On 2003-12-21 22:46:09 +0530, Ashish Pawaskar wrote: > "Peter J. Holzer" <[EMAIL PROTECTED]> wrote: > > PJH> There's a good chance you have configured 127.0.0.1 as relayclient, in > PJH> which case that check would actually return that the address exists. > > Peter, are you suggesting that setting up 127.0.0.1 as a relay client > is a bad idea,
No I am suggesting that some sanity checking should be done before
connecting to a mail server to check for valid email addresses.
I mean, you are doing that because you suspect the sender is lying about
the reverse-path. So why should you believe him when you ask him about
his MXs? Checking the IP address against a few "impossible" patterns
(127.0.0.0/8, the RFC1918 networks, maybe your own network if its none
of your domains, ...) takes very little time and prevents you from
meaninglessly asking your own mail server whether it's willing to accept
mail for that address (of course it is, it's *your* mail server).
> if yes, then how do we allow local server scripts/programs to send
> email?
Even if no: You can just pipe the mail into /usr/sbin/sendmail. Or you
can distinguish between mail submission (on port 587) and mail transfer
(on port 25).
hp
--
_ | Peter J. Holzer | In this vale
|_|_) | Sysadmin WSR | Of toil and sin
| | | [EMAIL PROTECTED] | Your head grows bald
__/ | http://www.hjp.at/ | But not your chin. -- Burma Shave
pgp00000.pgp
Description: PGP signature
