[exim-dev] Fixing a bug: host name used in callout

Página Inicial
Delete this message
Reply to this message
Autor: Philip Hazel
Data:  
Para: exim-dev
Assunto: [exim-dev] Fixing a bug: host name used in callout
A recent message described what I think is a bug, but fixing it may be
incompatible, so I'm asking for opinions.

Suppose a host has two IP interfaces, call them A and B. The Exim
configuration sets up smtp_active_hostname so that a different host name
is used for the different interfaces when an incoming message arrives.
So far, so good. The host can pretend to be two different hosts.

Suppose a message arrives on interface A. The responses to the client
are given using "hostnameA" which is now in smtp_active_hostname. But
what happens if the ACL verification requires a callout? The current
callout code fishes out the interface and port number from the relevant
smtp transport. Let's suppose that for the address being verified, the
smtp transport is configured to use interface B, so the callout goes out
on that interface.

However, and here's the bug, the callout code uses the value of
smtp_active_hostname in the HELO command for the callout transaction.
In this situation, this is the name for the wrong interface. Exim should
be using the value of the helo_data option from the smtp transport, as
it would when sending a message.

The current action is documented, but I can't find anything in the
ChangeLog about this, though I seem to have a vague memory of some
discussion in the past.

I think this should be fixed. The smtp_active_hostname value should be
used only on incoming connections, and should not affect outgoing
ones. But this is an incompatible change, so it may cause problems for
some people.

Views?

-- 
Philip Hazel            University of Cambridge Computing Service
Get the Exim 4 book:    http://www.uit.co.uk/exim-book