At 12:10 PM 9/5/2003, John W. Baxter wrote:
>I (think I) understand what you're doing. I don't quite understand one of
>the policies implemented...is it really OK if someone at one of your
>relay_from_hosts elects to forge your mail server's IP address as the IP
>address in EHLO/HELO in lieu of a real name?
>
>Or is the hosts = part left over from they other two acl statements (not
>quoted) where it makes perfect sense?
>
>Or have I missed something (such as some relay_from_hosts really do have the
>same IP but no name)?
Well - I run a server with multiple names, and multiple interfaces (both
ipv4 and ipv6) on it. Plus I relay for two or three static IPs.
I am a great believer in playing safe, and I don't see any particular harm
in that particular exception, so it stays in :)
srs
