By default, exim allows any user to send out an email with any "From:" address they wish, which can lead to users spoofing each other. How do I restrict which addresses each system user can send from? For example the user james
should be able to send from james@localhost, but also me@my-domain.com and james@other-domain.com.
I want all system users to be able to send email from their SYSTEM_USER@HOSTNAME, but if they attempt to send from another address I want to look up that address in a text file to see if it is allowed.
I currently have a list, but it is for what addresses a system user will receive from. But it could still work. Given the example me@my-domain.com
the data is stored in the file /etc/exim4/virtual/my-domain.com
where the content looks like:
me : james@localhost
If we could reuse the existing files that would be great. But any suggestions would be helpful. Thank you in advance.
Best Answer
Exim4 already does some standard checks on the envelope sender,
From:
andSender:
of the locally submitted messages (cf. trusted users). Since you want to extend this validation you should:For messages submitted through
sendmail
(i.e.exim4 -bm
), add to the main configuration section:For messages submitted through
SMTP
you need to add thecontrol = submission/sender_retain
modifier. E.g. Debian has in theMAIL
acl a rule:To configure your check you need to add a couple of
ACL
rules at different stages of mail processing. Since these rules need to be applied to different ways of message submission you can create a new namedACL
(I assume that all your/etc/exim4/virtual/<domain>
files returnusername@localhost
as value):For the syntax of string expansion (quite full of braces), check chapter 11 of Exim's documentation. You can use
exim4 -bem <message> <expansion_string>
to test them (the envelope sender is passed in the message like the mbox format).You can apply it to different situations:
For messages submitted through
exim4 -bm
, add to theacl_not_smtp
ACL the following rule:For messages submitted by authenticated users through
SMTP
add to theacl_smtp_data
ACL something like:Some programs submit messages using a non-authenticated
SMTP
connection tolocalhost
(orexim -bs
). For them you can add to theacl_smtp_data
ACL:and install some identd on the server.