EXPERIMENTAL: Rewrite From: header to match actual sender
This setting rewrites the
From header in emails to show the original identity of the actual sender for messages sent from your server. Email recipients can see the original From header as the
X-From-Rewrite header as well as the rewritten
From header. This setting is useful to determine the actual mail sender.
In order to conduct an attack or send unsolicited email, a malicious user can alter the
From header in an email to confuse the recipient. For example, a user may authenticate as
[email protected] and send a message with the
From header set to
[email protected]. When you enable this setting, Exim rewrites the
From header to show the authenticated sender (
[email protected]).
You can enable this setting to ensure that the
From header for mail sent from their servers always matches one of the following methods:
- The actual sender. — If you authenticate as [email protected], the From header will always display [email protected].
- An email address that has been forwarded to the actual sender. — If [email protected] is an email address on your server and it forwards mail to [email protected], then [email protected] may set the From header to either address.
- An email address to which the sender has access. — If you authenticate as the username user, set the From header to any email account that the username user controls.
You can select the following settings:
- remote — This setting uses SMTP to rewrite the From header in outgoing emails to match the actual sender.
- If a local user sends mail to a user on a remote host, this setting rewrites the From header.
- If a local user receives mail from a user on a remote host, this setting does not rewrite the From header because it is not possible to determine the authenticated sender.
- If a local user sends mail to another local user on the same server, this setting does not rewrite the From header because this is not a remote delivery.
- If a local user receives mail from another local user on the same server, this setting does not rewrite the From header.
- all — This setting rewrites the From header in all outgoing emails to match the actual sender.
- If a local user sends mail to a user on a remote host, the system rewrites the From header.
- If a local user receives mail from a user on a remote host, this setting does not rewrite the From header because it is not possible to determine the authenticated sender.
- If a local user sends mail to another local user on the same server, this setting rewrites the From header because this setting includes local deliveries.
- If a local user receives mail from another local user on the same server, this setting rewrites the From header because the sender already rewrote the From header.
- disable — This setting does not rewrite the From header in any email. This is the default setting.