Prevent users from being implicitly authenticating to Exim on the local host
Currently, if Exim receives an unauthenticated request to relay mail to a remote system, it will attempt to determine whether the connection is coming from a process on the server (see identify_local_connection() in /etc/exim.pl.local). If the connection did originate from the server itself, then the user (except perhaps the nobody user) will be considered authenticated by Exim.
As a system administrator, I want the ability to disable this behavior without breaking system services or mechanisms provided by cPanel. Together with existing features and other requested features, I should be able to force a user to explicitly authenticate via SMTP in order to increase the amount of effort an attacker must expend before a compromised site can be used to send spam.
[cPanel ticket #8816051]