On Mon, 2006-05-15 at 00:18 +0100, Tony Finch wrote:
> On Sun, 14 May 2006, Miguel Saturnino wrote:
> >
> > I have a server for shared hosting in which the costumers have the
> > ability to add or change domains via the web hosting control panel.
> > Being so, the list of local domains is not always reliable since it may
> > contain a domain that is not hosted in the server. However, the DNS
> > server is external and is reliable, so I thing that doing an MX lookup
> > should resolve the problem.
>
> You are right, but it is usually not a problem if you consider a domain to
> be local when it is not. It can be a problem if you generate email for
> that domain locally. You might prefer to detect this configuration error
> using an audit script, rather than doing so on the fly, because ...
>
> > accept domains = +local_domains
> > domains = @mx_primary
> > endpass
> > message = "Unknown User"
> > verify = recipient
>
> ... this will do what you want, except if there is a DNS configuration
> problem, when it will defer. You may want your configuration to be robust
> in the face of DNS problems.
Thanks for your reply! What DNS problems might those be?
I already have something somewhat similar to an audit script as I
receive a notification every time someone adds or changes a domain name.
The thing is that I don't really want to let an external domain to be
treated as local, not even for half an hour. Imagine someone changes
their domain to Gmail.com and creates a catch-all address -- they would
receive any message sent to a Gmail account from the server.
> What you need to find out is which setup at your end leads to the fewest
> support questions when one of your customers has screwed up their DNS.
That's an important point, but I would not mind a little extra work if
that is the price to pay for a little more security...
> > At my lookuphost router, I commented the line "domains = !
> > +local_domains" and added the line "self = pass" and, so I now have
> > this:
> >
> > lookuphost:
> > driver = dnslookup
> > #domains = ! +local_domains
> > ignore_target_hosts = 127.0.0.0/8
> > transport = remote_smtp
> > self = pass
> > no_more
>
> I don't think you want to do this. It will cause strange effects if
> someone points an MX record at your server without you adding the domain
> to your local_domains list. Again, the problems are most likely to occur
> with locally-submitted email, which bypasses the ACL check. Remember that
> you have control over the local_domains list, whereas the DNS can contain
> anything.
What problems do you think this can cause?
I can't imagine any other alternatives. I don't want to disable the
addition of domains that don't yet resolve to the server as this is
often necessary when moving from one server to another. (There would be
no problem if only an admin could perform these tasks, but the control
panel also allows the users to do it, and I cannot change that...)
If there are any other suggestions on how to address this, they'll be
greatly appreciated!
Thanks,
--
Miguel Saturnino
Teia Digital (R) Alojamento de Sites e Soluções Internet
Web Site: http://www.teiadigital.pt
E-mail: info@???
