Hi,
Maciej Drobniuch (Friday, 2008-05-02):
If you are using RCWM and MTA on the same machine then postfix(for example) isn't asking the saslauth daemon that the user is authenticated(because the process is running on the localhost) - it depends on the client restrictions. If the user changes the identity to another account located on the server then he can easily send messages using unauthorized e-mail address. For example foo@foobar.com is able to send e-mails via the foobar@foobar.com acoount without authentication To avoid the users to change the identity you could use my suggested patch.
So you want to remove wanted/needed functionality because your MTA is misconfigured? Imo this is the wrong way to go.
Patrick.