On Fri, 17 Jun 2005, Dave Lugo wrote: > On Fri, 17 Jun 2005, Greg A. Woods wrote: > > > > That said though, if the really big culprit here is only cPanel then > > they deserve even more ire, fire, and flame, but correcting the fault in > > Exim that makes this so easy would still help force them to at least see > > the error of their ways. > > The only 'fault' exim has is a rich ACL language that allows someone > to do: > > deny senders = :
Exim does not provide many high-level facilities. It provides a lot of low-level things that people can combine in whatever way they want. In particular, it provides: (1) Is the sender of this message X? (X can be "the empty string") (2) Deny this message As has been pointed out, there are plenty of examples of legitimate cases where you want to do things like If the sender is the empty string AND the recipient is Y THEN deny this message because, for instance, Y never sends messages. Clearly it would be neutering Exim to uselessness if the "deny" feature were disabled. Forbidding the test for an empty sender would also take away a huge amount of legitimate functionality. Locking out the particular case "Deny unconditionally if the sender is the empty string, without checking any other conditions" would be tedious to implement because it crosses different levels of the code. And besides, it would easily be circumvented by coding (for example) "Deny if the sender is the empty string and X=X." So there is no point in even considering it. Not that I would anyway, to be honest. Pretty well all tools can be used in both good and bad ways. Those of us who make tools have to live with that. -- Philip Hazel University of Cambridge Computing Service, [EMAIL PROTECTED] Cambridge, England. Phone: +44 1223 334714. Get the Exim 4 book: http://www.uit.co.uk/exim-book -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
