Hi, how is usually dealt with incoming messages that are addressed to <[email protected]>?
Debian has a system account named 'mail', and incoming messages cannot be delivered to this user (when using maildir) because it has no home directory. Also, I don't want to receive any mail for this account. To prevent exim from freezing such messages in the queue, I've set never_users = root:mail Now when exim sends a warning message to the sender of the incoming message after a delay, the message leaks the user ID of the 'mail' user. IIRC, 'exim -qf' may generate a warning message about the delay in delivery, and that message also leaks the user ID. I suppose this might be a general question about dealing with mail sent to system accounts. Leaking their user IDs may be a security risk. Maintaining some list to check for users to deny mail for separate from /etc/aliases and /etc/password isn't a good alternative because such a list can get out of date. Perhaps I should specify a minimum user ID and have all incoming mail to users with an ID lower than that be rejected unless there's a redirection in /etc/aliases? Or better, won't it be better that exim doesn't leak the user ID in the first place? What's common good behaviour here? -- Knowledge is volatile and fluid. Software is power. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
