On Wed, 28 Aug 2002, Philip Hazel wrote:
> On Wed, 28 Aug 2002, Rick Byers wrote:
>
> > ... unable to set gid=39 or uid=32767 (euid=8): system_aliases router
> > ... temporarily rejected RCPT <...>: internal problem in system_aliases
> > router: failure to transfer data from subprocess
>
> Exim is trying to verify an address while receiving an incoming message.
> At this stage, it is running as "exim", and so cannot change uid/gid.
> You must have a router configuration that requires it to change during
> verification - hence the problem.
>
> :include: is processed at routing time - that is, it has actually to go
> and do the work of reading the file at routing time. Pipes are just set
> up at routing time; they don't actually happen until delivery.
>
> For security, if a user is supplied (as in your router), Exim runs
> :include: as that user. This is typically the case for user's .forward
> files. Unfortunately, this causes a problem during verification.
>
> For user's .forward files, you can usually put no_verify to get round
> this. In your case, its a bit more complicated. What I suggest is that
> you change
>
> user = nobody
> file_transport = address_file
> pipe_transport = address_pipe
>
> to
>
> file_transport = alias_address_file
> pipe_transport = alias_address_pipe
>
> and then provide two new transports as copies of the standard ones, but
> with
>
> user = nobody
>
> added to each of them. That way, you aren't supplying a user at routing
> time.
Ah yes, that makes sense. Thanks for the suggestion. I've done this and
it appears to be working fine now.
Thanks again,
Rick
