[Exim] Re: Untrusted users setting the return-path

Top Page
Delete this message
Reply to this message
Author: Ian Jackson
Date:  
To: exim-users
Subject: [Exim] Re: Untrusted users setting the return-path
In August I wrote:
> I need to allow my users to set the return-path on their messages, but
> of course I still want traceability of mail in case of problems, spam,
> etc. Exim 3.12 doesn't seem to support this (I'm using Debian's
> 3.12-10), so I constructed the attached patch.
>
> Firstly, is this patch correct ? Secondly, is it likely to go into
> the standard Exim ? If so then I'll send you another patch for the
> documentation. If not I'll try to persuade the Debian maintainer to
> accept it :-).
>
> The new behaviour is supposed to be that -f and MAIL FROM (in SMTP
> sessions) will now be honoured from all local users, regardless of
> trusted_users/groups.
>
> NB that the patch makes this behaviour the default. I think this is
> helpful because problems caused by (eg) mailing list programs not
> being able to set their return path seem to outnumber problems caused
> by programs using `-f' inappropriately.


(The first patch I supplied was broken, and I posted a second, which I
enclose.)

Phil, is this a feature you're philosophically opposed to ?

Ian.

Only in exim-3.12: Local
Only in exim-3.12: build
Only in exim-3.12: build-Linux-i386
Only in exim-3.12/debian: files
Only in exim-3.12/debian: rules~
Only in exim-3.12/debian: substvars
Only in exim-3.12/debian: tmp
diff -ru orig/exim-3.12/src/accept.c exim-3.12/src/accept.c
--- orig/exim-3.12/src/accept.c    Wed Dec  8 09:57:03 1999
+++ exim-3.12/src/accept.c    Tue Aug 29 20:09:18 2000
@@ -1023,7 +1023,8 @@
        ) &&
        regex_match_and_setup(regex_From, next->text, 0, -1))
     {
-    if ((trusted_caller || filter_test != NULL) && !sender_address_forced)
+    if ((trusted_caller || use_untrusted_return_path ||
+     filter_test != NULL) && !sender_address_forced)
       {
       char *uucp_sender = expand_string(uucp_from_sender);
       if (uucp_sender == NULL)
diff -ru orig/exim-3.12/src/exim.c exim-3.12/src/exim.c
--- orig/exim-3.12/src/exim.c    Wed Dec  8 09:57:05 1999
+++ exim-3.12/src/exim.c    Tue Aug 29 20:09:19 2000
@@ -2509,8 +2509,8 @@
 (which might involve tests on the sender in the drivers). */


 if ((sender_address == NULL && !smtp_input) ||
-    (!trusted_caller && filter_test == NULL && !verify_only &&
-     !address_test_mode))
+    (!(trusted_caller || use_untrusted_return_path) && filter_test == NULL &&
+     !verify_only && !address_test_mode))
   {
   sender_local = TRUE;
   sender_address = user_login;
diff -ru orig/exim-3.12/src/globals.c exim-3.12/src/globals.c
--- orig/exim-3.12/src/globals.c    Wed Dec  8 09:57:05 1999
+++ exim-3.12/src/globals.c    Tue Aug 29 20:09:19 2000
@@ -650,6 +650,7 @@
 int    store_pool             = POOL_MAIN;
 BOOL   strip_excess_angle_brackets = FALSE;
 BOOL   strip_trailing_dot     = FALSE;
+BOOL   use_untrusted_return_path = TRUE;


transport_instance *transports = NULL;

diff -ru orig/exim-3.12/src/globals.h exim-3.12/src/globals.h
--- orig/exim-3.12/src/globals.h    Wed Dec  8 09:57:05 1999
+++ exim-3.12/src/globals.h    Tue Aug 29 20:09:19 2000
@@ -479,6 +479,7 @@
 extern int    store_pool;             /* Current pool number */
 extern BOOL   strip_excess_angle_brackets; /* Surrounding route-addrs */
 extern BOOL   strip_trailing_dot;     /* Remove dots at ends of domains */
+extern BOOL   use_untrusted_return_path; /* Use untrusted callers' r-p's */


/* Ditto for system filter */

diff -ru orig/exim-3.12/src/readconf.c exim-3.12/src/readconf.c
--- orig/exim-3.12/src/readconf.c    Wed Dec  8 09:57:09 1999
+++ exim-3.12/src/readconf.c    Tue Aug 29 20:09:19 2000
@@ -233,6 +233,7 @@
   { "trusted_users",            opt_uidlist,     &trusted_users },
   { "unknown_login",            opt_stringptr,   &unknown_login },
   { "unknown_username",         opt_stringptr,   &unknown_username },
+  { "use_untrusted_return_path",opt_bool,        &use_untrusted_return_path },
   { "uucp_from_pattern",        opt_stringptr,   &uucp_from_pattern },
   { "uucp_from_sender",         opt_stringptr,   &uucp_from_sender },
   { "warnmsg_file",             opt_stringptr,   &warnmsg_file }
Only in exim-3.12/util: convert4r3
Only in exim-3.12/util: exigrep
Only in exim-3.12/util: eximstats
Only in exim-3.12/util: exiqsumm
Only in exim-3.12/util: transport-filter.pl