Re: [exim] exim 4.4 authentication

On Mon, 2005-03-14 at 12:12 +0000, Tony Finch wrote:
> On Mon, 14 Mar 2005, Marc Haber wrote:
> > On Mon, 14 Mar 2005 11:30:09 +0000, Tony Finch <dot@???> wrote:
> > >
> > >Bounces always go to the return path, which should therefore ALWAYS be
> > >verified at SMTP time so that bounces can be delivered.
>> >
>> >There's a slight bug in Exim's current control=submission
>> >implementation in that it doesn't force the return path to be the
>> >authenticated sender address, as it does for local submission via
>> >the command line.
> >
> > Verification doesn guarantee deliverability, but not that the address
> > generated is actually read.
>
> If a user is sending email from an address which they don't read then they
> deserve to lose.

why do you think there has to be a connection between the authenticated
SMTP sender and the account used for reading? my mobile phone does not
support TLS, so I have configured it to send e-mail using an account
with low security profile, essentially it can only be abused to send
e-mail if anyone sniffs the password. the envelope address points to an
address associated with my normal account.

another example: some small sites have configured a single username and
password for everyone to use to authenticate, which simplifies the
setup, and is potentially more secure since the e-mail server doesn't
need to access any authentication service on the inside of the firewall.

I don't think everyone can or will enforce your restriction, so I don't
think it should be the mandatory behaviour of control = submission.
--
Kjetil T.