Bug#307768: exim4: check_local_user should reject system users?

[Marc Sherman]

Marc Haber wrote:
> 
> To me, this looks like an issue which could be solved in a dedicated
> router which will fail e-mail addressed to system users. However,
> there might be packages that need their user to be able to receive mail.

Yeah, I thought of that, but I'm having trouble figuring out where to 
put it.  It needs to go before the first use of check_lcoal_user, but 
after 400_exim4-config_system_aliases, so that system users (such as 
root) aliased to normal users continue to work.  However, 
300_exim4-config_real_local uses check_local_user.

It seems to me that 300_exim4-config_real_local should be moved to 550 
(or perhaps move the contents directly into 
600_exim4-config_userforward, at the start of the file).  The real-* 
addresses only exist to serve the syntax-errors-to setting in the 
userforward router, so that seems like the right thing to do to me.  It 
means that real-* won't work for addresses aliased in the system aliases 
file, but IMO that's a _good_ thing.  For example, I don't want 
real-clamav@projectile.ca getting delivered to /var/lib/clamav/Maildir/, 
under any circumstances.

What do you think?

- Marc