Re: [Exim] Domain literals: weighing up the arguments

Hi Philip, on Fri, 5 Dec 2003 14:01:45 +0000 (GMT) you wrote:

> On Fri, 5 Dec 2003, Tim Jackson wrote:

[on delivering mail to postmaster@[IP]]

> > In this context, I think it *is* meaningful to want to deliver mail
> > to a specific box, if one knows that it is running an MTA. (And if it
> > isn't, the mail bounces - no problem).
> Why? Can you really assume that deliving to a specific box is going to
> get to the (logical) person you are trying to contact?

If the MTA on IP 1.2.3.4 is playing up, I think the closest systematic
assumption I can make of trying to reach the postmaster there is
"postmaster@[ip]". I don't think this is making any more assumptions than
picking addresses based on reverse DNS fragments, IPWHOIS or other
sources which are themselves not infallible.

> Doesn't the administrator of the box have a say in this?
> One cannot lay down any kind of "law" here.

Of course, just as with anything else. But I think suggesting that
accepting mail to postmaster@[their.ip] is not such a bad idea. If they
don't want it, they can turn it off as with any other thing. Again, bear
in mind here that I'm not trying to invent any new rules or "law"
here...I'm not suggesting that arbitrary hosts should start accepting SMTP
sessions, or people should change firewalls or anything like that. Merely
that if they have got a machine which is running an MTA, *and* it's
already publically accessible, I've learnt from recent experience that
"postmaster@[ip]" is a standard form that has some conceivable uses, so
given that enabling it doesn't actually do any harm in itself, it seems a
shame to have it disabled in the standard configuration for a popular
piece of software.

Bear in mind here that (from what you've said) addressing via literal IPs
fell largely into disuse whilst I was still in my early teens and had
never even heard of the Internet :-) So the concept is not something I
have any attachment to whatsoever; in fact until relatively recently it
was alien to me and as a general rule (i.e. delivery to end users) it
seems almost entirely pointless and archaic. So I've no reason at all to
suggest anyone should use it except where there is no other choice, or it
is the only reliable determination that can be made of a sensible way to
contact the administrator of a particular machine.

> Meta-point to this argument: Exim has been the way it is now for a
> looong time. It would take a huge amount of persuading to convince me to
> make a change to the default, because such a change has the chance of
> doing the wrong thing to all the existing users who upgrade.

Fair enough, and a reasonable point. I have to say that at this stage, I'm
not going to do any more "persuading" - in fact, I never was really trying
to persuade anyone of anything, just make a suggestion; I only raised this
originally not out of some kind of RFC puritanism but just because of a
few experiences recently where I'd learnt why it could be useful, and I
thought it was a worthwhile point to raise in light of some recent
discussions.

> As it happens, we haven't blocked port 25 access to the machine I'm
> currently using at the border routers, but we might well do so. There
> are plenty of similar configurations where outgoing mail servers send
> out mail to the world but won't accept incoming mail connections from
> outside their borders. And what about people using NAT and load-sharing
> hardware and stuff like that? One IP address may well not correspond to
> one box.

All true, although I think we may be talking at cross purposes here: you
seem to be trying to explain why e-mailing postmaster@[ip] is likely to be
unreliable due to a range of circumstances, and why trying to find a
suitable domain is a better idea. I'm aware of all these issues and don't
disagree with you :-) However, none of this particularly strongly affects
my original conclusion that accepting postmaster@[ip] at the MTA is
potentially useful...there may well be other factors that prevent SMTP
sessions even getting that far (e.g. firewalling) but even in that case,
nothing's been *hurt* by having it enabled. The only possible harm is, as
you pointed out, people subsequently making configuration errors based on
the assumption that all local_domains are DNS domains rather than domain
literals.

Anyhow, you've clearly got your mind made up about the default
configuration not changing so I won't waste any more of your or my time on
this, but suffice to say that my personal conclusions are:

- I will enable domain literals (for postmaster@) on machines I manage, so
that if anyone ever does want/need to contact me via that method, they
can. The concept of "be liberal in what you accept, conservative in what
you send" is not one that can be applied so readily these days,
especially with respect to mail given the crippling spam problem.
However, in this case, if someone is trying to help me by telling me
about a problem with my system, I think I should take reasonable
measures to make it easy to reach me and this is one small thing that
doesn't hurt me but may help, firewalls etc. permitting.

- I would suggest to other Exim users that:

a) they should not be overly put off by the scary warnings in the Exim
config: enabling domain literals won't in itself enable abuse of your
server.

b) they should at least consider allowing postmaster@[their.ip] where it
makes sense in their situation (i.e. they're on an externally-reachable
machine with a public IP). One day, someone might try to contact you by
that method to discuss a problem with your machine. Out of courtesy if
nothing else it would seem to be a good idea to accept that mail where
it doesn't do any harm for you to do so. Aside from anything else, you
can't really complain if they subsequently blacklist you for whatever
problem it was that triggered their mail - you can't say "you should
have warned me first" if they did and you refused their mail! Sure,
maybe there was a better way to contact you, but they did after all go
to the trouble of trying to contact you in the first place so they don't
"owe" you anything.

Tim