Re: [Exim] Planning for Exim 4 - Revised Document

Top Pagina
Delete this message
Reply to this message
Auteur: Vadim Vygonets
Datum:  
Aan: exim-users
Onderwerp: Re: [Exim] Planning for Exim 4 - Revised Document
Quoth Philip Hazel on Tue, Jan 16, 2001:
> I have revised the planning document in the light of comments received.


Perl script:

I'd like to volunteer for writing something, maybe the config
file converter script, maybe some of the code.

| Changes to conditional running of routers


Good ideas.

| One more new router [masquerade]


Niiice!

| Changes to security features
| When Exim gives up root privilege temporarily by calling
| seteuid(exim), it is vulnerable to manipulation by other processes
| running as exim. (In discussion, I was told that this behaviour
| does not in fact happen in all operating systems.


Do you know which ones are vulnerable?

ACL:

It's hard to understand whether "sender" and "recipient" are
domains, local parts, or whole addresses, as they're used in all
three senses in the examples.

| Different kinds of input


Maybe ACL conditions such as net_smtp_input, stdin_bsmtp_input,
stdin_smtp_input and stdin_message_input are in order. Or
conditions such as "input = stdin_bsmtp". Yea, I think it's
better this way.

| smtp_expn_hosts becomes smtp_etrn_acl


YM smtp_expn_acl.

EXPN and VRFY: Changing the VRFY-related option to behave like
the EXPN-related option (say, changing smtp_vrfy to
smtp_vrfy_hosts) is good. Changing it to an ACL is probably an
overkill.

| #include /some/file/name


I already proposed to do it the BSD make way (to avoid confusing
it with comments (#include) and variables/expansions ($INCLUDE)):
.include "/some/file/name"

Re ownership and mode: yup, that of the config file.

| There has been a request that the `end' lines be extended so
| you can say, for example,
| end transports


I never understood why you chose 'end' as a "border line", and
not 'begin', or 'new_section', or whatever. Maybe something like
'begin' with an argument would be nice, like:

    beware!_here_be transports


| A compromise is to invent some magic syntax to match @, which
| represents the host name. I suggest @ipliteral.


Or maybe "@[]" (no quotes)?

| Miscellaneous
| [...]the existence of patch space at the end of the default values[...]
| I received one request to retain it, but nobody has admitted
| actually using it...


Well, I admitted to almost using it, which is almost good enough
;) Seriously, cs.huji shrinks the values, not expands it, but
the sole fact that they[*]'re editing it means that the patch
space is potentially useful.

| When an address is being routed, its constituents are in
| $local_part and $domain, but there is currently no variable that
| contains the whole thing. It could be put into $recipient, but
| that risks confusion with $recipients (which is available in
| system filters). Maybe $address could be used?


$address sounds nice. Whatever the name will be, it's nice to
have such option.

I would also like to propose an expantion directive
${address:...}, which would work like ${local_part:...} and
${domain:...}, so to extract an address from, say, a header,
instead of saying:
    ${local_part:$h_X-Hdr:}@${domain:$h_X=Hdr:}
it would be possible to say:
    ${address:$h_X-Hdr:}
(and the same for filters).


| ${env:NAME}


Vadik sez Nay.

| Even when the PIPELINING extension is in use, there are places
| where the client must wait for a response before proceeding. Exim
| could check that there is no outstanding data when it sends such
| responses, and take some suitable blocking action.


I'm thinking about integrating a nuke controller interface into
Exim.

*** Other thoughts:

What about ATRN? Is it implemented on server side?

I would also like to see a client-side implementation of ATRN.
I'm not sure whether it should be done inside Exim (so the user
would call Exim with some magic parameters, and Exim would
connect to a server, authenticate, send an ATRN command, reverse
state, and act as a server from that point) or as an external
program (so it would connect to a server, say AUTH, say ATRN, and
call Exim with -bs to talk to the server (err, I mean client)).

The Dreaded Colon:

You started to write Exim before IPv6 addresses entered your
mind. Therefore the Double Colon. Maybe it's time to replace
colons in config file with some other character, such as
semicolon?

And, Philip, let me thank you again for Exim. It's cool.
Vadik.

[*] No longer "we". I just have an account here.

--
To the systems programmer, users and applications serve only to
provide a test load.