Well the three last answers are debate on principles, which I think is interesting but I don't think this mailinglist is the right place for. If there are 'bad ideas' in standards, then why aren't the standards changed? Especially if everybody agrees they are bad? For example I have a problem with another RFC where Microsoft Outlook implements parts, which Mailman doesn't support.

I don't fear being blacklisted because there are mail servers out there with quite some traffic which have been configured as open relay for years without getting blacklisted. The other thing is that delivery to "@"@some-other-domain.com is possibly anyway and doesn't depend on these two lines of configuration. They only allow for receiving such e-mails. I've never heard of anyone being blacklisted for massively receiving mails :-) or even receiving suspicious mail.

The security issue is, as far as I understand, that a backup MX uses an @ in the local part for internal purposes. Which, in theory, can be exploited to use the server as open relay. As long as I don't use a backup MX, I don't have an open relay and everything is fine, isn't it?


Am 04.01.2013 10:40, schrieb Benny Pedersen:
Michael Blessenohl skrev den 2013-01-03 23:59:
Thanks a lot for the help. There is no firewall messing with SMTP
inbetween. With both options

resolve_dequoted_address = no
allow_untrusted_routing = yes

it finally works. Because I don't have a backup MX, this set-up
should be fairly safe to use.

now you just wait until your ip will be listed as a openrelay ?

Postfix flags an address with @ in the local-part as an address
with sender-specified routing, regardless of whether it is quoted.

Postfix will not relay such an address unless the above safety
feature is turned off.

    Wietse

to me its very understanding what is writed on above




Reply via email to