Henning Brauer <[EMAIL PROTECTED]> writes: > On Fri, Apr 05, 2002 at 05:26:28PM -0500, Scott Gifford wrote: > > Henning Brauer <[EMAIL PROTECTED]> writes: > > > On Fri, Apr 05, 2002 at 03:39:23PM -0500, Scott Gifford wrote: > > > > Henning Brauer <[EMAIL PROTECTED]> writes: > > > > > On Fri, Apr 05, 2002 at 03:09:38PM -0500, Ed Abrams wrote: > > > > > > My problem: We are working with domain name registrars. When a user > > > > > > registers his domain with one of our partners, that partner will create an > > > > > > MX record for that new domain, and that MX record will point to our email > > > > > > server. [without notifying you] > > > > > So the rule would be "accept and deliver all mail for domains with an MX > > > > > pointing to me". > > > > > That's insane and fscking insecure. > > > > What's insecure about it, as long as any mail that comes this way is > > > > always delivered locally (which seemed to be what Ed wanted), and > > > > never relayed to another server? > > > okay, the real question is what happens afterwards with the mail. having the > > > domain in locals and rcpthosts is not enough as we all know. As you did not > > > mention that I guess there is some kind of program delivery, and with this > > > in mind (specifically, I had an autocreated mailbox with webmail access in > > > mind), everybody can (ab)use your service by just adding MX entries to > > > whatever domain. > > I assumed that the mail would just be stored in a catchall mailbox, > > and when the user signed up for the service, would get the mail for > > their domain. > > yeah, but even this catchall box has to exist somehow. The job isn't done > with adding the domain to locals and rcpthosts.
A good .qmail-default file could create a temporary place to store mail to each domain, delivered to a real mailbox later on when the domain was registered for. > Greetz and 10x ofr all the fish, eh, bounsing the messages back to the list No trouble; it only took 10 seconds. I love Gnus. :) -----ScottG.
