RE: [exim] a large number of domains fronted by Exim are ref…

Pàgina inicial
Delete this message
Reply to this message
Autor: Dave Lugo
Data:  
A: exim-users
Assumpte: RE: [exim] a large number of domains fronted by Exim are refusing bounces...
On Sun, 19 Jun 2005, Greg A. Woods wrote:
> >
> > If you're having trouble seeing my point of view on this, I
> > agree that admins who are blocking bounces are doing something fairly
> > stupid. However, I don't agree with you that it should be the job of the
> > software they use to make that choice any more difficult than it currently
> > is (or isn't - meaning it could be very easy to do).
>
> Error handling in SMTP (i.e. the use of newly generated notifications
> messages which are sent to the original sender address, and with a null
> sender path) is a core feature and requirement of the SMTP protocol. It
> is inherent in its store-and-forward design and it "MUST" (STD's 3 & 10)
> not be messed with if e-mail is to enjoy any degree of robustness and
> reliability.
>


If the exim config is broken for the purpose of an internet-facing daemon,
it's broken.

This doesn't mean _exim_ is broken.


> Therefore a robust implementation of SMTP "MUST" make it difficult for
> an ignorant postmaster to purposefully screw up e-mail error handling.
>


That's what a good sample exim config config is for. Not the (my words)
'neuter or obfuscate the tools' philosophy you seem to be espousing.


>
> > Simply put, your frustration is understood, but you're kicking the wrong
> > people.
>
> Some other SMTP implementations don't seem to have this problem to this
> same degree. Error messages "MUST" be treated specially [*].
>



Huh? Some other SMTP implementations don't have the flexibility, or 'roll
your own' capability that exim offers. And for this you critizize exim?

As I pointed out before-

The only 'fault' exim has is a rich ACL language that allows someone
to do:

deny senders = :

I for one, would prefer that exim not be neutered to protect idiots
from themselves.

(the above acl is admitedly not advisable, execpt under limited
circumstances).



> (though yet further ones do suffer it even worse -- sadly Exim is not
> alone here)
>
>
> [*] that's not to say that all error messages must be accepted --
> clearly error messages to non-existant recipients are bogus and may
> safely be rejected (since they're not deliverable anyway), as perhaps
> are those containing known junk content, etc.
>



I am by no means condoning wholesale rejection of null senders, but
what you propose is akin to handcuffing root because being root is
dangerous. Or slamming whatever CPAN module(s), if used by someone
to build a non-RFC-compliant smtp daemon.


-- 
--------------------------------------------------------
Dave Lugo   dlugo@???    LC Unit #260   TINLC
Have you hugged your firewall today?   No spam, thanks.
--------------------------------------------------------
Are you the police?  . . . .  No ma'am, we're sysadmins.