...the key point is that recipient
> verification is typically used for front-line machines acting as gateways
> for trusted systems, not against arbitrary domains/systems (which is how
> sender verification is typically used).
Hmm, I don't think I'd quite agree with that in such a blanket way. If
the ability is there to use it, you might find that a lot of people
will, sometimes even blindly if they're using a configuration supplied
to them by a vendor or just because they see it [wrongly?] as beneficial.
My knowledge of exim may show as thin here, but don't forwarded
addresses get verified with recipient verification - if someone sets
and alias to forward elsewhere, then the destination address is
checked? I'd imagine this is much more likely to cause loops (as
opposed to your front-line gateway suggestion).
I'm still not sold on why "use_sender" is a good idea on recipient
callouts, but not sender.
Andy
-----Original Message-----
Friday, May 7, 2004, 11:15:10 AM, you wrote:
> Hi Andy, on Fri, 7 May 2004 11:10:46 +0100 you wrote:
>> But if the option to allow the user of the sender address in callouts
>> for recipient verification exists, surely this also brings the changes
>> of callout loops. I don't see an awful lot of difference between the
>> implementation of "use_sender" on recipient callout vs. sender
>> callout. Please let me know if I'm missing a vital point here :-)
> You're right that the possibility of callout loops still exists, and the
> methods are conceptually similar, but the key point is that recipient
> verification is typically used for front-line machines acting as gateways
> for trusted systems, not against arbitrary domains/systems (which is how
> sender verification is typically used).
> Tim
> --
> ## List details at
> http://www.exim.org/mailman/listinfo/exim-users Exim details at
> http://www.exim.org/ ##