On Mon, 15 Dec 2003, James P. Roberts wrote:
> What would be the impact of deleting the following line from rcpt ACL?
>
> accept hosts = :
>
> If I understand correctly, deleting this line would remove the "free pass" for
> local "command line" injected messages, and instead apply the rest of the rcpt
> ACL, including, for example, authentication tests.
Only to those "command line" injected messages that use SMTP over the
standard input/output. It would not affect non-SMTP command line
messages. For those, you need to set up a non-SMTP ACL.
> Could one add a log line to "accept hosts = :", to track the userid of anyone
> using the command line to inject messages? Might this help identify the
> culprit? Something like:
>
> accept hosts = :
> log_message = local injection by $originator_uid as $sender_address
You could, but again, you'd have to do this also in a non-SMTP ACL to be
sure of catching all non TCP/IP messages.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book: http://www.uit.co.uk/exim-book
