On 11/08/2019 09:55, Frank Elsner via Exim-users wrote: > for alias processing the config contains > the RCPT ACL > > | warn domains = +local_domains > | set acl_m_rcpt = ${sg{${run{/usr/local/bin/lookup_alias > $local_part@$domain}}}{\\n}{}}
1) You may have a security problem. Think carefully about what an attacker could do with a crafted local_part. 2) You are overwriting acl_m_rcpt for every new recipient. The routing only happens after the message is accepted. In more general terms for this sort of problem, you could have tested using "-bh" and "-d". This makes the processing flow visible. It fits better in exim if you do the alias lookup in the routers. To enforce SMTP-time actions on problems such as your ERROR_NO_CONNECTION, use an ACL condition "verify = recipient"; that runs the routing to see if the address is acceptable. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/