I recently found this in an old exim config:
###########################################################################
# Deny if the local part contains @ or % or / or | or !. These are
# rarely found in genuine local parts, but are often tried by people
# looking to circumvent relaying restrictions.
# Also deny if the local part starts with a dot. Empty components aren't
# strictly legal in RFC 2822, but Exim allows them because this is
# common.
# However, actually starting with a dot may cause trouble if the local
# part is used as a file name (e.g. for a mailing list).
deny local_parts = ^.*[@!/|] : ^\\.
Is this config still relevant? I couldn't think of any way of how to
circumvent relaying restrictions by using special characters.
