On Mon, Jul 24, 2006 at 02:20:10PM +0100, Philip Hazel wrote: >
> I don't personally think it's possible, due to the way Exim is designed.
> Certainly not without major re-design and lots of work.
Ok. Let's try another approach. I've noticed that, if we ignore how the
message got into our mail queue, the following situations are almost the same:
- We're a forwarder, smtp'ing to the next hop after we parsed ~/.forward.
- We're a sender, smtp'ing to the next hop after we got a 551.
Can we handle #2 the same way #1 is?
Then the privilege separation issues you mentioned before would be sorted out
the same way they're in forwarding, which I suppose is by generating a new
envelope from the unprivileged process.
> Final thought: How to check against loops?
We could add an X-Redirect header, much like X-Forward.
Does this make sense?
--
Robert Millan
My spam trap is honeypot@???. Note: this address is only intended for
spam harvesters. Writing to it will get you added to my black list.