> > I'm concerned about  having ETRN wide open.  I am not very familiar with 
> > ETRN 
>and 
>

> > have  no use for it in our environment.  It seems harmless, but if most of 
>one's 
>
> > recipient/sender/client/helo/etc. restrictions are in places they won't  be 
>seen 
>
> > by someone trying to fiddle maliciously with ETRN, is it better  to put 
>something 
>
> > in  smtpd_etrn_restrictions?
> 
> http://www.postfix.org/ETRN_README.html
> http://www.postfix.org/postconf.5.html#authorized_flush_users

I confess to only having skimmed ETRN_README, because it's not something we 
make 
use of.  I may have missed it, but that document doesn't seem to talk much 
about 
the implications of its access to the outside.  I was concerned because my 
tests 
seem to show that by default it is allowable by anyone (and indeed, 
authorized_flush_users's default is "anyone").

Are you suggesting changing authorized_flush_users to an empty value?  What's 
wrong with the examples I gave?

Or is this of no concern and/or does the junk command limit take care of it?

Reply via email to