Re: *panic* Open relay question..?

From: Ralf Hildebrandt (no email)
Date: Mon Apr 01 2002 - 15:26:11 EST

• Next message: Wietse Venema: "Re: Postfix error checking (Was *panic* Open relay ...)"
• Previous message: Yanek Korff: "verbosity request - or should I use the source?"
• In reply to: (no email): "RE: *panic* Open relay question..?"
• Next in thread: Ralf Hildebrandt: "Re: *panic* Open relay question..?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Mon, Apr 01, 2002 at 12:56:45PM -0500, wrote:

> Returning OK in "check_sender_access" prior to checking relay
> access makes your host an open relay, because the envelope sender is
> easily forged.

Yep.
 
> I am contemplating a patch to Postfix that would ignore OK results
> based on forgeable information (helo or sender) in the recipient
> restrictions unless it occurs after reject_unauth_destination.

This sounds like a good idea.

-- 
Ralf Hildebrandt (Im Auftrag des Referat V A)   
Charite Campus Virchow-Klinikum                 Tel.  +49 (0)30-450 570-155
Referat V A - Kommunikationsnetze -             Fax.  +49 (0)30-450 570-916
It used to be said [...] that AIX looks like one space alien
discovered Unix, and described it to another different space alien who
then implemented AIX. But their universal translators were broken and
they'd had to gesture a lot. 
-
To unsubscribe, send mail to  with content
(not subject): unsubscribe postfix-users

• Next message: Wietse Venema: "Re: Postfix error checking (Was *panic* Open relay ...)"
• Previous message: Yanek Korff: "verbosity request - or should I use the source?"
• In reply to: (no email): "RE: *panic* Open relay question..?"
• Next in thread: Ralf Hildebrandt: "Re: *panic* Open relay question..?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]