I need data that's in the user part of the address to determine the nexthop. Obviously doing this dynamically is easier that maintaining a huge map file.
My server is an internal mail router and only one recipient domain would be subject to this transport. Just out of curiosity, what kind of security hole are we talking about? On Tue, Sep 30, 2008 at 9:31 PM, Victor Duchovni < [EMAIL PROTECTED]> wrote: > On Tue, Sep 30, 2008 at 09:27:59PM -0600, David DeFranco wrote: > > > According to the man page I can't do regular expression substitution in > > transport maps with Postfix 2.3 or later. > > > > The trivial-rewrite(8) server disallows regular expression > > substitution of $1 etc. in regular expression lookup > > tables, because that could open a security hole (Postfix > > version 2.3 and later). > > > > Is there a way to override this setting or am I stuck running Postfix > 2.2? > > Are you using regexp keys to resolve to a *fixed* transport:nexthop or > regexp keys with sub-patterns to resolve to a dynamic transport:nexthop? > > The latter is not safe, and is far too likely to lead to security issues. > So if you really need substitutions, you are out of luck. > > -- > Viktor. > > Disclaimer: off-list followups get on-list replies or get ignored. > Please do not ignore the "Reply-To" header. > > To unsubscribe from the postfix-users list, visit > http://www.postfix.org/lists.html or click the link below: > <mailto:[EMAIL PROTECTED]> > > If my response solves your problem, the best way to thank me is to not > send an "it worked, thanks" follow-up. If you must respond, please put > "It worked, thanks" in the "Subject" so I can delete these quickly. >
