Author: Robert Millan Date: To: exim-users Subject: Re: [exim] 551 User not local; please try <forward-path>
On Sat, Jun 17, 2006 at 08:32:42PM +0200, Magnus Holmgren wrote: > >
> > I tried using the exim scripting language for ~/.forward, and crafted this:
> >
> > # Exim filter
> > fail "551: User not local; please try <forward-path>"
> > finish
> >
> > However, this generates an MDN which is not really what I want. If I
> > understood correctly, ~/.forward parsing happens before delivery, so we're
> > still in time to send this 551 code to the originator MTA.
>
> ~/.forward is normally not evaluated before the actual delivery; in the
> default configuration no_verify is set on the userforward router because Exim
> runs as its own user when processing the ACLs and therefore can't count on
> having access to individual users' files. You can change that of course.
It seems it needs a bit more than access to the files:
2006-06-17 21:33:04 unable to set gid=1001 or uid=1001 (euid=102): userforward router (recipient is xxx@yyy)
The ~/.forward files are world-readable, so why does it attempt setgid/setuid?
Can we still avoid running exim as root?
> > Is there any way to generate the 551 code I need?
>
> Unfortunately you can't tell Exim to return arbitrary status codes yet. It's
> entry 311 on the Exim 4 wishlist.
That sounds simpler. If I sort out the rest, I guess I could send a patch for
it.