> On May 3, 2017, at 10:37 AM, Yukthi Systems <[email protected]> wrote:
>
> We are trying to restrict the users from editing their email id when
> sent through their email client, we are already using the sender login
> maps but still the end users sending from email clients are able to edit
> the from header, is there a way to overcome this.
You could try (in the port 587 MSA) implement an access(5) action that
prepends a header:
check_sender_access pcre:${config_directory}/sender_acl.pcre
sender_acl.pcre:
/(.*)/ PREPEND X-Submission-From: $1
With that, and only for the submission service via a custom cleanup(8)
instance (-o cleanup_service_name=...) use header_checks(5) to replace
the From: header:
/^From/ IGNORE
/^X-Submission-(From:.*)/ REPLACE $1
This will not populate the "From:" header with a "display name", it will
have just the sender address, and may not work correctly if the address
requires "quoting", because the input to access(5) is in "unquoted"
form IIRC. This is also not tested, I may have forgotten some essential
detail that makes this impractical.
--
Viktor.
