Peter Janett <[EMAIL PROTECTED]> writes on 4 September 2000 at 15:57:45 -0600
> I apologize of this is in the docs somewhere, but I didn't see it.
>
> If I understand what rcpthosts does, I would think that this file should be
> empty. My understanding is that if the "To:" address contains a domain name
> listed in rcpthosts, then it will relay that email. So, a spammer can send
> a message to mailto:[EMAIL PROTECTED], and to a bunch of
> spam victums in the cc and bcc fields.
Don't think "relay". Think "deliver". That's why it's named
"rcpthosts". That's "receipt hosts". That's "hosts you will
*receive* mail for". So it should list, like, all the hosts you will
unrestrictedly receive mail for. Which generally means the ones
listed in locals plus the ones listed in virtualdomains. You want any
site in the world to be able to send you mail for those sites.
I *think* the reason so many people get confused about this is because
of using POP clients, which send their outgoing mail via smtp. That's
an anomaly and a distortion. Thinking about that as your normal model
makes all the terminology come out wrong and causes confusion. In the
*normal* unix world, locally-originated mail is injected into the
queue via qmail-inject, not delivered via smtp.
(Nothing at all wrong with using pop clients and such, it's just that
they don't follow the normal mail model, so trying to think about MTAs
from a pop client perspective seems to cause confusion.)
Now, "relaying" means "accept via SMTP mail that will NOT be delivered
locally, but will instead be sent on via SMTP".
Because of the need for relaying (if you act as a smart host for
system hidden behind you, or because of the need to relay for POP
clients), there are *two* kinds of mail you want to accept via SMTP:
First, mail intended for the local environment. This is determined by
examing the envelope RCPT field; rcpthosts identifies which mail
should be accepted for this reason.
Second, mail which you wish to relay to its destination. This mail is
identified based on where it comes *from* (the IP address of the
system initiating the SMTP connection), not where it's going *to*.
This mail is identified by the RELAYCLIENT environment variable set by
tcpserver, based on the originating IP address, either statically, or
dynamically using pop-before-smtp. (or is injected locally using
qmail-inject; mail injected locally will never be bounced based on
anti-relaying rules).
--
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]
