ph10 2005/10/11 14:50:48 BST
Modified files:
exim-doc/doc-txt ChangeLog
exim-src/src configure.default
Log:
Add control=submission to relay_from_hosts and authenticated checks in
the default configuration.
Revision Changes Path
1.247 +8 -3 exim/exim-doc/doc-txt/ChangeLog
1.5 +21 -9 exim/exim-src/src/configure.default
Index: ChangeLog
===================================================================
RCS file: /home/cvs/exim/exim-doc/doc-txt/ChangeLog,v
retrieving revision 1.246
retrieving revision 1.247
diff -u -r1.246 -r1.247
--- ChangeLog 11 Oct 2005 09:30:41 -0000 1.246
+++ ChangeLog 11 Oct 2005 13:50:48 -0000 1.247
@@ -1,4 +1,4 @@
-$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.246 2005/10/11 09:30:41 ph10 Exp $
+$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.247 2005/10/11 13:50:48 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
@@ -6,9 +6,14 @@
Exim version 4.60
-----------------
-PH/01 In the default runtime configuration, move the checks for
- relay_from_hosts and authenticated clients from after to before the
- (commented out) DNS black list checks.
+PH/01 Two changes to the default runtime configuration:
+
+ (1) Move the checks for relay_from_hosts and authenticated clients from
+ after to before the (commented out) DNS black list checks.
+
+ (2) Add control=submission to the relay_from_hosts and authenticated
+ clients checks, on the grounds that messages accepted by these
+ statements are most likely to be submissions.
Exim version 4.54
Index: configure.default
===================================================================
RCS file: /home/cvs/exim/exim-src/src/configure.default,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- configure.default 11 Oct 2005 09:30:41 -0000 1.4
+++ configure.default 11 Oct 2005 13:50:48 -0000 1.5
@@ -1,4 +1,4 @@
-# $Cambridge: exim/exim-src/src/configure.default,v 1.4 2005/10/11 09:30:41 ph10 Exp $
+# $Cambridge: exim/exim-src/src/configure.default,v 1.5 2005/10/11 13:50:48 ph10 Exp $
######################################################################
# Runtime configuration file for Exim #
@@ -311,22 +311,34 @@
require verify = sender
# Accept if the message comes from one of the hosts for which we are an
- # outgoing relay. Recipient verification is omitted here, because in many
- # cases the clients are dumb MUAs that don't cope well with SMTP error
- # responses. If you are actually relaying out from MTAs, you should probably
- # add recipient verification here. Note that, by putting this test before
- # any DNS black list checks, you will always accept from these hosts, even
- # if they end up on a black list. The assumption is that they are your
- # friends, and if they get onto a black list, it is a mistake.
+ # outgoing relay. It is assumed that such hosts are most likely to be MUAs,
+ # so we set control=submission to make Exim treat the message as a
+ # submission. It will fix up various errors in the message, for example, the
+ # lack of a Date: header line. If you are actually relaying out out from
+ # MTAs, you may want to disable this. If you are handling both relaying from
+ # MTAs and submissions from MUAs you should probably split them into two
+ # lists, and handle them differently.
+
+ # Recipient verification is omitted here, because in many cases the clients
+ # are dumb MUAs that don't cope well with SMTP error responses. If you are
+ # actually relaying out from MTAs, you should probably add recipient
+ # verification here.
+
+ # Note that, by putting this test before any DNS black list checks, you will
+ # always accept from these hosts, even if they end up on a black list. The
+ # assumption is that they are your friends, and if they get onto a black
+ # list, it is a mistake.
accept hosts = +relay_from_hosts
+ control = submission
# Accept if the message arrived over an authenticated connection, from
# any host. Again, these messages are usually from MUAs, so recipient
- # verification is omitted. And again, we do this check before any black list
- # tests.
+ # verification is omitted, and submission mode is set. And again, we do this
+ # check before any black list tests.
accept authenticated = *
+ control = submission
#############################################################################
# There are no default checks on DNS black lists because the domains that
