Spam Experts Help

Configure Identity Header Identification Method in Spam Experts and Your MTA

Using an identity header allows the system to track and prevent spammers without affecting other senders for the domain.

  1. Step 1 - Configuring the Identity Header Identity Method via the Spam Experts Control Panel
  2. Step 2 - Identity Header Setup in the MTA

Step 1 - Configuring the Identity Header Identity Method via the Spam Experts Control Panel

Configure Spam Experts to log and monitor identity headers.

  1. Navigate to the outgoing authenticating domain.
  2. Select Outgoing > Manage Users.
  3. Select Edit from the dropdown alongside the 'Authenticating Domain' outgoing user:
  4. The Outgoing User Settings page is displayed.

  5. From the Identification Method dropdown, select Header.
  6. Click on + Add a new identification header.
  7. In the Header name field, add the header name that you are configuring, (for example X-AuthUser for Exim/cPanel).
  8. From the Header value dropdown select from:
    • Simple - The entire header value will be used to identify unique users that share this identification method
    • Custom - Specify a custom regular expression that will be used to extract the identity from the header value in order to identify unique users that share this authentication method.
    • The custom regular expression you enter MUST contain a group that represents the identity.

  9. If you want to keep this header after processing, ensure the Remove after processing option is ticked. Alternatively, to keep the header after processing remove the tick.
  10. Depending on how the header is created, it may contain information that you do not want to release. For example, if the identification is based on the user's login id, you probably want to ensure Release after processing is ticked.

  11. Click Add.
  12. If you have configured more that one identity, each will be processed in order. If multiple headers are in the same outgoing email, the first header in the message will be the one that is processed first.

  13. Once you have set this up, verify that all is working correctly by checking your outgoing messages in the Outgoing Log Search and look for new messages using the Identity column. If you see data which is using the new identity, it is working correctly.
  14. It is important to set up a good identifier for your different mail streams in order to make effective use of this feature.

    The other Identification Method options available are Envelope-Sender and Authenticating User. For more info, see Outgoing User - Identification Method.

    If you are not able to add a specific outgoing Header, we recommend you set the Identification Method to the "Envelope-Sender, so that you can continue to use the lock senders option (either via API or the Outgoing Log Search).

Example Identities

There are many different headers and identities that can be set. Here are some examples:

  • cPanel:
    • Header name: X-AuthUser
    • Header value: Simple
  • cPanel:
    • Header name: X-PHP-Originating-Script
    • Header value: ^(.*?)\(.*$
  • Postfix:
    • Header name: Received
    • Header value: .*\(Authenticated sender: (.*?)\).*

Step 2 - Identity Header Setup in the MTA

As well as configuring Spam Experts to log and monitor identity headers you must ensure that this is also set up in your sending MTA. Here are some example configurations:

Microsoft Exchange Identification headers

Currently on Microsoft Exchange, to be able to add custom outgoing headers a XHeader transport agent must be built. For more information, see the Microsoft KB

cPanel/Exim

headers_add = X-AuthUser: $authenticated_id

headers_add = X-AuthUser: ${if match {$authenticated_id}{.*@.*}\
{$authenticated_id} {${if match {$authenticated_id}{.+}\
{$authenticated_id@$primary_hostname}{$authenticated_id}}}}

headers_add = ${if !eq{$original_domain}{$domain}{X-Forwarded-For: $original_domain}}

Postfix Identification headers

To do this in Postfix, you need to add the following line to your main.cf if not already there:

smtpd_sasl_authenticated_header = yes

This will add an "Authenticated Sender" part to the received header