Hi,

On 12/05/17 21:34, Arnt Gulbrandsen wrote:
> IIRC this isn't at all simple with that software. For mostly poor
> reasons that may have changed since last time I looked.
>
> You could approximate it with a bit of hacking, though: Use exim to
> force a bcc to something like policyviolation@asdf, and use a generated
> sieve file for that address to check whether anyone's done anything
> forbidden. The generated sieve script needs a long list of clauses like
> this one, which permits aaa@asdf to use sales@asdf and blah@asdf in the
> From field:
>

> if allof(envelope "from" :is "aaa@asdf".
>         anyof(address "from" :is "sales@asdf",
>               address "from" :is "blah@asdf")) {
>    drop;
> }

>
> The default action at the end of a sieve script is to file into the
> inbox, so the end effect is that your policyviolation@asdf account
> receives only rule violations. Read that mail whenever you feel BOFHy
> and have a great day — one way or the other.

Okay, that's an interesting way to deal with it, thanks!

I've also thought about adding a header for the authenticated user, but
I don't want the actual usernames to be given away in emails that leave
the server. Perhaps add the header, save the message and then remove
the header and let it transit on.... if that is possible; a bit like bcc
is there, then it goes and doesn't end up being actually included in the
source of a delivered email.

Kind Regards
AndrewM