Jason R. Mastaler wrote:
See FAQ 4.10.
Is there a way to configure TMDA to detect if the incoming message originated from the localhost (not a local domain)?
That stuff should also work for localhost:
1 On your localhost MTA, ensure that a spammer cannot pretend to send from the localhost. Then whitelist the localhost.
2 Or just whitelist the sender of the password email, not the whole machine: from [EMAIL PROTECTED] accept
If you don't want to have to change every user's incoming filter file, here's a neat solution I just came up with:
If the password sender program is running as root - Have it su to become the user, then have it generate a sender address for its own envelope and send to that.
Or as part of installing TMDA for a user, generate a sender address for the password sender's envelope and store it somewhere in the account information.
Or if you'd want to send system emails from a variety of source addresses, generate a keyword address which is stored in a safe place and only used by the system to send emails.
-- Jim Ramsay "Me fail English? That's unpossible!"
_____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
