Greg A. Woods wrote:
>
> In any case whatever feature it is in Exim that allows sites to
> implement such a blatantly stupid and damaging policy really needs to be
> completely removed, and quickly; though I have no idea how to convince
> these abusers to upgrade to a version that prevents their trashing of
> the protocol. Hopefully their customers will put enough pressure on
> them to accept bounces, but so far that doesn't seem to be happening.
Greg, you of all people should know that these providers are free to
make whatever security policy decisions about their own servers that
they like, including stupid things like dropping connections with bogus
HELO strings or refusing all bounces.
Tony wrote a patch that allows Submission mode to fix up the envelope
sender, so you can require your customers to use authentication when
submitting through your servers, and ensure the bounces go to their
authenticated account on your server, not some arbitrary envelope from
set by their MUAs.
http://www.exim.org/mail-archives/exim-dev/2005-May/msg00018.html
Philip, has this patch been accepted for exim 4.52?
- Marc
