Philip Prindeville:
[ Charset ISO-8859-1 unsupported, converting... ]
> On 11/26/11 6:01 PM, Wietse Venema wrote:
> > Philip Prindeville:
> > [ Charset ISO-8859-1 unsupported, converting... ]
> >>> And unless you turn off IP forwarding in the TCP/IP stack, the value
> >>> of {if_addr} and {if_name} says nothing about the path that packets
> >>> have taken. It just says something about the destination IP address.
> >
> >> In a richly connected network with a multihomed host, packets might
> >> arrive on more than one interface during the course of a connection
> >> anyway, possibly even simultaneously.
> >
> > Indeed. That's why {if_name} is totally meaningless in such
> > configurations, and {if_addr} mostly meaningless.
> >
> > So, you can save yourself time and skip these features unless you
> > intend to run Postfix on a multi-homed firewall, which case I would
> > recommend running Postfix on single-homed hosts on both sides of a
> > "bare" firewall (the configuration of classical DEC SEAL firewall).
> >
> > Wietse
>
> I really don't think it's that simple.
>
> I know of one scenario for instance where the public interface
> speaks to outside mailers (and indeed is an MXer on that interface),
> but a loX interface (like 127.0.0.2) talks only to a another relay
> agent which is allowed to submit outbound messages for relaying.
If the client address is 127.0.0.1, you already know the interface
name and address, and if_addr, and there is no need add hundreds
of lines of code to Postfix to pass that information around.
If the client IP address is not 127.0.0.1, then the interface
information is useless in most practical configurations as discussed
above.
Wietse
