Sorry for those of you not interested in exim, but I thought it useful
to have this stuff in the archives....
At Mon, 8 Sep 2003 19:58:09 +0000 (UTC),
Patrick Starrenburg <[EMAIL PROTECTED]> wrote:
>
> On Sun, 07 Sep 2003 23:25:26 GMT, [EMAIL PROTECTED] wrote:
>
> This is one way to achieve this, you can also do special handling via
> tmda's good management features such as black/white lists as well as
> incoming and outgoing control files. For example fragment of my incoming
> file...
That's a good point, and simpler to set up, but I like the fact that
exim filters have access to the envelope, since it catches bcc's and
so on.
>
> > 2) I'm not sure I completely understand the security implications of
> > your setup, especially in conjunction with untrusted_set_sender=true.
>
> The authentication is by virtue of them being a user
> with valid logon. If you have a look at untrusted_set_sender in section 13
> of the Exim spec doc you can find more detail.
>
I was worried about the following situation:
Bob and Alice are tmda users on the same server. User bob connects to
exim, is allowed to set sender to alice. Bob then sends mail using
the outgoing_tmda router (as alice), which e.g. happily appends things
to Alice's whitelists.
I think that this is fixed by changing
user = $sender_address_local_part
to
user = $sender_ident
in outgoing_tmda_pipe. $sender_ident is apparently unaffected by
changing the envelope sender.
If you agree, perhaps the FAQ could be updated.
> Re: my setup you mention have you taken from a previous posting or from
> FAQ's I wrote [...]
I took it from the FAQ.
_____________________________________________
tmda-users mailing list ([EMAIL PROTECTED])
http://tmda.net/lists/listinfo/tmda-users
