Re: [Savannah-hackers] Re: exim configuration

[Guillaume Morin]

Dans un message du 30 avr à 12:08, Joel N. Weber II écrivait :
>    trusted_groups = 
> mifluz:webmifluz:savannah:websavannah:libtool:weblibtool:autoconf:webautoconf:hurd:webhurd:gnue:inetutils:mailutils:dejagnu:cons:www
> 
>    But, for an unknown it did not work. Josip was still getting bounces
>    althought he is in the www group.
> 
> Have you tried anything else to isolate the problem?

Yes, I've tried during a couple of hours last night with Josip. I had
made a test script which worked. But for some reason, sending with
log_accum failed. 

>    untrusted_set_sender = true
>    (which is not very good)
> 
> Why do you think this is not a good idea?  You can forge mail quite
> convincingly by opening a tcp connection directly rather than sending
> mail through exim, regardless of the trusted_users settings, and I
> don't think trusted_users has any effects other than setting the
> envelope from.

afaik The point of sender is to implement a way to check the real
sender. This option allows people to forge mail. It is not that bad on
savannah, since most users send mail via log_accum.


-- 
Guillaume Morin <address@hidden>

          5 years from now everyone will be running free GNU on their
           200 MIPS, 64M SPARCstation-5 (Andy Tanenbaum, 30 Jan 1992)