On Wed, 18 Oct 2000, Ian Jackson wrote:
> > Firstly, is this patch correct ? Secondly, is it likely to go into
> > the standard Exim ? If so then I'll send you another patch for the
> > documentation. If not I'll try to persuade the Debian maintainer to
> > accept it :-).
It is not correct, or rather, it is not complete, because it doesn't
interact well with the rules for inserting Sender: and other things that
get done for local senders. I am considering implementing it as
"allow_untrusted_return_path", but I really have to tidy up all these
other interactions, which have got into a mess as various cases have
been added to the original code.
> > The new behaviour is supposed to be that -f and MAIL FROM (in SMTP
> > sessions) will now be honoured from all local users, regardless of
> > trusted_users/groups.
That is all I plan to implement; the handing of Sender: etc. will be as
before (but is turn-off-able already).
> > NB that the patch makes this behaviour the default. I think this is
> > helpful because problems caused by (eg) mailing list programs not
> > being able to set their return path seem to outnumber problems caused
> > by programs using `-f' inappropriately.
I will not make it the default, for compatibility, and also because I
prefer to have "security"-type doors closed by default.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
