Re: [Exim] Re: is this allowed email address in exim?

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Andreas Metzler
Datum:  
To: 'exim-users@exim.org'
Betreff: Re: [Exim] Re: is this allowed email address in exim?
On Mon, Jun 21, 2004 at 10:38:35AM -0400, David Brodbeck wrote:
> From: Philip Hazel [mailto:ph10@cus.cam.ac.uk]
>> On Sun, 20 Jun 2004, Andreas Metzler wrote:
>> > Depends on what you do with the mail. e.g it will fail
>>> horribly if you try to deliver to /var/mail/$local_part because
>>> "/" cannot be used as part of filenames. (And that is probably the
>>> main reason for disallowing "/".)


>> Yes. The disallowing by default is a "safety catch" for sysadmins who
>> may not realize the full consequences.


> For example, in the example above, you *might* get in trouble if someone
> sends mail to "../../etc/exim/configure" (depending on your file
> permissions, of course). ;)


The default rcpt ACL takes care to forbid this particular nastiness
for mail injected by SMTP that would be delivered locally.
               cu andreas
PS: Your MUA mangled the quoting in a horrible way, please consider
using http://home.in.tum.de/~jain/software/outlook-quotefix/