On Mon, 4 Dec 2000, Ian D Crorie wrote:
> As you'll no doubt all be aware, the exim system filter doesn't run
> on error bounces (i.e. those with envelope froms of <> ):
>
> # drop out error messages here
> if error_message
> then
> finish
> endif
>
> However, we've recently received unsolicited mail with .EXE
> attachments which are forged to look like error bounces. Is there
> a good reason for having to let these slip through the filter?
That is mostly there as a defence against misconfiguring the filter
(which I find is embarassingly easy to do). Which is worse:
letting those attacks in or losing error messages when you make a
mistake and let the system throw all mail away ?
Not an easy choice for me.
--
Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge
A.C.Aitchison@??? http://www.dpmms.cam.ac.uk/~werdna
