Fabián M Sales <fabian.sales@???> (Di 07 Jun 2016 21:03:04 CEST):
> Hello list,
>
> There's something wrong, the mails sent from unauthenticated accounts for
> example from the PHP function. Using the local user for sending NO they are
> not checked by the outgoing spamassassin.
The PHP mail function normally uses '/usr/sbin/sendmail' for sending
(which is a symlink to Exim).
Submitting a message via local Exim invocation is NOT SMTP and thus the
acl_smtp_data rules do not apply.
You may hook the spamassassin rules into acl_not_smtp (but, I'm not
sure, if this ACL allow content scanning, in other words, I'm not sure,
if this ACL sees the complete message. According to how I understand the
docs, it should, but …)
> You can make all outgoing mail is checked by spamassassin?
There is no checking for outgoing messages (except transport filters and
such may be abused).
But every outgoing message was an incoming message in the first place.
> You can make only one existing accounts emails sent on the server? to
> prevent spoofing from.
Read about the local_from_check. But as far as I know, the From: line
is always taken from the submitter. But the envelope From is supplied by
Exim, as the Sender: is, if necessary. You're free to replace the From:
with whatever you want. But think twice.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
