Bug#376459: exim4-config: issues with ACL documentation

Ross Boylan RossBoylan at stanfordalumni.org
Mon Jul 3 05:18:55 UTC 2006 

Package: exim4-config
Version: 4.62-2
Severity: minor

The recent cleanup of the documentation seems to have left some loose ends.

1. acl/20_exim4-config_whitelist_local_deny includes
# Whitelisting can also be configured by including negative items in the
# black list. See /usr/share/doc/exim4-config/default_acl for details.
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The indicatedfile doesn't exist; I think it was merged into
README.Debian, though I don't see stuff in there that bears directly
on this issue there now.

2. README.Debian section 2.1.2 (on ACLs) says
   The access list file also contains quite a few configuration options
   that are too restrictive to be active by default on a real-life site.
It is unclear, at least to me, what file the "access list file" refers
to.  My guess is it means either all the acl files or the check_rcpt
one.

3. It might be helpful for README.Debian to mention the possibility of
customizing the ACLs via, e.g., CHECK_RCPT_LOCAL_ACL_FILE.  And/or
something about this could go in the exim4-config_files man page,
though that's tricky since the user makes up the file name and
location.

4. There is an oddity in the exim4-config_files man page when viewed
with tkman.  man in terminal looks OK.  In case there is something on
the page that is inspiring this weird behavior, I'm reporting it.

Here's what I see when I expand the subitem under "description"
--------------------------------------------------
/etc/exim4/local_host_blacklist
	  is  an  optional  file  containing a list of IP addresses, networks and
	  host names whose  messages  will  be  denied  with  the  error  message
	  "locally  blacklisted". This is a full exim 4 host list, and all avail-
	  able features can be used. This includes negative items, and so  it  is
	  possible  to exclude addresses from being blacklisted. For convenience,
	  as an additional method to whitelist addresses from being  blocked,  an
	  explicit  whitelist  is  read  in from /etc/exim4/local_host_whitelist.
	  Entries in the whitelist override corresponding blacklist entries.

	  In the blacklist, the trick is to read a line break as "or" if it  fol-
	  lows a positive item, and as "and" if it follows a negative item.

	  For example, a /etc/exim4/local_host_blacklist

	  192.168.10.0/24
	  !172.16.10.128/26
	  172.16.10.0/24
	  10.0.0.0/8

	  Exim  just evaluates left to right (or up-down in the file listing con-
	  text), so you don't get the same kind of operator binding as in a  pro-
	  gramming language.
XXXXXX
	  will  be   accepted   despite   the   address   is   also   listed   in
	  /etc/exim4/local_host_blacklist, overriding a blacklisting.


/etc/exim4/local_sender_blacklist
	  is  an  optional files containing a list of envelope senders whose mes-
---------------------------------------------------------
The section with XXX has missing material on local_host_whitelist.
If I hit enter (which tells tkman to expand and move on) the missing
text reappears.

I may be misunderstanding tkman, or it may be strictly a tkman bug.
But if there's a way to prevent it from the man page itself, that
would be a plus.

-- Package-specific info:
Exim version 4.62 #1 built 02-May-2006 11:54:25
Copyright (c) University of Cambridge 2006
Berkeley DB: Sleepycat Software: Berkeley DB 4.3.29: (September  6, 2005)
Support for: crypteq iconv() IPv6 PAM Perl GnuTLS move_frozen_messages Content_Scanning Old_Demime
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql
Authenticators: cram_md5 cyrus_sasl plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Configuration file is /var/lib/exim4/config.autogenerated

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (990, 'testing'), (990, 'stable'), (50, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.4.27advncdfs
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages exim4-config depends on:
ii  adduser                       3.87       Add and remove users and groups
ii  debconf [debconf-2.0]         1.5.2      Debian configuration management sy

exim4-config recommends no packages.

-- debconf information excluded

More information about the Pkg-exim4-maintainers mailing list