[exim-dev] [Bug 855] Sender-callout-Verification should use …

Top Page
Delete this message
Reply to this message
Author: Peter Bowyer
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 855] Sender-callout-Verification should use VRFY not RCPT TO
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=855

Peter Bowyer <peter@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |peter@???





--- Comment #7 from Peter Bowyer <peter@???> 2009-06-21 12:24:18 ---
(In reply to comment #3)
>
> However, because of the misuse of RCPT TO, in order to VRFY addresses, my IP is
> now listed on a DNSBL @ backscatter.org


Then stop mis-using it. Don't suggest the removal of a feature many find
useful.

Graeme's documentation suggestion in comment #4 seems sensible, however, to
avoid accidental mis-use. Note also that the default config does not (and never
has) enable sender callouts so new users have to deliberately turn it on and do
not need protecting.

Exim is a very stable system, and backwardly-incompatible changes must be
avoided. If you'd care to enter a suggestion to add access to 'VRFY' from the
ACLs in addition to the existing callout mechanism, further consideration would
likely be given. But the devs would probably need convincing as to how widely
it could be used given the widespread disabling of VRFY in the real world.

-1 for code change, +1 for doc change


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email