On Wed, Jul 27, 2005 at 08:18:36PM +0100, Tony Finch wrote: > protocol violation. I'm currently playing around with a patch that will > allow you to configure strict syntax checking of MAIL and RCPT commands, > the original reason being to forbid the use of space between : and <, but > adding a check for non-ascii characters would seem sensible too.
Just had an idea, although maybe it is what you are doing anyway (sorry, haven't checked, maybe this is already in Exim, but I don't think so). Why not just put the data sent to exim in a variable, say $smtp_data, just before each ACL is called. For example, in the HELO ACL $smtp_data would contain something like "HELO mail.server.example" and in a RCPT ACL it would contain "RCPT TO:<[EMAIL PROTECTED]>". In the DATA ACL it would contain just "DATA". This would allow all sorts of checks to be made on the actual data that is sent. There should possibly be a maximum length of this variable, say 1k, to stop any abuse (exim may already have a maximum size of command allowed to be sent anyway, I guess). Matthew -- Matthew Newton <[EMAIL PROTECTED]> UNIX and e-mail Systems Administrator, Network Support Section, Computer Centre, University of Leicester, Leicester LE1 7RH, United Kingdom -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
