summaryrefslogtreecommitdiff
path: root/doc/doc-txt/NewStuff
diff options
context:
space:
mode:
authorTony Finch <dot@dot.at>2005-05-23 15:44:06 +0000
committerTony Finch <dot@dot.at>2005-05-23 15:44:06 +0000
commit4df1e33e03e9edf6ee6cd328114e5eb102a85c9c (patch)
treeec9896c28e1c8eea9fba007212195be54a7482da /doc/doc-txt/NewStuff
parent29aba4183e116b5ca706e5479db7302cf07eaa7a (diff)
Expand the documentation about the new submission mode behaviour.
Diffstat (limited to 'doc/doc-txt/NewStuff')
-rw-r--r--doc/doc-txt/NewStuff40
1 files changed, 32 insertions, 8 deletions
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index d7bdff1e1..ba1c5afc4 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/NewStuff,v 1.43 2005/05/23 15:28:37 fanf2 Exp $
+$Cambridge: exim/doc/doc-txt/NewStuff,v 1.44 2005/05/23 15:44:06 fanf2 Exp $
New Features in Exim
--------------------
@@ -81,16 +81,40 @@ PH/01 The amount of output produced by the "make" process has been reduced,
command reflection in "make". When you ask for the full output, it is
given in addition to the the short output.
-PH/02 There have been two changes concerned with submission mode:
+TF/02 There have been two changes concerned with submission mode:
+
+ Until now submission mode always left the return path alone, whereas
+ locally-submitted messages from untrusted users have the return path
+ fixed to the user's email address. Submission mode now fixes the return
+ path to the same address as is used to create the Sender: header. If
+ /sender_retain is specified then both the Sender: header and the return
+ path are left alone.
+
+ Note that the changes caused by submission mode take effect after the
+ predata ACL. This means that any sender checks performed before the
+ fix-ups will use the untrusted sender address specified by the user, not
+ the trusted sender address specified by submission mode. Although this
+ might be slightly unexpected, it does mean that you can configure ACL
+ checks to spot that a user is trying to spoof another's address, for
+ example.
+
+ There is also a new /name= option for submission mode which allows you
+ to specify the user's full name to be included in the Sender: header.
+ For example:
+
+ accept authenticated = *
+ control = submission/name=${lookup {$authenticated_id} \
+ lsearch {/etc/exim/namelist} }
+
+ The namelist file contains entries like
+
+ fanf: Tony Finch
- (a) A new option, /name=value, makes it possible to supply a user name
- to be inserted into any created Sender: header line. Typically, this
- would be looked up from $authenticated_id.
+ And the resulting Sender: header looks like
- (b) The envelope sender address is forced to be the same as the
- submission mode sender address.
+ Sender: Tony Finch <fanf@exim.org>
-TF/02 The control = fakereject ACL modifier now has a fakedefer counterpart,
+TF/03 The control = fakereject ACL modifier now has a fakedefer counterpart,
which works in exactly the same way except it causes a fake SMTP 450
response after the message data instead of a fake SMTP 550 response.
You must take care when using fakedefer because it will cause messages