On Wed, 17 Dec 2003, James P. Roberts wrote:
> Oh, one question... I just noticed the "applies to all non-interactive"
> bit... Does this mean someone could still get past this non-SMTP ACL by
> sitting at a terminal and typing away?
No.
> Is there an ACL for *interactive* non-SMTP incoming messages? I did not see
> one...
That's because there's no such thing as an "interactive non-SMTP
incoming message". By "interactive" I didn't mean "coming from a
terminal", I meant "protocol in which the server and client exchange
data with each other" - in other words, "proper" SMTP, where the client
sends a command and waits for a response, etc.
Here's an enumeration of all the ways you can inject messages into Exim:
1. SMTP over TCP/IP (to the loopback address or real IP address).
2. SMTP over stdin/stdout (the -bs option).
3. Command line with recipients on command line.
4. Command line with recipients in message (the -t option).
5. Command line with recipients in SMTP format (the -bS option).
The first two use the SMTP ACLs and are "interactive"; the remaining 3
use the non-SMTP ACL and are not.
Philip
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book: http://www.uit.co.uk/exim-book
