I am trying to understand "allow_untrusted_routing = yes" and the
circumstances where it is (un)safe. The documentation mentions an open
relay loophole in the context of backup MXes. Is untrusted routing safe,
if Postfix has no explicit *_mx_* configuration?
Consider the sample setup:
mydestination =
relay_domains = inline:{ mydomain.tld=1 }
transport_maps = inline:{ mydomain.tld=transport:nexthop }
The system should be able to accept <"[email protected]"@mydomain.tld> and
pass it to transport:nexthop. Tests suggest that one needs untrusted
routing for it. Which component is prone to being an open relay? The
system itself or the nexthop?