Philip Hazel wrote:
> It's the sysadmin who creates the string expansions and presumably
> controls the contents of lookups. Or am I misunderstanding what you are
> saying?
I'm not sure --- Exim offers so much flexibility that an admin setting
these things up may either be unaware of possible security issues or may
wish he had better means of setting limits that allow what he wants to
do and at the same time keep things safe.
It's hard to explain ... If I wanted to set up a kind of default
filtering for mail from within the configuration of Exim, like
delivering SPAM mails to designated folders, I would have to spent
thought on the creation of such folders. I would find out that Exim can
create the folders and try to choose a way that appears safe enough to me.
That's fine for environments that don't need much complexity, but when I
imagine more complex setups that maybe do different types of filtering,
using lookups in SQL databases, with database content that can be
administered by others, the story can take on such a great complexity
that it becomes very hard to make it failsafe. That would make we wish I
had good control on the creation of directories ...
But I can be totally off because such a situation may be unlikely to
occur, or there may already be sufficient control.