On 14 Dec 2005, at 20:02, Marc Sherman wrote:
I wonder if "verify = sender=$authenticated_id" could be used in the
AUTH ACL to catch that condition before the MUA tries to submit any
mail?
mmm, I think you are in need of coffee... ah, but this can be fixed,
you could check that the authenticated user has got at least one
(uniquely) associated address, then you can accept the AUTH, if not
you reject at AUTH*. In the first case you then bounce if the sender
address does not correspond to the authenticated_id.
But this is a nightmare.
If all that has got localuser1 or localuser2 in the RHS is:
[EMAIL PROTECTED] ---> localuser1, localuser2
[EMAIL PROTECTED] ----> localuser1
in this case localuser1 has got a uniquely associated address (foo),
while localuser2 has got none (you shouldn't notify localuser1 of
errors of localuser2).
As I said this is difficult to implement, as any addition to the
alias (file or database) could break things, unless...
...of course! you ignore alias lookups for these bounces, and deliver
them directly to the localuser via the local user router! You can for
instance set their envelope sender to some fixed value (perhaps
something that goes to the help desk if replied to) and use that as
switch to avoid aliasing.
Giuliano
* rejecting at AUTH might not be a good idea anyway, as some MUA will
simply try to deliver without AUTH, and this is (almost) bound to
succeed if the destination is also in a local domain.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
