Re: anti-relaying

Top Page
Delete this message
Reply to this message
Author: Greg A. Woods
Date:  
To: Tim Cutts
CC: Dom Mitchell, exim-users
Subject: Re: anti-relaying
[ On Fri, September 5, 1997 at 15:20:09 (+0100), Tim Cutts wrote: ]
> Subject: Re: anti-relaying
>
> I'm not convinced it should be a default. I think the vast majority of
> sites exim is running on are probably sites where users do not necessarily
> read their mail actually on the machine, but rather use POP or IMAP. As a
> result they will probably use the machine as an SMTP server also, and it
> will therefore be relaying. Switching this off by default could cause a
> lot of confusion for people transferring to exim for the first time.


That's why in the latest smail3 betas I've made the default remote relay
config contain a magic keyword (I use "localnet") that compares the
classical form network numbers [i.e. using inet_netof()] of the incoming
SMTP TCP connection source and destination addresses. If they're in the
same net then "localnet" matching permits the relay. This may not be
perfect but it will often restrict the range of possible abusers to your
own ISP neighbours (eg. if you have less than full Class C network)
though of course if you're on something like 24.0.0.0 you'll have a
whole lot of neighbours who may be an ideal prime source of abusers.... :-(

Ideally one might be able to make good use of the "true" greatest prefix
network number by looking it up with getnetbyaddr() [thus possibly
through the current RFC 1101 network name DNS encoding].

-- 
                            Greg A. Woods


+1 416 443-1734      VE3TCP      <gwoods@???>      <robohack!woods>
Planix, Inc. <woods@???>; Secrets of the Weird <woods@???>


--
* This is sent by the exim-users mailing list.  To unsubscribe send a
    mail with subject "unsubscribe" to exim-users-request@???
* Exim information can be found at http://www.exim.org/