> On Feb 22, 2021, at 12:23 PM, admin--- via Exim-dev <exim-dev@???> wrote:
>
> - Proper handling of the proxy address/port details, for logging
> - We should consider re-calling the connect ACL, after deciding to accept the
> XCLIENT command, to give the chance to re-evaluate connect-time decisions
> with the proxy-supplied info for the connection
I'd put it more strongly than *consider*, the purpose of XCLIENT is *specifically*
to reevaluate ACLs, so that the proxy acts on behalf of its upstream client. If
one merely wants an audit trail, that'd be the XFORWARD extension instead.
> - Ditto re-call the helo ACL, with the HELO attribute value
> - We could consider a dedicated ACL for the command, separate from the
> allowed-hosts list (still needed for advertise)
Yes, highly recommended. Giving all hosts allowed to relay the right to
impersonate other hosts is surely too liberal. Also make sure that the
the right to send XCLIENT again is not retained once the initial XCLIENT
command happens (or is at least reevaluated per the upstream IP address,
which would generally not have that right).
--
Viktor.
