Circa 2000-Aug-15 11:12:56 +0100 dixit Philip Hazel:
: The question is, what should the default setting be? There seem to be
: three possibilities, and I'd like to hear what people think. [...]
:
: (1) Default unset. Preserves the current behaviour.
I believe this may be best. Exim is being used more and more on
workstation-type installs (witness the large number of Debian users)
where localhost/127.0.0.1 may be the only valid network interface
(either on a permanent or temporary basis).
For example, imagine a machine with an /etc/hosts file that looks this:
127.0.0.1 localhost localhost.localdomain
and a hostname of 'localhost.localdomain'. Exim is installed as the
local MTA and is used by cron or other local system facilities to
notify the administrator about problems. local_domains is set to '@'.
Unless the proposed ignore_hosts facility "knows" not to ignore the
interfaces corresponding to local_domains, exim will have problems
delivering mail.
Folks that know they need an ignore_hosts solution will know to look
for it in the docs and will be able to implement it (especially if
commented-out examples of [2] and [3] below exist in the default
exim.conf file), whereas folks that don't need it won't know to look
for it.
: (2) Minimal: ignore_hosts = <; 127.0.0.1 ; ::1
This is second-best, but only if it's implemented so that local_domains
are not also ignored. Many networks on the inside of NAT firewalls use
RFC-1918 private addresses (if they're not using IPv6). Ignoring the
entire RFC-1918 address space by default would have impractical
consequences, compared to only ignoring the rogue site with 127.0.0.1
in its A or [cough] MX record.
: (3) Maximal: ignore_hosts = <; 127.0.0.0/8 ; 10.0.0.0/8 ; \
: 192.168.0.0/16 ; 172.16.0.0/12 ; \
: ::1 ; fe80::/10
[...]
: . The ignoring would be ignored if a domainlist router routed
: explicitly to an IP address, or an smtp transport had an IP address in a
: hosts list. It applies only to addresses that are looked up, either in
: the DNS or by gethostbyname().
As i mention above, ignore_hosts probably ought not to ignore domains
listed in local_domains.
--
jim knoble | jmknoble@??? |
http://www.jmknoble.cx/