## Wietse Venema (wie...@porcupine.org):
> > Well, postfix still doesn't relay mail to hosts with it's own
> > host name in the server greeting ("host ... greeted me with my own
> > hostname ..." and "host ... replied to HELO/EHLO with my own hostname ..."),
> > so it's not that easy to shoot one's own foot.
>
> Loops can happen between Postfix MTAs and non-Postfix MTAs. It's
> a mistake to assume that all non-Postfix MTAs will implement all
> the Postfix safety mechanisms.
That's why I wrote "not that easy", not "impossible".
Admittedly, linux distributors and their users were not included in
my threat model, I simply disabled smtpd.
> > > To make the patch safe, it should add code to the SMTP server that
> > > refuses to receive mail when inet_interfaces is turned off.
> >
> > Thanks for the suggestion, I'll look into that (but propably not today).
>
> The beauty of open source. We "solve" a problem by removing a safety
> mechanism.
It would be a shame if we spend more time on the discussion of the
short-sightedness of my patch than I'd have to spend on fixing my
patch - just to have a better patch documented for those trapped with
broken setups like mine. Don't panic, I'll come up with that one later.
Regards,
Christoph
--
Spare Space
