Caution: re-ordered paragraphs for emphasis of what I meant. Richard, we
agree! I just want to point out a nonsense behavior of the
exim/libspf2.a implementation of SPF.
> There are other acl conditions you can use to enforce the....
Yes, I said this in my first post: In my box a mail from a local user
does not need to be checked against SPF, a forged sender is detected and
rejected by local knowledge, loooong before my rules need to check any
external service.
The string "localhost is always allowed." can be found in libspf2.a
So this is wanted by exim! I did not check what SPF specs say about it,
but this would mean, my local users CAN forge sender addresses?! Does
this make sense?!
What I meant is: /according to ligspf2.a implemenatation/ local users
/are allowed/ to spoof their sender address, which does NOT make sense.
This is the flaw I want to point at...
In practice it does not bother me at all. It is just my academical way
to have things right, even if I don't use them.
Hardy
--
If God Meant Us to Vote, He Would Have Given Us Candidates.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
