[exim-dev] [Bug 1769] New: vrfy acl's and explicit 5xx deny

Page principale
Supprimer ce message
Répondre à ce message
Auteur: admin
Date:  
À: exim-dev
Sujet: [exim-dev] [Bug 1769] New: vrfy acl's and explicit 5xx deny
https://bugs.exim.org/show_bug.cgi?id=1769

            Bug ID: 1769
           Summary: vrfy acl's and explicit 5xx deny
           Product: Exim
           Version: 4.86
          Hardware: All
                OS: All
            Status: NEW
          Severity: bug
          Priority: medium
         Component: ACLs
          Assignee: jgh146exb@???
          Reporter: nkukard+eximbugs@???
                CC: exim-dev@???


The vrfy ACL does not allow the overriding of 2xx to anything other than 2xx.

Config (example only)
--
deny hosts = /etc/testhosts
        message = 500 Not local
--



Log output
--
13:47:04 767672 processing "deny"
13:47:04 767672 check hosts = /etc/testhosts
13:47:04 767672 host in "/etc/testhosts"? yes (matched "192.168.0.1" in
/etc/testhosts)
13:47:04 767672 message: 500 Not local
13:47:04 767672 deny: condition test succeeded in ACL "acl_smtp_vrfy"
13:47:04 767672 end of ACL "acl_smtp_vrfy": DENY
13:47:04 767672 LOG: MAIN PANIC
13:47:04 767672 configured error code starts with incorrect digit (expected
2) in "500 Not local"
13:47:04 767672 SMTP>> 252 Not local
252 Not local
--


While many may argue VRFY is not used, or don't use it or do not see a reason
for using it. This command is explicitly defined for this purpose. It can be a
very valid use case in the implementation of low overhead internal callouts
from frontend systems.

The fact that having an explicit deny cannot be overridden if one wants to
outright reject VRFY is a bug, this should at least be configurable if one
knows for a fact that the destination address is not deliverable, instead of
passing all the way down to the routers.

I am not disputing the use of 252, just making a reasonable remark that if one
is not happy with 2xx that 5xx should be allowed in the ACL section to outright
reject.

--
You are receiving this mail because:
You are on the CC list for the bug.