Bug#267708: verify sender should be after the header checks in the 30_exim4-config_check_rcpt acl file

Mike Fedyk Mike Fedyk <mfedyk@matchmail.com>, 267708@bugs.debian.org
Mon, 23 Aug 2004 18:11:07 -0700 

Package: exim4
Version: 4.34-4
Severity: minor
Tags: patch

Why hit the remote server if the headers could be bad before?

This is just a move to lower in the file, no modifications to the lines.

--- 30_exim4-config_check_rcpt~	2004-08-23 16:30:25.000000000 -0700
+++ 30_exim4-config_check_rcpt	2004-08-23 18:05:29.000000000 -0700
@@ -51,15 +51,6 @@
   accept local_parts = postmaster
          domains = +local_domains
 
-  # Deny unless the sender address can be verified.
-  #
-  # This is disabled by default so that DNSless systems don't break. If
-  # your system can do DNS lookups without delay or cost, you might want
-  # to enable the following line.
-   deny message = Sender verification failed
-        !acl = acl_whitelist_local_deny
-        !verify = sender
-
   # Warn if the sender host does not have valid reverse DNS.
   # 
   # This is disabled by default so that DNSless systems don't break. If
@@ -95,6 +86,15 @@
                              {CONFDIR/local_host_blacklist}\
                              {}}
 
+  # Deny unless the sender address can be verified.
+  #
+  # This is disabled by default so that DNSless systems don't break. If
+  # your system can do DNS lookups without delay or cost, you might want
+  # to enable the following line.
+   deny message = Sender verification failed
+        !acl = acl_whitelist_local_deny
+        !verify = sender
+
 
   #############################################################################
   # There are no checks on DNS "black" lists because the domains that contain


-- Package-specific info:
Exim version 4.34 #1 built 27-Jul-2004 18:06:50
Copyright (c) University of Cambridge 2004
Berkeley DB: Sleepycat Software: Berkeley DB 3.2.9: (May 26, 2004)
Support for: iconv() IPv6 GnuTLS
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Configuration file is /var/lib/exim4/config.autogenerated

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (7221, 'testing'), (711, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.7-1-686
Locale: LANG=C, LC_CTYPE=C

Versions of packages exim4 depends on:
ii  exim4-base                    4.34-4     EXperimental Internal Mailer -- a 
ii  exim4-daemon-light            4.34-4     Lightweight version of the Exim (v

-- no debconf information