Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 04 Jan 2010 14:33:41 +0000
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        Peter Ulrich Kruppa <ulrich@pukruppa.net>
Cc:        FreeBsd-Questions <freebsd-questions@freebsd.org>
Subject:   Re: sendmail: open-relay
Message-ID:  <4B41FC45.8030207@infracaninophile.co.uk>
In-Reply-To: <1262613595.9547.28.camel@pukruppa.net>
References:  <1262613595.9547.28.camel@pukruppa.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig8747F3F0447310BCF8EF55B4
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: quoted-printable

Peter Ulrich Kruppa wrote:

> BTW. I have read somewhere, there might be problems with hostnames like=

> pukruppa.net, since they would allow to relay all mails from .net ?!?

I'm trying to remember where this appears.  I remember vaguely what
you're referring to, and yes, it's a theoretical possibility if you
combine a name like that with domain name based access controls.  Aha!
Found it.  It's this item in the 'FEATURE' section of=20
/usr/share/sendmail/cf/README

relay_entire_domain
                This option allows any host in your domain as defined by
                class {m} to use your server for relaying.  Notice: make
                sure that your domain is not just a top level domain,
                e.g., com.  This can happen if you give your host a name
                like example.com instead of host.example.com.

So, unless you have an entry saying FEATURE(`relay_entire_domain')
somewhere in your sendmail configuration, this will not hurt you. =20

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW


--------------enig8747F3F0447310BCF8EF55B4
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEAREIAAYFAktB/EsACgkQ8Mjk52CukIzgpQCeMQRfHfcLJlHcah2d3H/Qg8rG
9K0An0hxYKGR6zq3F+biB6NKgXacET02
=61H9
-----END PGP SIGNATURE-----

--------------enig8747F3F0447310BCF8EF55B4--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B41FC45.8030207>