rcpthosts is for which domains your mailserver accept mail to, and you only want to
accept mail to domains that have relevance to your mailserver (either local accounts
or as a secondary MX for another mailserver). By removing rcpthosts, you are accepting
mail for all domains, and opening for abuse of your mailserver.
Your "local" users are threaten as whatever client/server trying to deliver mail
through your mailserver, until you tell qmail otherwise. That is what you are using
tcpserver for, where you accept relaying of mail from a range of IP addresses (your
local addresses!), and only allows deliver to locals/rcpthosts from anybody else.
Hope this clears things a little bit....
regards
--
-------------------------------------------------------------------
IDG New Media Einar Bordewich
System Manager Phone: +47 2205 3034
E-Mail: [EMAIL PROTECTED]
-------------------------------------------------------------------
----- Original Message -----
From: dd <[EMAIL PROTECTED]>
To: Einar Bordewich <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, October 27, 1999 2:15 PM
Subject: Re: Urgent Please
>
>
> On Wed, 27 Oct 1999, Einar Bordewich wrote:
>
> > Nope, rcpthost includes domains that the server accept,
> >it can be local domain or just a domain that the server queues mail for
> >ex. secondary MX for a domain. It does not have anything to do with the
> >local users. If a domain is listed in rcpthost, anybody in the "world" is
> >allowed to deliver mail to that domain, even if that doman is not local
> >on that server.
> >
> > Use tcpserver (and do not run it from inetd), and set the relaying from there.
> > Check this links, cut'ed from www.qmail.org:
>
> hey hey wait a minute. rcpthosts doesn't have anything to do with the
> local users? so why couldn't any of the users send a mail to the rest of
> the world when rcpthosts included only my host? i removed the file and now
> users can send mail to everywhere. at first i also thought as you
> explained, the file should include the hosts that are allowed to use my
> machine as relay but the reality is different, it seems (?).
>
>
> i'm confused...
>
>
