering code-injection.
So, because I run suPHP, each web application is run as the user
belonging the application and the I had to block mail submission from
every local system user.
In Postfix I acheived this result adding the rule
"authorized_submit_users = root, !static:all"
What I did with Postfix was to deny any chance to send mail via local
submission of any system user, except to the ones I trust in (root).
Within Exim I tried using "trusted_users = root" in main configuration,
but the effect is not what I need as I read in chapter 14
(
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-main_configuration.html)
and in chapter 5.2 of Exim documentation.
Can anyone point me in the right direction to achieve the same with exim4?
Many thanks
g
