Re: [Exim] Opinions sought on new ignore_hosts option

Pàgina inicial
Delete this message
Reply to this message
Autor: Jim Knoble
Data:  
A: exim-users
Assumpte: Re: [Exim] Opinions sought on new ignore_hosts option
Circa 2000-Aug-15 11:12:56 +0100 dixit Philip Hazel:

: The question is, what should the default setting be? There seem to be
: three possibilities, and I'd like to hear what people think. [...]
:
: (1) Default unset. Preserves the current behaviour.

I believe this may be best. Exim is being used more and more on
workstation-type installs (witness the large number of Debian users)
where localhost/127.0.0.1 may be the only valid network interface
(either on a permanent or temporary basis).

For example, imagine a machine with an /etc/hosts file that looks this:

  127.0.0.1    localhost    localhost.localdomain


and a hostname of 'localhost.localdomain'. Exim is installed as the
local MTA and is used by cron or other local system facilities to
notify the administrator about problems. local_domains is set to '@'.

Unless the proposed ignore_hosts facility "knows" not to ignore the
interfaces corresponding to local_domains, exim will have problems
delivering mail.

Folks that know they need an ignore_hosts solution will know to look
for it in the docs and will be able to implement it (especially if
commented-out examples of [2] and [3] below exist in the default
exim.conf file), whereas folks that don't need it won't know to look
for it.

: (2) Minimal: ignore_hosts = <; 127.0.0.1 ; ::1

This is second-best, but only if it's implemented so that local_domains
are not also ignored. Many networks on the inside of NAT firewalls use
RFC-1918 private addresses (if they're not using IPv6). Ignoring the
entire RFC-1918 address space by default would have impractical
consequences, compared to only ignoring the rogue site with 127.0.0.1
in its A or [cough] MX record.

: (3) Maximal:   ignore_hosts = <; 127.0.0.0/8 ; 10.0.0.0/8 ; \
:                                  192.168.0.0/16 ; 172.16.0.0/12 ; \
:                                  ::1 ; fe80::/10


[...]

: . The ignoring would be ignored if a domainlist router routed
: explicitly to an IP address, or an smtp transport had an IP address in a
: hosts list. It applies only to addresses that are looked up, either in
: the DNS or by gethostbyname().

As i mention above, ignore_hosts probably ought not to ignore domains
listed in local_domains.

--
jim knoble | jmknoble@??? | http://www.jmknoble.cx/