Date: Mon, 04 Jan 2010 14:33:41 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Peter Ulrich Kruppa <ulrich@pukruppa.net> Cc: FreeBsd-Questions <freebsd-questions@freebsd.org> Subject: Re: sendmail: open-relay Message-ID: <4B41FC45.8030207@infracaninophile.co.uk> In-Reply-To: <1262613595.9547.28.camel@pukruppa.net> References: <1262613595.9547.28.camel@pukruppa.net>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --]
Peter Ulrich Kruppa wrote:
> BTW. I have read somewhere, there might be problems with hostnames like
> pukruppa.net, since they would allow to relay all mails from .net ?!?
I'm trying to remember where this appears. I remember vaguely what
you're referring to, and yes, it's a theoretical possibility if you
combine a name like that with domain name based access controls. Aha!
Found it. It's this item in the 'FEATURE' section of
/usr/share/sendmail/cf/README
relay_entire_domain
This option allows any host in your domain as defined by
class {m} to use your server for relaying. Notice: make
sure that your domain is not just a top level domain,
e.g., com. This can happen if you give your host a name
like example.com instead of host.example.com.
So, unless you have an entry saying FEATURE(`relay_entire_domain')
somewhere in your sendmail configuration, this will not hurt you.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEAREIAAYFAktB/EsACgkQ8Mjk52CukIzgpQCeMQRfHfcLJlHcah2d3H/Qg8rG
9K0An0hxYKGR6zq3F+biB6NKgXacET02
=61H9
-----END PGP SIGNATURE-----
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B41FC45.8030207>