On 12/14/2009 3:50 PM, /dev/rob0 wrote:
On Mon, Dec 14, 2009 at 01:09:45PM -0500, Victor Duchovni wrote:
The relay_domains match list is subject to parent domain matching,
and because it defaults to $mydestination, will by default include
sub-domains of domains listed in $mydestination. This backwards
compatibility should be turned off by all users who don't need it:
# Empty
relay_domains =
# Or
relay_domains =<explicit list of domains you want>
Best practice is to not use the default value for this parameter.
A lot of folks run into this issue. Will a change of the default be
considered, perhaps with the Postfix 2.7 release?
This depends on the goals of postfix. The default was chosen
because it matches the default behavior of sendmail (at some
point in time). I don't know if sendmail still behaves this
way by default, or if it's still important for postfix to
match that behavior.
How many installs would this "fix" vs. "break"? I have no
idea. But I do know it's poor manners to change default
behavior unless it benefits (or doesn't affect) the majority
of users.
At any rate, I consider this a fairly minor issue. A note in
the docs would probably be sufficient, rather than a change in
default behavior.
While I don't particularly like the default behavior, today
I'll vote to not change it. [*]
but I may change my mind tomorrow.
Along the same line, what about parent_domain_matches_subdomains ?
"This is planned backwards compatibility: eventually, all Postfix
features are expected to require explicit '.domain.tld' style
patterns when you really want to match subdomains." When is
eventually? :)
I vote against changing parent_domains_matches_subdomains. [*]
I don't see this causing near the problems that the
relay_domains parameter causes. As was so clearly
demonstrated earlier in this thread, unwanted behavior
attributed to p_d_m_s can originate -- and be solved -- elsewhere.
The current behavior is well documented and "expected" by
pretty much every how-to ever published. Changing it would
break a lot of existing setups for questionable benefit. The
"planned backward compatibility" bit was written many years
(10+?) ago, and I see no good reason to change the default now.
[*] disclaimer: there is no expectation that anyone is
counting votes.
-- Noel Jones
