Author: Giuliano Gavazzi Date: To: Mark Edwards CC: Suresh Ramasubramanian, exim-users Subject: Re: [Exim] Sudden change in exim relay behavior
At 10:42 -0800 2003/02/05, Mark Edwards wrote: >On Wednesday, February 5, 2003, at 09:56 AM, Giuliano Gavazzi wrote: [..] >>do you mean that Mailman uses IPv6 to connect? Mmmm, even if it did I
>>guess Mark is not listening on ::1 anyway and probably did not even
>>compile IPv6 support in.
>>So, in the above is true, wouldn't 127.0.0.1 be enough?
>
>Okay, I'm starting to understand what's going on here. The FreeBSD
>port for Exim started defaulting to include IPv6 support since I last
>built it. And, unlike other processes that communicate with Exim on my
>machine, Mailman apparently identifies itself as ::1 (IPv6) instead of
>127.0.0.1 (IPv4). Thus, the setup broke.
>
>Now, my only question would be what's the best way to cope with this?
>Which is better:
>
>hostlist relay_from_hosts = 127.0.0.1 : ::::1
>
>or
>
>hostlist relay_from_hosts = localhost
>
>I'm guessing the former, as the latter would be easier to spoof?
ah ha! Now that I think of it, when I telnet to localhost it first
attempts ::1 and then (after failing to connect) it tries 127.0.0.1,
so Mailman is simply IPv6 compatible and as telnet first attempts the
IPv6 and then the IPv4 addresses, only that in your case exim accepts
the connection on ::1. (The order they come might just be a DNS
thing).
Now, to your questions, the easiest solution is to stop exim from
listening on ::1, bringing us back to IPv4 only (at least for
localhost).
Regarding the safety of using names in relay_from_hosts, I think this
is not an issue as long as you know what they resolve to (that is, it
is highly likely that the names get resolved into addresses anyway,
no time to check the specs now).