--On 24 September 2009 08:01:24 +0200 janek <[email protected]> wrote:
> Some more info how to do it please - I'm really not good at configuring > exim. > > Reason for rewriting From: header inside email with MAIL FROM: is anti > mail sender spoof. MAIL FROM: gets verified in smtp session, from: header > does not. Gmail does such rewriting. Other servers do not and you can > send email using their service while signing as any sender. I realize > that such rewrite is not with accordance with rfc-s but many things can't > be those time when fighting abusers. This is something that you can (and perhaps should, depending on your circumstances) do when the email is a submission email (that it, you know that the sender address is not spoofed). We do that for local and authenticated submissions, but allow individuals to opt out. There's no point doing it for untrusted email (arriving from another site). You have no more reason to trust the sender address than the "From:" header. If you do think there's a problem with the "From:" header, then rejecting the mail may be the best thing to do. Implementation details: use headers_remove and headers_add, but only after you've determined that the message really is from a local user. -- Ian Eiloart IT Services, University of Sussex 01273-873148 x3148 For new support requests, see http://www.sussex.ac.uk/its/help/ -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
