Damian:
I am trying to understand "allow_untrusted_routing = yes" and the
circumstances where it is (un)safe. The documentation mentions an open
relay loophole in the context of backup MXes. Is untrusted routing safe,
if Postfix has no explicit *_mx_* configuration?
This is about email addresses that contain @, % or ! in their
localpart. For example, user%not-your-domain@your-domain.
Whether allowing such charcters is safe depends on the MTA that
Postfix is forwarding such email to.
By default, Postfix asumes that the MTA will forward the email to
user@not-your-domain, as some Sendmail configurations did long ago.
I interpret your answer such that <"[email protected]"@mydomain.tld> does
not invoke some special trivial-rewrite resolve algorithm that is
dedicated to the case in which the local-part looks like an email
address. For example, there is no reason to assume that Postfix would
perform an MX lookup for third.tld and deliver there itself. Is this
correct?
Thanks.