[ On Wed, May 14, 1997 at 14:34:24 (+0100), Nigel Metheringham wrote: ]
> Subject: Re: Prevention of realying offsite.
>
> Maybe a halfway (at least) house to this is an allow relaying to domains
> that have me as an MX (requires routing the domain tho').
This is how I've done it for the upcoming Smail-3.2.1 release. There's
a new variable "smtp_remote_allow" that for the moment gives a simple
glob match list of networks from which mail may be relayed to remote
SMTP hosts.
For connections originating in networks not listed in smail's
smtp_remote_allow, mail is accepted if the target domain is any of the
"local" hosts (i.e. mail will be delivered locally), *or* there are any
MX records that match any of the local hosts. The decision is made
during the "RCPT TO" SMTP command, so indeed you don't have to receive
the body of the message or parse any headers. I gather that exim can
also do the latter -- i.e. verify based on header content.
I don't really "route" the target domain, only look up MXs for it and
iterate through them testing each with islocalhost(), which is an smail
function that can decide if a hostname matches a "local" host.
I think full "routing" of the target domain would only be required if
you were to do gateway activity outside the realm of SMTP and MXs.
After all, if you really want to handle e-mail for someone it should be
trivial for them to add an MX pointing at you. It is irrelevant how you
eventually deliver the mail if indeed you're the primary MX.
--
Greg A. Woods
+1 416 443-1734 VE3TCP robohack!woods
Planix, Inc. <woods@???>; Secrets of the Weird <woods@???>
