I think work needs to be done on Qmail-1.03 when mail is sent of the form
"rcpt to: <[EMAIL PROTECTED]@local.domain>".
If Qmail was delivering such a message locally ("local.domain" is in
/var/qmail/control/locals), that would be converted to bogus local user
"[EMAIL PROTECTED]" - and bounce - cool.
However, if Qmail is part of a - say - firewall DMZ and delivers to an
internal non-Qmail server any mail ending in @local.domain, then it does
just that. If your internal mail server is running anti-relaying checks
(i.e. sendmail-8.9), it won't pick up this as relaying as the Qmail server
is also on the same network - and as such isn't subjected to the same
relay-tests as non-local addresses.
The problem as I see it is that by default Qmail deals with "xx@yy@zzz"
addresses by only seeing the last "@" sign. Shouldn't it actually "see" it
for what it is (an explicit relayed address) and reject that instead of
relying on the local delivery agent to deal with it?
[Reason. We just got put onto the ORBS list as our Qmail-1.0.3 server
"relayed" one of their test messages. I fixed the problem by altering our
internal DNS to be unable to resolve our Qmail servers IP address - thus
making it "foreign" - but this problem should of been dealt with by Qmail
IMHO...]
--
Cheers
Jason Haar
Unix/Network Specialist, Trimble NZ
Phone: +64 3 3391 377 Fax: +64 3 3391 417
