On Tue, 15 Aug 2000, Jason Gunthorpe wrote:
> Hm.. From a security viewpoint it would be good to say 'drop 172.16.*
> unless the domain being looked up is myprivatelan.com' that way DNS abuse
> cannot be used to send SMTP to arbitary internal machines.
That could be done by expanding the ignore_hosts option. I was wondering
whether to expand it or not; you have now given me a reason to do so.
ignore_hosts = ${if ! eq{$domain}{xxxx}{172.16.0.0/16}}
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
