tom@??? (Tom) writes
>
> > Somebody needs their head examining, then. "domain.com" *claims* to be "for
> > use by vendors and authors in default configurations, examples". In so far as
>
> There is a particular reason why domain.com points to 127.0.0.1
>
> Some foolish vendors would put "domain.com" throughout their sample
> config files, and equally foolish admins would install them. The root
> nameservers very quickly realized that they were handling a lot of queries
> for domain.com.
OK, that's a good reason for having a valid delegation "domain.com", with
NS records with a nice large TTL.
> Negative caching of nonexistant entries only works for 10
> minutes, so it was thought the best way to short-circuit this whole mess
> is register domain.com
Point taken. But it might be a wee bit more convincing if there were an MX
record for domain.com. There isn't, so the 10-minute (YNSMV) rule currently
applies to that. Of course, it's poor old ns.domain.com that gets hammered
instead of the root nameservers.
> I recommend that you add:
>
> sender_reject_recipients = domain.com:localhost
Well, (a) it was a recipient in domain.com, not a sender, that was originally
being talked about, and (b) it was local mail, not SMTP mail.
I think the "self=fail_hard" (or you could use some of the other values)
I mentioned makes more sense anyway. If you have sender_verify on this will
also lock out senders in such domains.
Chris Thompson Cambridge University Computing Service,
Email: cet1@??? New Museums Site, Cambridge CB2 3QG,
Phone: +44 1223 334715 United Kingdom.
--
*** Exim information can be found at
http://www.exim.org/ ***
