On Sun, Mar 10, 2024 at 07:53:40PM +, Julian Bradfield via Exim-users wrote:
> Of course, there is still the question as to why any form of source
> routing should be enabled in a default configuration of anything,
> given its almost total obsoleteness.
> (I could imagine source routing being
On 2024-03-10, Viktor Dukhovni via Exim-users wrote:
>> https://www.postfix.org/postconf.5.html#allow_untrusted_routing
>
> You missed an important qualifier "from untrusted clients", if the
> forwarded messages is from a peer system listed in $mynetworks, then
> the message will be (source) route
On Sun, Mar 10, 2024 at 09:49:14AM +, Julian Bradfield via Exim-users wrote:
> That would be a configuration problem for that site - not a reason to
> stop your users replying to perfectly valid addresses.
>
> > And by the way, by default Postfix still supports % and ! addresses:
> >
> >
On Sun, Mar 10, 2024 at 09:53:09AM +, Julian Bradfield via Exim-users wrote:
> > Simple: on multiuser systems you never know who got hacked, has
> > malicouse intents or uses faulty webapps. X
> On a multiuser system, anybody can pipe a message into exim, can't
> they?
Not necessarily, in pa
Dňa 10. marca 2024 14:36:16 UTC používateľ graeme vetterlein via Exim-users
napísal:
>So, taken together:
>
>1: Set /etc/mailname to "home"
>2: Set dc_other_hostnames=" ... home" and few similar names but NOT
>"mydomain.com"
>3: Set dc_readhost=mydomain.com and dc_hide_mailname=true
>
>So insid
I started to write up my issue, then thought I probably had the solution
already
(1: I may be wrong , 2: other people may have same issue)
TL;DR .. jump to ***
I've been struggling with various setups recently and it occurred to me
there's nothing really special in what I want to do, it's proba
On 10/03/2024 11:29, Slavko via Exim-users wrote:
from log one can see that from_domain & dkim_domain has value before
rewrite (received message has rewritten values).
That matches my code-diving. You can't use (transport) header manipulation
results in the transport's dkim-control options (bu
On 10/03/2024 08:51, Cyborg via Exim-users wrote:
@Jeremy:
Was that aimed at me? There is no "@" in my name.
Why aren't the extended restrictions for the "$run{}" attack the new defaults?
Because nobody thinks it useful enough?
(I suspect it was one of the attacks that led to the introd
Ahoj,
Dňa Sat, 9 Mar 2024 15:38:43 + Jeremy Harris via Exim-users
napísal:
> However, the text of the headers (and body) of the message used as
> input for the various hashes and signatures of the DKIM signing *is*
> the output of any transport filter (this adds significant coding and
I wil
On 2024-03-10, Cyborg via Exim-users wrote:
>> The last time I saw a % address was in 1995, and the last time I saw a
>> ! address was in 1994. (And of course, when I did see them, they had
>
> As may imagined: hackers do not care when it was used last. They care,
> if it triggers something they
On 2024-03-10, Cyborg via Exim-users wrote:
>> Firstly, I don't understand the logic of accepting any address from an
>> stdio submission, while applying the restriction to a localhost tcp
>> submission.
>
> Simple: on multiuser systems you never know who got hacked, has
> malicouse intents or us
On 2024-03-10, Viktor Dukhovni via Exim-users wrote:
> On Sat, Mar 09, 2024 at 09:26:39PM +, Julian Bradfield via Exim-users
> wrote:
> When Exim or any other MTA relays mail with "%" or "!" addresses to an
> internal MTA, that MTA might be configured to support legacy address
> syntax forms.
Am 09.03.24 um 22:26 schrieb Julian Bradfield via Exim-users:
Following an idle-moment post on mailop, I wonder:
From the default config:
---
acl_check_rcpt:
accept hosts = :
denydomains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
message = Restricte
13 matches
Mail list logo
