On 2011-04-05 Christoph Moench-Tegeder wrote: > ## Wietse Venema ([email protected]): >>> Well, postfix still doesn't relay mail to hosts with it's own host >>> name in the server greeting ("host ... greeted me with my own >>> hostname ..." and "host ... replied to HELO/EHLO with my own >>> hostname ..."), so it's not that easy to shoot one's own foot. >> >> Loops can happen between Postfix MTAs and non-Postfix MTAs. It's a >> mistake to assume that all non-Postfix MTAs will implement all the >> Postfix safety mechanisms. > > That's why I wrote "not that easy", not "impossible". Admittedly, > linux distributors and their users were not included in my threat > model, I simply disabled smtpd. > >>>> To make the patch safe, it should add code to the SMTP server that >>>> refuses to receive mail when inet_interfaces is turned off. >>> >>> Thanks for the suggestion, I'll look into that (but propably not >>> today). >> >> The beauty of open source. We "solve" a problem by removing a safety >> mechanism. > > It would be a shame if we spend more time on the discussion of the > short-sightedness of my patch than I'd have to spend on fixing my > patch - just to have a better patch documented for those trapped with > broken setups like mine. Don't panic, I'll come up with that one > later.
Perhaps I'm missing something, but wouldn't it be a better solution for your problem to set "inet_interfaces = loopback-only" in main.cf and something like "2025 inet n - n - - smtpd" in master.cf? Regards Ansgar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky
