On 6/17/05, Eli <eli-list@???> wrote:
> Greg wrote:
>
> > There's giving a guy some rope -- and then there's rope that's fashioned
> > into a hangman's noose, and strung up over a high branch, forced over
> > the user's head, and a swat given to the hind end of the horse he's
> > sitting on. This issue is like the latter, not the former.
>
> That analogy is flawed unfortunately. Exim is the rope, and the default
> configuration supplied is no worse than just another piece of rope. Quite
> obviously these admins have taken these two pieces of rope and made a noose
> with it. If they're going around hanging people, just don't go play with
> them - that's the fix. Many of us are well aware of your position on
> accepting email, so I highly doubt that blacklisting a few more "RFC
> ignorant" domains is against any policy you hold dear.
>
> As someone else similarily stated, my computer and OS allow me to delete
> itself from the system (at least key files/components) while it's running.
> It lets me install viruses, and even lets me compile viruses. Those are for
> sure things that we wouldn't want to happen - do you blame my Intel CPU
> chip, or my operating system for allowing such things?
Yes, but there are rules so you can't delete locked/system/other
peoples files. Any delete command is usually not going to let you do
a lot of bad things (like delete locked files or ignore permissions
unless you're logged on as root) and then is going to prompt you Y/N.
What some of us are asking for is not to remove the
delete/rmdir/format commands in Exim but to at least do things so they
are used appropriately and with moderation. There should be
prompting (whatever is a system file or whatever is locked) and big
warnings in all caps and stuff before you format a drive. If the
delete command ignores permissions or can delete files that are in use
then perhaps it shouldn't.
I think what we have here is a delete command that ignores
permissions, locked files, system files, and files in use.
RFC's don't give Exim any permission do ignore key aspects of the SMTP
protocol and I don't want any guest the ability to ignore root
permissions and delete rename and move stuff. If I have an open
system and someone goes around doing bad things, they should be
punted.
How is that for an appropriate analogy?
You have absolute control over your machine and you should be
perfectly able to open all your ports and create viruses and delete
and format anything you want.
On the other hand when a user takes their fully patched Windows
computer and hooks it up to the internet and wants to share files with
another computer and uses weak passwords so their kids/parents don't
have any problems only to have it turned into a zombie a few hours
later, Microsoft didn't need to fix or improve anything.
Microsoft never needed to improve and start incorporating their dinky
firewall in XP. That stupid warning all the time saying the firewall
is turned off is annoying for us good users that have routers and
stuff and who know what we're doing.
We only need to train the users in the case of Windows and postmasters
in the case of Exim so they don't do anything stupid.
Meanwhile there are millions of zombies still out there spewing
viruses and spam out there and it isn't Microsoft fault just like it
isn't Exims fault. I'm not talking about bugs or holes here as all
the patches and security fixes are quickly made available. Microsoft
crap, I mean stuff, is just as good as Exim. Microsoft isn't not at
all responsible after all any good user should get a router and
antivirus software and apply all the security patches Microsoft has
released.
Gee, I accept <postmaster> or <postmaster@[ipaddress]> (and similar
with abuse) as exceptions to my default policy. I refuse <> to
multiple recipients and to alias (that wouldn't send mail) and I do
put them through special filters to prune bogus virus warnings and
such. I'll punish systems that use IP addresses in their helo (also
violating RFCs) or that try to forge my IP or my domains while I
carefully examine helo strings. I use proper reverse dns entries and
all my machines have and use good resolvable names. I do all this
without using Exim and that's probably more than I can say for 99.9%
of postmasters/systems/domains out there, Exim or otherwise. I think
RFCs are important unlike Exim, and I don't think there is anything
you can do ignoring RFCs that you couldn't do better by following the
rules.
If cPanel fixed the problem where they ignored 550 errors when sending
<> (they also use auto_thaw to configure Exim to ignore 550 errors
when sending <> -- think about that) perhaps they wouldn't be so quick
or even need to refuse <>. I mean really, first they send <> ignoring
550 errors then refuse <> using 550 responses!! Exim made this
possible and easy. "Exim is easily misconfigured" is not a good motto
although it does seems to be too true. One quickfix forces another.
"Exim, if you want to do it quick and not properly?", another bad
motto.
Thinking you're cripping Exim by forcing it to follow the rules is
wrong. You're taking the easy way out and not fixing the real cause
of the problem... so rather than block all dsn you should upgrade
your filtering configuration, filter those accounts that don't send
mail and don't respond with 550 We don't relay <> but 550 Original
Message was forged. By installing special filters for <>, rather than
arbitrarily refusing all of them, I was able to filter out all the
bogus dsn for users were refusing them all wasn't an option. I was
also able to extend them to examine bogus dsns where they used
<postmaster/mail-daemon/antivirus@wherever> instead of just <>. Big
improvements. Necessity is the mother of invention and the easy
quickfixes Exim allows are not condusive to this mentality. Solutions
involving a little more work usually solve bigger problems.
Any good postmaster wouldn't have any problem if Exim was neutered a
bit to protect idiots from themselves, because a good postmaster isn't
an idiot and they would still be able to do everything they wanted to
do before.
Meanwhile, I think if we stopped talking about features in general and
talked about specific options we might make more head way. So if we
did get rid of feature X (refuse all bounces) couldn't we just start
using/create/learn how to configure feature Q (filter bounces to
mailbox aliases) instead? or how about option K (create a filter that
rejects dsn created by stupid virus software). Getting rid of an
option doesn't mean you can't choose, and if we start providing
specific solutions to specific problems people wouldn't use or miss
(if we did get rid of them) these quickfixes and hacks that Exim seems
to have incorporated.
So log in as a guest and then try to format all the drives... if you
can then say goodbye to Windows 9x. Is that a product you want to be
using? Is there something you want to pass along to the owner of that
machine and to other owners or the software maker? I would like it if
perhaps another software maker would listen to our concerns and not
arbitrarily say we don't want to cripple the software by removing or
restricting some infrequently (or in some cases never used and
depreciated) feature.
