Re: [Exim] ETRN again...

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Dave C.
Ημερομηνία:  
Προς: Tamas TEVESZ
Υ/ο: Marcus Fleige, exim-users
Αντικείμενο: Re: [Exim] ETRN again...
On Mon, 3 Sep 2001, Tamas TEVESZ wrote:

> On Mon, 3 Sep 2001, Marcus Fleige wrote:
>
> > is it possible to forward the emails from that pop-mailbox to the
> > customers mailserver via etrn?
>
> no. not from the 'pop-box'. when it's in the 'pop-box' (ie had been
> delivered by exim) it's essesntially out of exim's control.
>
> you can, however "hold_domains = foo.com". this makes the messagaes to
> that given domain not to be delivered, but just held on the queue. now
> when the client comes in and says "etrn foo.com" then they're flushed.
>
> ---
>
> actually there's something in etrn that bothers me. being able to
> connect to an smtp server and having access to the ETRN command, i can
> start a queue run to any domain i wish to. isn't that bad ? i mean, if
> there are lots of mails, and the mxes for that domain are not
> available, this will eat mtas resources; and this also raises a
> question (be this exim-specific; i have a domain "on hold". someone
> issues an etrn to that domain; this invokes exim -Rf (anything else
> to try to achieve this functionality?); and this forces
> the delivery.


This is why you only permit specific hosts to issue the ETRN command -
this is generally someone who is paying you for service, so they have at
least some motivation not to desire to abuse your server - at least not
intentionally - and if they muck it up and do so by accident, you know
who to call and help them fix it, or threaten them with termination of
service if they wont.


>
> this is ok, if i'm the one who is supposed to ask for my mails. but if
> i'm just playing abusive, how will this affect the further handling of
> these messages ? will those that are already in the queue be held
> until the next ETRN (the ones that will arrive later will be held,
> that's clear), or does a one-time -Rf cease the effect of
> hold_domains ? (the latter can give a lot of opportunity to be
> abusive)
>
>
>


--