Stephen Paul Weber:
> I have reason to allow email addresses with % in them. If I do this:
>
> allow_percent_hack = no
>
> Then I still get "relay access denied" because it seems that Postfix
> considers % a relay attempt, even with the rewriting disabled? So, if I do
> this as well:
>
> allow_untrusted_routing = yes
>
> It works, but of course I'd rather not. So two questions (1) is this
> "safe":
>
> swap_bangpath = no
> allow_percent_hack = no
> allow_untrusted_routing = yes
>
> That is, since both bangpath and percent_hack are disable there should be no
> untrusted routing to attempt anyway, and thus I am not an open relay, yes?
Yes, if you never send email to other systems. The postconf(5)
manpage describes a loophole where because Postfix was forwarding
email to a system that could be exploited by % in localparts.
> And (2) is there any way to acheive what I want (localpart with % in it that
> is treated as just a normal character and not a relay attempt).
Yes, if you never send email to other systems.
Wietse
