Mailing List Archive

https://bugs.exim.org/show_bug.cgi?id=2941

--- Comment #3 from ivanov17 <ivanov17@riseup.net> ---
Thank you for your explanation. I think there are some things which need to be
worked on.

First, it should be documented that Exim has options that don't allow string
expansions. When I read documentation, I think: well, I can use that solution.
But if I try to implement this, I see that it doesn't work. I think every
option that doesn't allow string expansions should have a corresponding
comment.

Second, if some Exim options don't have any security reasons for disabling
string expansion, it should be allowed. This will make Exim more flexible and
configurable.

Third, using environment variables may be safer in some scenarios than in
others. If I set deliver_drop_privilege to true, it reduces several kinds of
the risks. In this case, some actions prohibited in other cases could be
allowed.

Finally, it would be nice to have an official recommends to build Exim
container images. This recommendation can be described in a separate chapter of
the Exim documentation. There is also an interesting way that is used in 389
Directory Sever, because containerizing of LDAP server is not a trivial task.
They provide an official script for container images building as part of the
389DS distribution. It comes as a part of any 389DS package in the any Linux
distribution. I'll really appreciate if we would have something like that for
Exim.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

https://bugs.exim.org/show_bug.cgi?id=2941

--- Comment #4 from Jeremy Harris <jgh146exb@wizmail.org> ---
The documentation does show which options are expanded.

Expansion is implemented in individual cases by specific code for options
at specific places in the processing flow. Commonly this is an absolute
requirement because of the availability of information needed to perform
the expansion. It is not as simple as a list of ticks next to a list of
options.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

https://bugs.exim.org/show_bug.cgi?id=2941

--- Comment #5 from Heiko Schlittermann <hs@schlittermann.de> ---
I spent (very little) effort to dockerize Exim for use in my environment. This
is far from being complete.

Maybe it will help you, and even better, if we could join our efforts.
See https://gitea.schlittermann.de/heiko/exim-docker, which will be hosted on
the official Exim infrastructure eventually, if it is considered as something
we (the Exim maintainers) are willing to support.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##