https://bugs.exim.org/show_bug.cgi?id=1769
Bug ID: 1769
Summary: vrfy acl's and explicit 5xx deny
Product: Exim
Version: 4.86
Hardware: All
OS: All
Status: NEW
Severity: bug
Priority: medium
Component: ACLs
Assignee: jgh146exb@???
Reporter: nkukard+eximbugs@???
CC: exim-dev@???
The vrfy ACL does not allow the overriding of 2xx to anything other than 2xx.
Config (example only)
--
deny hosts = /etc/testhosts
message = 500 Not local
--
Log output
--
13:47:04 767672 processing "deny"
13:47:04 767672 check hosts = /etc/testhosts
13:47:04 767672 host in "/etc/testhosts"? yes (matched "192.168.0.1" in
/etc/testhosts)
13:47:04 767672 message: 500 Not local
13:47:04 767672 deny: condition test succeeded in ACL "acl_smtp_vrfy"
13:47:04 767672 end of ACL "acl_smtp_vrfy": DENY
13:47:04 767672 LOG: MAIN PANIC
13:47:04 767672 configured error code starts with incorrect digit (expected
2) in "500 Not local"
13:47:04 767672 SMTP>> 252 Not local
252 Not local
--
While many may argue VRFY is not used, or don't use it or do not see a reason
for using it. This command is explicitly defined for this purpose. It can be a
very valid use case in the implementation of low overhead internal callouts
from frontend systems.
The fact that having an explicit deny cannot be overridden if one wants to
outright reject VRFY is a bug, this should at least be configurable if one
knows for a fact that the destination address is not deliverable, instead of
passing all the way down to the routers.
I am not disputing the use of 252, just making a reasonable remark that if one
is not happy with 2xx that 5xx should be allowed in the ACL section to outright
reject.
--
You are receiving this mail because:
You are on the CC list for the bug.
