On Fri, Nov 07, 2008 at 04:45:57PM +0100, mouss wrote: > >> With hostnames there is a bigger change of failure (by just using a domain >> instead of exact hostname, letting f.e. dialup users from the domain forge >> the path). > > not sure I understand. people can't easily forge their rdns (in the
What I meant was more of a configuration error from admin. ;) I.e. whitelist_from_rcvd [EMAIL PROTECTED] orange.fr domain.wl We already know this is a bad way (maybe dynamic orange users) even currently. I don't know if there is much chance of second+ level failure, it could be overlooked more easily: whitelist_from_rcvd [EMAIL PROTECTED] smtp*.orange.fr domain.wl Maybe domain.wl has dynamic users or some other bad servers? Who knows. I agree it's a bit far fetched and easily corrected when spotted. Maybe there could be even an failsafe option to detect "bad" received hosts. I probably would start using this if implemented. Hostname support also in trusted_networks would be especially handy. Good ideas, too little time to code..
