Hardy <bulk@???> (Mi 27 Sep 2017 15:15:11 CEST):
> Caution: re-ordered paragraphs for emphasis of what I meant. Richard, we
> agree! I just want to point out a nonsense behavior of the exim/libspf2.a
> implementation of SPF.
And I'd like to point out, that's not failure of Exim but of libspf2 (if
this is a failure at all).
> > > but this would mean, my local users CAN forge sender addresses?! Does
> > > this make sense?!
>
> What I meant is: /according to ligspf2.a implemenatation/ local users /are
> allowed/ to spoof their sender address, which does NOT make sense. This is
> the flaw I want to point at...
Ok. Agreed. Local users, if they are allowed to use SMTP on 127.0.0.1.
> In practice it does not bother me at all. It is just my academical way to
> have things right, even if I don't use them.
Agreed :)
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
