Documentation Home> AllDocumentation/WHMDocs>WHMHomeScreen>ServiceConfig>EximConfig>EximBasicEditorEditAttach

Mail

For WHM version 11.38

(Home >> Service Configuration >> Exim Configuration Manager >> Basic Editor >> Mail)

Overview

These options allow you to configure specific incoming mail options.

To select mail options:

  1. Click the Mail tab.
  2. Click the appropriate button for each option.
  3. Click Save.

Log sender rates in the exim mainlog

This option allows you to log sender rates in the Exim mail log.

Sender Verification Callouts

This option allows Exim to connect to the mail exchanger for a given address and verify that it exists before accepting messages from it.

Smarthost support

This option allows you to use a Smarthost for outgoing messages.

To configure this option, enter a valid route_list in the Smarthost support text box. For example, to configure a smarthost which uses one IP address, enter an asterisk (*) followed by an IP address. This will resemble the following: * 192.188.0.20

To configure a Smarthost which uses multiple domains, enter an asterisk, followed by the IP addresses. You should separate each IP address with a colon. This will resemble the following: 

* 192.188.0.20 : 192.188.0.21: 192.188.0.22

PICK Important Do not forget to precede hostnames or IP addresses with an asterisk.

For more information about route_lists, read the Exim route_list documentation.

EXPERIMENTAL: Rewrite From: header to match actual sender

This option rewrites the From header in emails to show the original identity of the actual sender for messages sent from your server. Email recipients can see the original From header as X-From-Rewrite along with the rewritten From header. This option is useful to determine the actual mail sender. The following example shows the From and X-From-Rewrite response: 

From: realsender@happy.cpanel.net
X-From-Rewrite: rewritten was: [liar@happy.cpanel.net], actual sender is not the same system user

note Note: This option does not affect mail received from a remote host. The From header is only rewritten for mail that is sent from the local machine because it is not possible to determine or validate the actual mail sender from remote machines.

Through WHM, system administrators have 3 options:

Option Description Conditions
remote This option rewrites the From header in outgoing emails via SMTP to match the actual sender.
  • If a local user sends mail to a user on a remote host, the From header will rewrite.

  • If a local user receives mail from a user on a remote host, the From header will not rewrite because it's impossible to determine the authenticated sender.

  • If a local user sends mail to another local user on the same server, the From header will not rewrite because this is not a remote delivery.

  • If a local user receives mail from another local user on the same server, the From header will not rewrite.
    		•
    all This option rewrites the From header in all outgoing emails to match the actual sender.
  • If a local user sends mail to a user on a remote host, the From header will rewrite.

  • If a local user receives mail from a user on a remote host, the From header will not rewrite because it's impossible to determine the authenticated sender.

  • If a local user sends mail to another local user on the same server the From header will rewrite because even local deliveries are considered "all."

  • If a local user receives mail from another local user on the same server, the From header will rewrite. This header will rewrite because the sender would have already rewritten the From header.
    		•
    disable This option will not rewrite the From header in any email.
    By default, this option is selected.     		Not applicable.

    In order to conduct an attack or send unsolicited email, a malicious user can alter the From field in an email to confuse the recipient. For example, a user may be authenticated as john@example.com and send a message with the From header set to jane@forged.example.com. When this option is enabled, the From header will be rewritten to show the actual sender, which in this case is john@example.com.

    To avoid a potential problem, a system administrator can enable this option to ensure that the From header for mail sent from their server always matches one of the following:

    Method Example
    The actual sender If you are authenticated as john@example.com, then john@example.com will always be in the From header
    An email address that sender has access to If you are authenticated as the user john, you may set the From header to any email account controlled by the user john.
    An email address that has been forwarded to the actual sender For example, if john@happydomain.org is on your server and it was forwarded to john@baddomain.org, then john@baddomain.org may set the From header to either address.

    Send generic recipient failure messages

    This option allows you to send the following message to senders who attempt to send an undeliverable message: "The recipient cannot be verified. Please check all recipients of this message to verify they are valid."

    Allow mail delivery if malware scanner fails

    This option allows you to disable the malware scanner if it fails. If you select On (the default setting), then in the event of a malware scanner failure, all mail will be delivered as normal.

    note Note: If you select Off and the malware scanner fails, users will not receive new messages until the scanner is repaired.

    Reject mail for users over quota

    This option allows you to reject SMTP-time mail for users who have exceeded their quota, rather than directing the mail into their queue.

    Sender Verification

    This option allows you to verify the origin of mail senders.

    Set SMTP Sender: headers

    This option allows you to set the Sender: header as "-f flag passed to sendmail" when a mail sender changes.

    note Note: The default setting is Off.

    note Note: If you set this option to Off, Microsoft® Outlook will not add an "On behalf of" header. This may limit your ability to track abuse of the mail system.

    Allow mail delivery if spam scanner fails

    This option allows you to disable the spam scanner if it fails. If you select On, all mail will be delivered as normal in the event of a spam scanner failure.

    note Note: The default setting is On.

    note Note: If you select Off and the spam scanner fails, users will not receive new messages until the scanner is repaired.

    Trust X-PHP-Script headers to determine the sender of email messages sent from processes running as nobody

    This option allows messages that are sent with X-PHP-Script headers to be trusted when sent from the user 'nobody'. This option also enables the mail server to determine the true sender. This will provide a faster delivery process than a query to the Apache server to determine the sender.

    note Note: It is possible for an advanced user to forget this header. If your users may misuse this function, disable this option and send a query to the Apache server to determine the sender of 'nobody' messages.

    Query Apache server status to determine the sender of email messages sent from processes running as nobody

    This option allows the mail delivery process to query the Apache server to determine the true sender of a message when the 'nobody' user sends a message. This requires an additional connection to the webserver for each message that is sent with the user account 'nobody' (PHPsuExec and mod_ruid2 disabled). This option is more secure, but not as fast as trusting X-PHP-Script headers.

    Edit | Attach | Print version | History: r17 < r16 < r15 < r14 < r13 | Backlinks | Raw View | More topic actions
    Topic revision: r17 - 23 Apr 2013 - 19:32:52 - Main.JenniferDoubrava