On Thu, 3 Mar 2011, Patrick Ben Koetter wrote:
> RFC 2006 <http://tools.ietf.org/rfc/rfc2606.txt> indicates you are right. I
> need to do some testing. Maybe I jumped to the wrong conclusion why specifying
> "localhost" only causes problems.
reject_non_fqdn_helo_hostname will catch a bare 'localhost' since it has
no '.', but 'localhost.' doesn't work either, since the implementation
specifically checks for '.' within the string. So it'll cause problems
here either way, but...
> Some simply set it globally and don't disable it or change the policy on
> reinjection port.
I'd say that's a mistake, and not one amavisd-new should be trying
particularly hard to avoid. On my systems, I reject any HELO coming from
the outside that looks like localhost, the box's own addresses or domain
names, the RFC 2606 reserved names, and a handful of common pseudo-TLDs,
including '.localdomain'. But it's perfectly fine to use 'localhost' over
the loopback:
Received: from localhost (localhost [127.0.0.1])
by jupiter.loonybin.net (Postfix) with ESMTP id 3032BA2813F
for <[email protected]>; Wed, 2 Mar 2011 18:15:15 -0500 (EST)
-Rob
------------------------------------------------------------------------------
Free Software Download: Index, Search & Analyze Logs and other IT data in
Real-Time with Splunk. Collect, index and harness all the fast moving IT data
generated by your applications, servers and devices whether physical, virtual
or in the cloud. Deliver compliance at lower cost and gain new business
insights. http://p.sf.net/sfu/splunk-dev2dev
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
