Wietse:
Postfix relay permission is decided before (recipient) address
rewriting.
For example, we don't want "relay access denied" when a virtual
alias changes an address in a local domain into a remote address.
Yves Kreis:
My rewriting idea works for my purpose. I am just trying to
investigate the risk...
...
I don't use it for relay permission but for the destination server to
accept the mail.
Your subject says:
Risk of Address Rewriting causing Open Relay?
Is this about Postfix address rewriting?
Is this about Postfix becoming an open relay?
I don't mind where to write my reply. However I didn't notice any such
instructions when subscribing...
Anyhow:
Yes it is about postfix address rewriting (which can be done as well
though sender_canonical_maps afaik).
And yes it is about Postfix becoming an open relay. The rule
/^(.+)+pt.lu:[EMAIL PROTECTED]/ [EMAIL PROTECTED]
forwards all mails sent to xxx+pt.lu:[EMAIL PROTECTED] to
[EMAIL PROTECTED] So the server theoretically is an open relay, however you
need to know the password.
How important is the risk of this choice?
Best Regards,
Yves
