Hi Simon, that is not a problem for me, as, with PHP running under suexec, the envelope from is already ok (php runs as that users, and sendmail is called with the same user, not with www-data, so i don't need to force it).
Thankuyou 2009/7/13 Simon Hobson <[email protected]>: > [email protected] wrote: > >>My PHP is running under Suexec, so that i have a system user for >>each "domain". >> >>So that, if i can, to say, limit max emails per uid, the problem is solved. >> >>That's not a problem explain the situation to my customers. >> >>The sender is not a secure limit for the simple reason that all spam >>attacks i've seen were usind a randomized from. The only secure way to >>limit is the envelope from. > > I'm not sure if it helps at all, but on my server I've got a line > like this in the site (Apache) configs : > > php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f > [email protected] -F 'User Name'" > > So that emails are now sent with a sensible envelope from header - > unlike the old server I'm phasing out where the envelope always came > from www-data. Doesn't stop a user doing something different with it > though. > > -- > Simon Hobson > > Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed > author Gladys Hobson. Novels - poetry - short stories - ideal as > Christmas stocking fillers. Some available as e-books. > _______________________________________________ > Users mailing list > [email protected] > http://lists.policyd.org/mailman/listinfo/users > _______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users
