RE: [Exim] Opinions sought on new ignore_hosts option

Top Page
Delete this message
Reply to this message
Author: John Horne
Date:  
To: exim-users
Subject: RE: [Exim] Opinions sought on new ignore_hosts option
On 15-Aug-00 at 10:12:56 Philip Hazel wrote:
> Background:
> We are seeing instances of (deliberately?) broken DNS records like
> this:
>
>   some.remote.domain    A    127.0.0.1
>   some.remote.domain    MX 1 localhost  

>
> (1) Default unset. Preserves the current behaviour.
>

I'd go with the first option for the simple reason that I currently have to
configure our DNS's to ignore 'spoof' addresses in its configuration file
(no problem), so doing the same with Exim won't be a problem. Giving the
option a default setting may break something that is already working, and to
that extent if I'm testing something with Exim at home then I may well use a
127. or 10. address. I'd rather it worked by default and that I knowingly
have to configure Exim to ignore these things.

However, you state:

". The ignoring would be ignored if a domainlist router routed
explicitly to an IP address, or an smtp transport had an IP address in a
hosts list. It applies only to addresses that are looked up, either in
the DNS or by gethostbyname()."

So I guess my question is how will this new option behave/react with current
configuration options such as 'host_accept_relay = localhost'? We also tend
to specify 'localhost' as a negated item:

helo_accept_junk_hosts = ! localhost
rfc1413_hosts = ! localhost

simply because mail can come from localhost/127.0.0.1. However, we do want
to prevent mail coming from a site that *claims* it is 'localhost' or has the
spoofed IP address of 127/8. It seems that we can have one or the other but
not both?

John.

--------------------------------------------------------------------------
John Horne, University of Plymouth, UK             Tel: +44 (0)1752 233914
E-mail: jhorne@???
PGP key available from public key servers