but in other instances this is exactly the behaviour we want so, it really is a feature.
Darrell May wrote: >smtpd_check_rules/60AllowLocalDomains > >Problem: >- the '60AllowLocalDomains' fragment allows all smtp connections to proceed >simply if the domain name matches a local domain. This permits message >traffic even if the message is addressed to an invalid e-mail account. > >Executive Summary: >- Consider a large user base server, say a school, where during the term >hundreds of students have an active e-mail account. The students sign up >for multiple mailing lists etcetera. The term ends. The students leave and >their usernames are removed from the system. Even though the account has >been removed, e-mail coming to this account is still permitted by >60AllowLocalDomains. Of course what happens is the message is unable to be >delivered and an error report is forwarded to the postmaster. This now >becomes a _monumental_nightmare_ for the system admin to plough through all >the hundreds of daily error messages. > >Suggestion: >- remove '60AllowLocalDomains' and replace with a new >'60AllowEmailAddresses' fragment. This could be built using the code >similar in '30InternalOnly' to expand out the template for every valid email >address only. Unfortunately with the one Qmail community I believe this >would require expanding out: > >allow:ALL:ALL:every_valid_email@every_local_domain > >If anyone has a better solution please share your ideas. > >IMHO this needs to be 'addressed' asap :-) > >Comments are welcomed. > -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
