On Fri, Oct 23, 1998 at 08:36:25AM +0200, Andreas Tille wrote: > On Fri, 23 Oct 1998, Russell Coker wrote: > > > It used /etc/mailname last time I did an strace on it... > But this is only a half of the truth, because /etc/mailname > contains only the hostname and will be prepended by the > username and `@`. It wouldn't help in my case because my > correct E-mail address is a symbolic address in every case > different from the login name. I fix this in my MTA... # host whose IP address is blacklisted in the RBL at maps.vix.com. ###################################################################### # REWRITE CONFIGURATION # ###################################################################### # There are no rewriting specifications in this default configuration file. # This is an example of a useful rewriting rule---it looks up the real # address of all local users in a file # *@icarus2.localnet ${lookup{$1}lsearch{/etc/email-addresses}\ # {$value}fail} bcfrF knghtbrd@icarus2.localnet knghtbrd@debian.org Fh # End of Exim configuration file > Global settings can't work for this purpose, because several > users use several addresses. In this case, you could just add a line as above for each user, or you could use a lookup for users you wanna translate for.. Doesn't require much that way for maintenance and you don't have to restart exim after each change. Sendmail does similar. I'm almost certain even smail can. Qmail however cannot. > And, to the other problems of this topic: I'm really sure > that the user is able to change the "From:" field, because > I'm able to configure this in my .pinerc. No suid things > should be necessary. Nope, you could even write a sgid script to allow a user to set their email address and rehash the thing. Course like any priveleged script it should be written to verify the email address is safe, but it would be trivial in perl (I'm almost certain I could write the script!) Point being that in exim (and sendmail for certain) you can do this and it can be as simple or as complex as you desire it to be depending on how well you trust your users of course. -- Show me the code or get out of my way.
Attachment:
pgp3DpV4VcFB0.pgp
Description: PGP signature