moved from the users mailing list,
On 2015-12-09, Jeremy Harris <[email protected]> wrote:
> On 09/12/15 20:30, Jasen Betts wrote:
>> I have an unseen redirect router, it's producing DSN responses,
>> the sender also gets the DSN from the main delivery.
>> is that intentional?
>>
>> DSN response eg:
>>
>> <[email protected]> (relayed via non "Remote SMTP" router)
>> [...]
>> Action: delivered
>> Final-Recipient: rfc822;[email protected]
>> Status: 2.0.0
>> Diagnostic-Code: X-Exim; relayed via non SMTP router
>
> Could be easily argued it's a bug, I'd say... but the
> semantics of "unseen" are not specified all that tightly.
> I don't think we currently say either way.
I'm working on a patch to block this, I'm using an unseen router to
snoop on user's activity (mainly to detect bad actors), so I want to
keep this nefarious activity isolated from their internal processes.
both to avoid embarassment and to supress false positives.
Also on a patch to allow conficuration of the success message (like the
fail and delay messages) mainly so I can push data into the headers
for use in the not_smtp ACL.
I found this:
delivery.c contains this canned response. which goes into the DSN
duccess message.
Diagnostic-Code: smtp; 250 Ok\n
As I understand it Dignotiic-Code is not required in DSN success
messages, and this forged response seems less than ideal, especially
when the real SMTP respnse can be found in addr->message (I think)
Is this an oversight, stub code, or is there a privacy issue here?
--
\_(ツ)_
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim
details at http://www.exim.org/ ##
