[Old news, but I just came across this, and realise that Ask's question
wasn't answered.]
On Thu, 19 May 2005, Ask Bj?rn Hansen wrote:
On May 18, 2005, at 9:20 PM, Keith Ivey wrote:
John Peacock wrote:
> Though a couple of self-inflicted Denial of Service attacks on my mail
> servers, I've discovered that qpsmtpd doesn't implement any mailing loop
> detection internally. Now that I have fixed my misconfiguration (alias
> domains not completely set up), I thought I'd add this to qpsmtpd so it
> *can't* happen again.
>
Any progress on this? I ran into a similar situation a while ago when my
server was trying to deliver a message to an address whose MX record
resolved to 0.0.0.0.
Why is it that qmail or postfix doesn't detect and stop this (from the
Delivered-To headers)?
qmail could/should detect this by recognizing that 0.0.0.0 is a loopback
address, and that the recipient domain isn't listed in rcpthosts. But
there's a bug. And a patch:
http://www.suspectclass.com/~sgifford/qmail/qmail-0.0.0.0.patch
I don't know what postfix does, but I expect it's sane.
qpsmtpd could/should refuse any message where MX of the sender or
recipient domain is 0.0.0.0.
I'd rather not add loop-detection code until we're doing the sending too...
I didn't know there were plans. In any case, there is no need to detect
looping - the mail should simply be rejected before the data phase based
on the result of the MX lookup.
---
Charlie
