From: Roger B.A. Klorese (no email)
Date: Thu Aug 01 2002 - 12:01:09 EDT
Wietse Venema wrote:
>Roger B.A. Klorese:
>
>
>>Wietse Venema wrote:
>>
>>
>>
>>>If domain2.com is a relay destination, then user%
>>>rewrites to user%. Postfix then searches
>>>for routing operators (@!%) to the left of the right-most @. This
>>>is unconditional of the allow_percent_hack setting. Relaying will
>>>not be permitted even if domain2.com is an authorized destination.
>>>
>>>
>>>
>>>
>>Isn't that really domain2.com's decision?
>>
>>
>
>That would be an unsafe default setting.
>
>
How so? If domain2.com is an open relay, it can be compromised in lots
of other ways. If domain2.com is not an open relay, it will do the
right thing, and will only listen to you in the first place if it's
willing to listen to you in the first place.
You have no guarantee that % is used as a routing character at
domain2.com; it could be a non-routing local character. For that
matter, you might be crossing a namespace and they might use domain1.com
as a private, non-routed namespace when it's encountered inbound at
their bastion.
You call it an "unsafe default." But you also say it's independent of
allow_percent_hack, so it's not a default, but a mandatory behavior.
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|