On Fri, Apr 05, 2002 at 05:26:28PM -0500, Scott Gifford wrote: > Henning Brauer <[EMAIL PROTECTED]> writes: > > On Fri, Apr 05, 2002 at 03:39:23PM -0500, Scott Gifford wrote: > > > Henning Brauer <[EMAIL PROTECTED]> writes: > > > > On Fri, Apr 05, 2002 at 03:09:38PM -0500, Ed Abrams wrote: > > > > > My problem: We are working with domain name registrars. When a user > > > > > registers his domain with one of our partners, that partner will create an > > > > > MX record for that new domain, and that MX record will point to our email > > > > > server. [without notifying you] > > > > So the rule would be "accept and deliver all mail for domains with an MX > > > > pointing to me". > > > > That's insane and fscking insecure. > > > What's insecure about it, as long as any mail that comes this way is > > > always delivered locally (which seemed to be what Ed wanted), and > > > never relayed to another server? > > okay, the real question is what happens afterwards with the mail. having the > > domain in locals and rcpthosts is not enough as we all know. As you did not > > mention that I guess there is some kind of program delivery, and with this > > in mind (specifically, I had an autocreated mailbox with webmail access in > > mind), everybody can (ab)use your service by just adding MX entries to > > whatever domain. > I assumed that the mail would just be stored in a catchall mailbox, > and when the user signed up for the service, would get the mail for > their domain.
yeah, but even this catchall box has to exist somehow. The job isn't done with adding the domain to locals and rcpthosts. Greetz and 10x ofr all the fish, eh, bounsing the messages back to the list Henning, this time REALLY sending to the list. -- | Henning Brauer | PGP-Key: http://misc.bsws.de/hb/pubkey.asc | BS Web Services | Roedingsmarkt 14, 20459 Hamburg, DE | http://bsws.de Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
