On Sun, 14 May 2006, Miguel Saturnino wrote:
>
> I have a server for shared hosting in which the costumers have the
> ability to add or change domains via the web hosting control panel.
> Being so, the list of local domains is not always reliable since it may
> contain a domain that is not hosted in the server. However, the DNS
> server is external and is reliable, so I thing that doing an MX lookup
> should resolve the problem.
You are right, but it is usually not a problem if you consider a domain to
be local when it is not. It can be a problem if you generate email for
that domain locally. You might prefer to detect this configuration error
using an audit script, rather than doing so on the fly, because ...
> accept domains = +local_domains
> domains = @mx_primary
> endpass
> message = "Unknown User"
> verify = recipient
... this will do what you want, except if there is a DNS configuration
problem, when it will defer. You may want your configuration to be robust
in the face of DNS problems.
What you need to find out is which setup at your end leads to the fewest
support questions when one of your customers has screwed up their DNS.
> At my lookuphost router, I commented the line "domains = !
> +local_domains" and added the line "self = pass" and, so I now have
> this:
>
> lookuphost:
> driver = dnslookup
> #domains = ! +local_domains
> ignore_target_hosts = 127.0.0.0/8
> transport = remote_smtp
> self = pass
> no_more
I don't think you want to do this. It will cause strange effects if
someone points an MX record at your server without you adding the domain
to your local_domains list. Again, the problems are most likely to occur
with locally-submitted email, which bypasses the ACL check. Remember that
you have control over the local_domains list, whereas the DNS can contain
anything.
Tony.
--
<fanf@???> <dot@???>
http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}
