David Woodhouse wrote: > On Mon, 2007-01-29 at 22:02 +0100, Magnus Holmgren wrote:
>
>> Damn, you're right. I didn't expect that. I mean, Exim provides many hacks to
>> deal with broken servers, so I can't see why mailfrom shouldn't be available
>> to those who know what they're doing.
>>
>
> Anyone who really knows what they're doing wouldn't be trying to set a
> non-empty MAIL FROM:<> on a sender callout. It's a denial of service
> attack waiting to happen.
>
> The correct response for the OP is to get the admin of the offending
> broken mail server to fix it. Failing that, exempt it from callouts.
>
> A person on this list has contacted me privately (I believe by mistake,
instead of exim-users, but because of that I say 'a person') and he
explained to me why it would be a mistake and therefore I decided to
drop the idea. Bottom line is that the results can be unpredictable
because of vary techniques to prevent spam/user-probing (I believe
fastmail.fm have such triggers as well?), DNS issues & etc.
As for the mailfrom however, I tried that before contacting the list and
it seems to apply only on header_sender and not on sender.
By the way, David, I found lots of your writings regarding Exim on the
web and I have to say those are more than just useful, so thanks.
