1. Login to WHM >> EXIM CONFIGURATION MANAGER >> ADVANCED EDITOR
2. Add the following entry using the Add additional configuration setting feature:
- domainlist remote_domains = lsearch;/etc/remotedomains
3. Under the section “ACLs“, add the following code in acl_not_smtp >> custom_begin_outgoing_notsmtp_checkall :
- deny
- condition = ${if ! match_domain{${domain:${address:$h_From:}}}{+local_domains : +remote_domains}}
- message = Sorry, you don't have permission to send email from this server with a header that \
- states the email is from ${lc:${domain:${address:$h_from:}}}.
4. Search for acl_smtp_data and add the following lines undercustom_begin_outgoing_smtp_checkall :
- deny
- authenticated = *
- condition = ${if or { \
- { !eqi{$authenticated_id} {${address:$header_From:}} } \
- } }
- message = Your FROM address ( $header_From ) must \
- match your authenticated email user ( $authenticated_id ). \
- Treating this as a spoofed email.
Important points to keep in mind:
- POP before SMTP won’t work. You will have to ask your customers to use the option – “My Server Requires Authentication” in the SMTP settings of their email client.
- Username in the format user+domain.com will not work. Customers will have to use [email protected] instead.