Eli wrote: >
> I have never tested the environment variables in any other ACL. It doesn't
> make sense to really use them in other ACLs, but you can - might even give
> you access to interesting things should you need it? Philips main concern
> with this is that you may accidentally give out sensitive data, which can
> happen if you're not careful, so watch out :) The patch *is* extremely
> handy though. It has been the only reason I have been able to catch every
> spammer on every one of my webservers through formmail type scripts.
> Without this, it wouldn't be possible given the setup I have (I allow From:
> rewriting).
Everything you're doing with these environment variables in the not-smtp
ACL can also be accomplished with the -D command line option.