A recent message described what I think is a bug, but fixing it may be incompatible, so I'm asking for opinions.
Suppose a host has two IP interfaces, call them A and B. The Exim configuration sets up smtp_active_hostname so that a different host name is used for the different interfaces when an incoming message arrives. So far, so good. The host can pretend to be two different hosts. Suppose a message arrives on interface A. The responses to the client are given using "hostnameA" which is now in smtp_active_hostname. But what happens if the ACL verification requires a callout? The current callout code fishes out the interface and port number from the relevant smtp transport. Let's suppose that for the address being verified, the smtp transport is configured to use interface B, so the callout goes out on that interface. However, and here's the bug, the callout code uses the value of smtp_active_hostname in the HELO command for the callout transaction. In this situation, this is the name for the wrong interface. Exim should be using the value of the helo_data option from the smtp transport, as it would when sending a message. The current action is documented, but I can't find anything in the ChangeLog about this, though I seem to have a vague memory of some discussion in the past. I think this should be fixed. The smtp_active_hostname value should be used only on incoming connections, and should not affect outgoing ones. But this is an incompatible change, so it may cause problems for some people. Views? -- Philip Hazel University of Cambridge Computing Service Get the Exim 4 book: http://www.uit.co.uk/exim-book -- ## List details at http://www.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
