Bug#430157: "unknown user" inappropriate for general vague failure message

jidanni at jidanni.org jidanni at jidanni.org
Fri Jun 22 19:57:21 UTC 2007

Package: exim4-config
Version: 4.67-3

>> Also it seems a shame that exim says "User unknown" while the real
>> problem is logged only in mainlog. Please just say the more honest
>> "Not going to tell you what went wrong", instead of the dishonest
>> "User unknown"!
>> http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20040927/msg00199.html
>> http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20040927/msg00201.html

M> I do not see any connetion to this issue here. If you want to complain
M> about something unconnected, please open a dedicated bug report to
M> help tracking, otherwise please be more clear in what you consider the
M> issue here.

M> Generally, exim ACLs do have the log and message modifier to control
M> what's being logged and what's being returned to the other side of the
M> SMTP session, and in the absence of more clear instructions, exim is
M> intentionally vague to avoid disclosure of local filtering policy to a
M> malicious mail sender who might want to find out about the filtering
M> policy to circumvent it.

But "User unknown" is not intentionally vague, it is intentionally
misleading, intentionally wrong, intentionally broken.

"Administrative prohibition" would be fine.

You don't know how many people get sent on wild goose chases by the
incorrect "User unknown" response when all along it is because they
are sending from their e.g., hotmail account instead of their gmail
account, when hotmail is in some filter the administrator has set up.

If they send from their gmail account, the user magically becomes
"known" and the mail gets through.

"User unknown" says that "one has died and their account is gone, so
go find some new friends."

If instead one got the reply "Administrative prohibition", then at
least they might try contacting one via other means to tell one that
their email is broken.

So therefore one hope exim will not say, by default, "Unknown user",
for cases other than real "Unknown user". Say anything vague, fine,
but don't say just plain false things please.  Do no evil. Vague OK,
but no lying.

For real Unknown user cases, go ahead and also say Administrative
prohibition, fine, but please don't do visa versa.

More information about the Pkg-exim4-maintainers mailing list