Joe Matuscak wrote: > Date: Fri, 18 Jan 2002 09:22:41 -0500 (EST) > From: Joe Matuscak <[EMAIL PROTECTED]> > To: Chris Green <[EMAIL PROTECTED]> > cc: Jason Sopko <[EMAIL PROTECTED]>, GNAT Box Users <[EMAIL PROTECTED]> > Content-Length: 1053 > > On Fri, 18 Jan 2002, Chris Green wrote: > > > That part is clear :) > > Maybe it really is'nt :-) > > > We need to know how to get more domains in there after you fill up > > the field. > > The idea is that you *dont* put more domains in the field. You set the > "match against MX" flag, and then you can leave the domains list blank, it > doesnt matter as long your Gnatbox can resolve MX records. (This means > that you need to have an external DNS server defined on the Gnatbox BTW) > > This is actually a kinda clever implementation since it means that as long > as you do the right things to configure your DNS MX records, you dont have > to remember to do anything to the Gnatbox.
Could this let "someone in" to relay, etc by having the nefarious third party define an MX for a target domain with an address that matches the normal MX? One may have less strigent anti-relay protection in their protected SMTP services due to the assumption of perimeter defense at the GB SMTP proxy. -- Darren Besler
