Re: [exim] howto force dns-lookup for local domains

Top Page
Delete this message
Reply to this message
Author: Magnus Holmgren
Date:  
To: exim-users
CC: Marten Lehmann
Subject: Re: [exim] howto force dns-lookup for local domains
Marten Lehmann wrote:
> Hello,
>
> we allow our users to configure forwardings and they can create accounts
> for domains, that aren't registered through us. A possible worst case
> scenario would be, that a user creates a *@hotmail.com account
> (catch-all) on our mailserver and suddenly all forwardings other users
> configured to real external hotmail-mailboxes would end in the local
> hotmail-account of a fraudulent user. How can I prevent this? The only
> way I can imagine is to force exim to do dns-lookups for all
> forwardings, no matter if the domain is local or remote. Any ideas, how
> I could configure this?


@mx_primary is a special domain list that matches all domains that have
your server as their primary MX. You can use that (or @mx_any, if the
users may reasonably use your server as a secondary MX). See section
10.8 of the specification.

However, you still need to make sure that no user can steal the mail
from any other user that owns a domain that *does* point to your server.

Sounds dangerous in any case. Is it infeasible to manually approve all
domains the users want to forward from?

--
Magnus Holmgren
holmgren@???