Re: [exim] Sender callouts [PATCH]

Top Page
Delete this message
Reply to this message
Author: Ian FREISLICH
Date:  
To: Fred Viles
CC: exim-users
Old-Topics: Re: [exim] Sender callouts
Subject: Re: [exim] Sender callouts [PATCH]
"Fred Viles" wrote:
> On 11 Apr 2005 at 9:49, Ian FREISLICH wrote about
>     "Re: [exim] Sender callouts ":

>
> | "Fred Viles" wrote:
> |...
> | > Still, ISTM it doesn't make sense to try use_sender as a fallback (as
> | > opposed to use_postmaster) since it is entirely reasonable for sites
> | > to block spoofed local sender addresses.
> | 
> |     use_postmaster
> | 
> |     This parameter applies to recipient callouts only. For example:
> |...
> | Either way exim requires a patch.

>
> Right, I didn't mean to imply otherwise.
>
> | Either way it allows you to do
> | some foot shooting, besides exim is so flexible, if used incorrectly
> | allows some severe foot shooting. On that case alone, I'd argue
> | for both use_postmaster and use_sender to be allowed in sender
> | callouts.
>
> OTOH, use_postmaster is potentially usefull and does not tell lies,
> while use_sender tells lies for no usefull purpose (IMHO).
>
> It's true that extra care must be taken to avoid verify loops if you
> use the option (don't do callout sender verification for postmaster),
> but that is easy and would be documented. Perhaps it could even be
> made automatic...
>
> | The latter, because if you allow use_postmaster, you can
> | set the postmaster address, so you don't really gain anything by
> | denying use_sender.
>
> I'd argue that the existance of an explicit option to do something
> implies that that there are cases where that something is a good
> thing to do. So implementing options just for orthogonality does
> have a negative aspect in certain cases.


Very well (white-space mangled):

--- acl.c.orig  Tue Apr 12 07:51:20 2005
+++ acl.c       Tue Apr 12 07:52:06 2005
@@ -1240,11 +1240,9 @@


 else if (verify_sender_address != NULL)
   {
-  if ((verify_options & (vopt_callout_recipsender|vopt_callout_recippmaster))
-       != 0)
+  if ((verify_options & vopt_callout_recipsender) != 0)
     {
-    *log_msgptr = US"use_sender or use_postmaster cannot be used for a "
-      "sender verify callout";
+    *log_msgptr = US"use_sender cannot be used for a sender verify callout";
     return ERROR;
     }



Ian

--
Ian Freislich