Hi !!
when a message is temporary rejected due to a failed mysql query
(i.e. when there are too many mysql connections) the 4xx error
returned to the client includes the whole mysql query, which can
reveal sensitive data to the remote party, maybe it will be better
to just return the mysql error without the query or to be able to
define a global error message to use in that circunstances.
That should be 'controllable' in your own settings.
Are you specifying a 'message =' or leaving it to the
defaults?
'message' is only used if the condition fails but not when it
defers, when it defers the 4xx messages says:
failed to expand "${lookup mysql {SELECT ...}": lookup of "SELECT ..."
gave DEFER: MYSQL connection failed: Too many connections
and in general any expand failure gives all the data to the remote
party revealing in that case the database structure (at least) and
in other cases it could also reveal other kind of sensitive data.
This is the only thing i really dislike from exim
--
Best regards ...
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail [EMAIL PROTECTED]
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
