Re: [exim-dev] callout message patches, bug #423

Pàgina inicial
Delete this message
Reply to this message
Autor: Simon Arlott
Data:  
A: exim-dev
Assumpte: Re: [exim-dev] callout message patches, bug #423
On 2020-05-01 10:03, Andrew C Aitchison via Exim-dev wrote:
> On Fri, 1 May 2020, Simon Arlott via Exim-dev wrote:
>> I'm still waiting for my patches for callout messages,
>> https://bugs.exim.org/show_bug.cgi?id=423 to be looked at.
>
> Assuming that the "gateway" smtp server has raised access to the
> call-forward host, what sort of internal information could be leaked
> or probed with this new feature ? Does this risk need to be documented
> ?


That is not the new feature. Exim already does that by default and it
can be configured to hide the detail.

The problem I have is that the information is not logged and is not
available in a variable so I can't include it with other messages.

I also can't handle the "defer" outcome in an ACL without losing the
automatic SMTP-level responses that Exim does have.

--
Simon Arlott