gerrit wrote:
Hi everyone.
In my main.cf i got this line :
authorized_submit_users = !apache, static:anyone
The above prevents the apache USER from using the sendmail
command. This has nothing to do with the envelope sender
address or From: header.
Specifically, this prevents the apache USER from using the
sendmail command, regardless of the envelope sender or headers
the apache USER might specify.
It does NOT prevent other users from specifying [EMAIL PROTECTED]
as the sender.
It does NOT prevent the apache user from submitting mail via SMTP.
This line restrict apache from sending mail via the sendmail way. Since
most users use the mail() statement in php, which uses sendmail to sent
mails, its the preffered way.
My goal is, to restrict those people on the server, who haven't set a
proper From: header.
If no From: header exists, it is automatically set to the
envelope sender address. Postfix does not report the absence
of a From: header.
You can reject selected From: HEADERS by using an appropriate
header_checks rule. You cannot reject mail that is missing
the From: header.
You can reject selected envelope senders in SMTP mail by using
an appropriate check_sender_access map.
--
Noel Jones
