Configure Identity Header Identification Method in SpamExperts and Your MTA
Using an identity header allows the system to track and prevent spammers without affecting other senders for the domain.
- Step 1 - Configuring the Identity Header Identity Method in SpamExperts
- Step 2 - Identity Header Setup in the MTA
Step 1 - Configuring the Identity Header Identity Method in SpamExperts
Configure SpamExperts to log and monitor identity headers:
- Navigate to the outgoing authenticating domain
- Select Outgoing > Manage Users
- Select Edit from the dropdown alongside the Authenticating Domain outgoing user:
- From the Identification Method dropdown, select Header
- Click on + Add a new identification header
- In the Header name field, add the header name that you are configuring, (for example X-AuthUser)
- From the Header value dropdown select between:
- Simple - The entire header value will be used to identify unique users that share this identification method
- Custom - Specify a custom regular expression that will be used to extract the identity from the header value in order to identify unique users that share this authentication method
The custom regular expression you enter must contain a group that represents the identity.
- If you want to remove this header after processing, ensure the Remove after processing option is ticked. Alternatively, to keep the header after processing remove the tick
- Click Add
- Once you have set this up, verify that all is working correctly by checking your outgoing messages in the Outgoing Log Search and look for new messages using the Identity column. If you see data which is using the new identity, it is working correctly
Depending on how the header is created, it may contain information that you do not want to release. For example, if the identification is based on the user's login id, you probably want to ensure Remove after processing is ticked.
If you have configured more that one identity, each will be processed in order. If multiple headers are in the same outgoing email, the first header in the message will be the one that is processed first.
The other Identification Method options available are Envelope-Sender and Authenticating User. For more info, see Outgoing User.
Example Identities
There are many different headers and identities that can be set. Here are some examples:
- cPanel:
- Header name: X-AuthUser
- Header value: Simple
- cPanel:
- Header name: X-PHP-Originating-Script
- Header value: ^(.*?)\(.*$
- Postfix:
- Header name: Received
- Header value: .*\(Authenticated sender: (.*?)\).*
Step 2 - Identity Header Setup in the MTA
As well as configuring SpamExperts to log and monitor identity headers you must ensure that this is also set up in your sending MTA. Here are some example configurations:
Microsoft Exchange Identification headers
Currently on Microsoft Exchange, to be able to add custom outgoing headers a XHeader transport agent must be built. For more information, see the Microsoft KB.
cPanel/Exim
headers_add = X-AuthUser: $authenticated_id
headers_add = X-AuthUser: ${if match {$authenticated_id}{.*@.*}\
{$authenticated_id} {${if match {$authenticated_id}{.+}\
{$authenticated_id@$primary_hostname}{$authenticated_id}}}}
headers_add = ${if !eq{$original_domain}{$domain}{X-Forwarded-For: $original_domain}}
Postfix Identification headers
To do this in Postfix, you need to add the following line to your main.cf if not already there:
smtpd_sasl_authenticated_header = yes
This will add an "Authenticated Sender" part to the received header