I think we've discussed this on the list before, but I'm increasingly
convinced that acl_smtp_predata would be a useful. This ACL would run
immediately after the client's DATA command and allow the sysadmin to make
Exim say something other than 354.
(1) This is a synchronization point. If PIPELINING is in operation
delaying in a RCPT ACL only delays, but a delay in a predata ACL would
probably be an effective ratware detector.
(2) There are situations in which you might want to say that an address is
OK from the point of view of a callout but not from the point of view of
actually sending a message. You could then accept the RCPT command but
reject the message at predata time to save the bandwidth consumed by the
data.
For example, Postfix does callouts using MAIL FROM:<postmaster@...> which
puts a spanner in any scheme for requiring that (signed) return path
addresses are only used in MAIL FROM or in the RCPT TO of a bounce.
Another example is Exim's header_sender callouts, which are FROM:<> but
the address may not be a valid bounce recipient address.
(3) One of the tests we do in the RCPT ACL is to check if MailScanner is
keeping up with the load and defer if it isn't. It'd be better to do this
once at predata time.
Tony.
--
f.a.n.finch <dot@???>
http://dotat.at/
SELSEY BILL TO LYME REGIS: WEST TO SOUTHWEST 3 OR 4 OCCASIONALLY 5. MISTY WITH
PATCHY RAIN AND DRIZZLE AND RISK OF FOG PATCHES. MODERATE OR POOR WITH RISK OF
FOG PATCHES. SLIGHT BUILDING SLIGHT TO MODERATE.
