Exim and driver=localuser

To: debian-user@lists.debian.org
Subject: Exim and driver=localuser
From: Bill Moseley <moseley@hank.org>
Date: Mon, 18 Apr 2005 12:38:45 -0700
Message-id: <[🔎] 20050418193845.GB28792@hank.org>
Mail-followup-to: Bill Moseley <moseley@hank.org>, debian-user@lists.debian.org

Unless I'm mistaken, the default Debian exim config allows for local
delivery to users based on the /etc/passwd file:

(for exim3)

    # This director matches local user mailboxes.

    localuser:
      driver = localuser
      transport = local_delivery

(and for exim4)

    local_user:
      debug_print = "R: local_user for $local_part@$domain"
      driver = accept
      check_local_user
      local_parts = ! root
      transport = LOCAL_DELIVERY



What that means is mail can get delivered to users like "bind" and
"games" because they are listed in /etc/passwd.  AFAIK, those should
never get mail, so should be rejected.

What I'm seeing is /var/mail/{bind,games,sshd} getting filled up with
spam bounces (spam is being sent using these user names).  And if, by
chance, the target of the spam does sender validation (asking my
machine is "games" is a real user) the mail will be considered from a
real user.

So, I'm wondering what others do to take steps to prevent usage of
these common names in /etc/passwd as valid mail addresses.

I'm also wondering if the default Debian config should prevent this in
some way.

I also wonder if all the entries in the default /etc/passwd are
needed.  Do I really need user "uucp"?


-- 
Bill Moseley
moseley@hank.org

Reply to:

Follow-Ups:
- Re: Exim and driver=localuser
  - From: Alan Chandler <alan@chandlerfamily.org.uk>

Prev by Date: clock slows down under load
Next by Date: Re: ALSA -sound
Previous by thread: clock slows down under load
Next by thread: Re: Exim and driver=localuser
Index(es):
- Date
- Thread