Re: EXPN return codes still broken

[Eugene Crosser <crosser@online.ru>]

On 04-Nov-99 at 23:07, Matti Aarnio (mea@nic.funet.fi) wrote:

> > I am using VRFY when creating a new customer ID to check if the new name
> > matches some exisiting alias ot mailing list.  In that case, the user
> > should not be created.  With the current behavior, there is no way to
> > check if a specific mailing address exists.  (Other question is that
> > VRFY may be used to obtain list of valid users on a system; it would
> > be good if access to the command could be restricted by IP address or
> > whatever...)
> 
>   Err... I would much rather use the backend databases directly at
>   the customer id generation -- router does interrogate the same
>   place (at least in my environment - in sort of LDAP wrapper), so
>   why to use VRFY ?

The matter of not intermixing layers.  I cannot check *all* backend
sources.  If there is an alias in /etc/zmailer/aliases or a file
in the "lists" directory it's hard to know from *another* machine
(WWW server where the users are created).  While EXPN is supposed
to provide authoritative answer.

>   Our current way to controlling who can do EXPN or VRFY is by what they
>   give to  EHLO (or HELO) as a parameter.  The 'e' and 'v' letters at
>   the lines at the end of the   smtpserver.conf  file.
> 
>   So it is a sort of 'give magic word, and you get EXPN and VRFY' type
>   of access control.  Not so great, but better than nothing..

Yup, it's a nice idea, thanks!  That'll do for me.

Eugene