Rewriting email headers in exim

by Juliet Kemp

Recently the people running our centralised email server decided to increase its security. Among other things, this meant that if the From: header of an email didn't match a registered user, it would be bounced back. I have a couple of pieces of software (RT and Hobbit, notably), that run as a particular userid and send mail as that ID, so since those weren't "real" users, the mails started bouncing.

I have found two ways of dealing with this, using exim4:

  1. More complicated. Use sendmail -f realuser@example.com as the mail command within the program (this works for RT but not for Hobbit). The -f flag rewrites the envelope-from — you will also need to put the line
    dc_untrusted_set_sender='true'
    in /etc/exim4/update-exim4.conf.conf, run update-exim4.conf, and restart exim. This allows any user to rewrite the envelope-from. This does have security implications if you mistrust your users (in this particular instance, these are servers without user access so I'm not too worried).
  2. Rather easier. Edit /etc/email-addresses to include a line:
    problemuid: realuser@example.com
    You don't need the dc_untrusted_set_server line. You probably don't even need to restart exim. (I did because I'm like that.)

I worked out the more complicated one first, obviously. Oh well.