Regid Ichira
2012-Aug-19 23:30 UTC
[Pkg-exim4-users] Does /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt have redundant lines?
$ sed -n ''178,180p''
/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt
require
message = relay not permitted
domains = +local_domains : +relay_to_domains
$ sed -n ''185,186p''
/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt
require
verify = recipient
$ sed -n ''349,352p''
/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt
accept
domains = +relay_to_domains
endpass
verify = recipient
Other then not having to change a config file, can''t lines 349,352
of /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt be simply
dropped? I mean, the work they do is also done on previous lines.
Marc Haber
2012-Aug-20 09:44 UTC
[Pkg-exim4-users] Does /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt have redundant lines?
On Sun, Aug 19, 2012 at 04:30:03PM -0700, Regid Ichira wrote:> $ sed -n ''178,180p'' /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt > require > message = relay not permitted > domains = +local_domains : +relay_to_domains > $ sed -n ''185,186p'' /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt > require > verify = recipient > $ sed -n ''349,352p'' /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt > accept > domains = +relay_to_domains > endpass > verify = recipient > > > Other then not having to change a config file, can''t lines 349,352 > of /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt be simply > dropped?Why do you think so? Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 31958061 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062
Regid Ichira
2012-Aug-20 20:23 UTC
[Pkg-exim4-users] Does /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt have redundant lines?
--- On Mon, 8/20/12, Marc Haber wrote:> On Sun, Aug 19, 2012 at 04:30:03PM > -0700, Regid Ichira wrote: > >? ???$ sed -n ''178,180p'' > /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt > >? ? ???require > >? ? ? ???message = relay > not permitted > >? ? ? ???domains > +local_domains : +relay_to_domains > >? ???$ sed -n ''185,186p'' > /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt > >? ? ???require > >? ? ? ???verify > recipient > >? ???$ sed -n ''349,352p'' > /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt > >? ? ???accept > >? ? ? ???domains > +relay_to_domains > >? ? ? ???endpass > >? ? ? ???verify > recipient > > > > > >???Other then not having to change a > config file, can''t lines 349,352 > > of /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt be > simply > > dropped? > > Why do you think so? >A domain that is not +local_domains : +relay_to_domains won''t pass the requirement on line 178. In particular, it won''t get to line 349. Any recipient, which can not be verified, won''t pass the requirement on line 185. In particular, such a recipient won''t get to line 349. The acl after the accept on line 349 is an unconditional accept. I can''t see an address that won''t be accepted without the acl on line 349 accepting it. I also can''t see a relay_to_domains address which, despite the fact that it can not be verified, manged to get through to line 352. Therefore, I can''t see an address for which its end result will be different, had the acl on lines 349,352 will be erased.
Marc Haber
2012-Aug-21 08:48 UTC
[Pkg-exim4-users] Does /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt have redundant lines?
On Mon, Aug 20, 2012 at 01:23:20PM -0700, Regid Ichira wrote:> A domain that is not > +local_domains : +relay_to_domains > won''t pass the requirement on line 178. In particular, it won''t get to > line 349. Any recipient, which can not be verified, won''t pass the > requirement on line 185. In particular, such a recipient won''t get to > line 349.As long as the upper ACL lines are left in place by the local admin. Even if the local admin removes the unconditional verification, it is still important to have local addresses verified to be able to reject those undeliverable mails at SMTP time.> The acl after the accept on line 349 is an unconditional accept.Yes, but unverifiable local addresses are going to be rejected before by the ACL stanza you want removed.> I can''t see an address that won''t be accepted without the acl on > line 349 accepting it.Please note that line 349 will reject unverifiable addresses.> I also can''t see a relay_to_domains address which, despite the fact > that it can not be verified, manged to get through to line 352. > Therefore, I can''t see an address for which its end result will be > different, had the acl on lines 349,352 will be erased.The lines are indeed superfluous in the default config, but are there as a safety measure in case of local modifications to the ACL. This may be for historical reasons, but changing it now does not affect functionality, and forces all users to go through a dpkg-conffile changed dialog. I''d rather avoid that. Greetings MArc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 31958061 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062