On Wed, 31 Mar 1999, Liam Helmer wrote:
> So, the next thing I looked at was to make 2 mail servers using the
> relay_domains_include_local_mx option. The problem with this option, is
> that it's not really secure, given that anybody could create a domain
> anywhere and use our server as a relay. Good for them, sucks for us.
I thought that when I first came across that option.
Anybody *can* declare that you are their secondary MX,
but all that does is allow anybody to relay *to* them.
A spammer who wanted to use relay_domains_include_local_mx to use you
as a relay station would have to fake DNS records for every domain
they wished to spam. If they can do that, I think they would be able
to pretend to be a machine that you wish to trust anyway.
Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge
A.C.Aitchison@??? http://www.dpmms.cam.ac.uk/~werdna
--
*** Exim information can be found at
http://www.exim.org/ ***