Re: [exim-dev] Interesting behaviour

Top Page
Delete this message
Reply to this message
Author: Warwick Brown
Date:  
To: Jeremy Harris, exim-dev@exim.org
Subject: Re: [exim-dev] Interesting behaviour
> -----Original Message-----
> From: Exim-dev [mailto:exim-dev-bounces+warwick=serco.com@exim.org]
> On Behalf Of Jeremy Harris
> Sent: 20 October 2015 21:11
> To: exim-dev@???
> Subject: Re: [exim-dev] Interesting behaviour
>
> On 19/10/15 23:47, Warwick Brown wrote:
> > Say, I am a relay for domain1.com, When you do a RCPT command, as
> follows:-
> >
> > RCPT TO: @domain2.com:user@???
>
> That looks like you're trying to use explicitly routed addresses.
> They went out with the ark. Exim does not handle them.
> --
> Cheers,
> Jeremy
>
>


Hi Jeremy,

Pen-testers still test to see if legacy routed addresses are supported due to the dross of legacy still out there.
I agree with your reasoning as to routed addresses being obsolete, and that is why I still use the restricted characters ACL to ensure they are not accepted.
But, the issue I see is that the invalid input is silently discarded with no notice of when or why.
The ":" character is in my restricted characters ACL, however in the special-case where the user-part is null, the restricted characters ACL does not seem to kick in.
I am satisfied that exim fails safe, but still think it's worth a look-in to why it silently discards parts of its input data - if this is by design, then fine, but if it is an unintended consequence, then it is to me a little more concerning.

Thanks and regards,

Warwick