man, 2003-01-20 kl. 08:54 skrev Giuliano Gavazzi:
> >Since I don't insist on authorization for local users (there are few and
> >I trust them) I can't make use of Guliano's solution (I've already given
> >local users the green light).
> if what you say is correct, than you are an open relay.
> You imply that you give local users the green light (==relay) on the
> basis of the envelope from (that is what I am checking to stop fake
> local senders from outside).
I'm not you know :-) I connect by dialin, so my machine isn't always "on
the air". But if you let me know, I'll bring it up and you can try to
relay through it. You'll get a non-standard and unnecessarily rude
message back.
> If you instead just meant that you are accepting on the basis of
> accept hosts = +relay_from_hosts
>
> where relay_from_hosts includes 127.0.0.1, then "my" rule will still
> work. It just needs to be put right before mail is *accepted* for
> local users.
I have that acl, yes, but also accept with an acl diametrically opposite
to yours (accept instead of deny, with an endpass). Yours negates it,
actually quite funny to see working.
Philip's comment that the idea isn't good, anyway, holds the sway.
Best and thanks,
Tony
--
Tony Earnshaw
When all's said and done ...
there's nothing left to say or do.
e-post: tonni@???
www: http://www.billy.demon.nl