[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: EXPN return codes still broken
On 04-Nov-99 at 23:07, Matti Aarnio (mea@nic.funet.fi) wrote:
> > I am using VRFY when creating a new customer ID to check if the new name
> > matches some exisiting alias ot mailing list. In that case, the user
> > should not be created. With the current behavior, there is no way to
> > check if a specific mailing address exists. (Other question is that
> > VRFY may be used to obtain list of valid users on a system; it would
> > be good if access to the command could be restricted by IP address or
> > whatever...)
>
> Err... I would much rather use the backend databases directly at
> the customer id generation -- router does interrogate the same
> place (at least in my environment - in sort of LDAP wrapper), so
> why to use VRFY ?
The matter of not intermixing layers. I cannot check *all* backend
sources. If there is an alias in /etc/zmailer/aliases or a file
in the "lists" directory it's hard to know from *another* machine
(WWW server where the users are created). While EXPN is supposed
to provide authoritative answer.
> Our current way to controlling who can do EXPN or VRFY is by what they
> give to EHLO (or HELO) as a parameter. The 'e' and 'v' letters at
> the lines at the end of the smtpserver.conf file.
>
> So it is a sort of 'give magic word, and you get EXPN and VRFY' type
> of access control. Not so great, but better than nothing..
Yup, it's a nice idea, thanks! That'll do for me.
Eugene