Scott Gifford <[EMAIL PROTECTED]> wrote:
[...]
> 127. is allowed to relay on my system, the message was accepted. Then
> qmail would immediately begin delivering the message to itself again.
> Wash, rinse, repeat.
>
> I stopped this from happening by denying connections from 127. in my
> TCP rules file for qmail-smtpd (I changed
>
> 127.:allow,RELAYCLIENT="",,RBLSMTPD=""DENYMAIL="DNSCHECK"
>
> to
>
> 127.:deny
>
> ), but this seemed like kind of a kludgey solution.
>
> So I have 2 questions.
>
> 1) Is there a better way to do this? Allowing 127. to relay is a
> convenient way for me to test. I'd like to be able to null-route
> to these addresses in smtproutes instead, but I don't see a way to
> do that.
Change your rule to:
126.:allow,RELAYCLIENT="@localrelay"
and add a virtual domain "localrelay" which files all messages in a single
Maildir, or throws them away. Any mail injected from 127. will get its
envelope recipient rewritten by appending the contents of RELAYCLIENT, and
it will then be handled by this virtual domain.
> 2) Will anything bad happen as a result of blocking SMTP connections
> from 127.? I can't think of what this would break, but I've always
> had this address allowed to relay before . . .
Only if you run software on the machine which sends mail by SMTP to localhost
rather than using the "sendmail" interface.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------
