Hello, Ten years ago, it seemed a very neat idea that OpenSMTPD would have some implicit defaults to avoid people creating open relays.
Back then I was trying to make the smtpd.conf as compact as possible and came up with the very nice idea of "implicit local" so that we would get a very compact: accept for any relay which would not be an open relay as it translated to: accept from local for any relay This idea was carried when we moved the syntax to match/action. I think this was an error from the beginning and we should only have the explicit notation as I see a trend in people coming up with: match for domain foobar.org action "deliver" which, read loud, seems to imply that mail for domain foobar.org will be delivered but which actually fails because it translates as: match from local for domain foobar.org action "deliver" and actually limits the scope to local users... People keep making this mistake over and over which as safe as it is, is a serious hint that the mistake is on smtpd's side. Is there strong objection to move to a mode where implicit notation will no longer be allowed ? This could start with us adding the explicit notation to default config, then put a startup warning in the next release so configurations are not broken but people spot that this is no longer encouraged and we can then later kill it. -- Gilles Chehade @poolpOrg https://www.poolp.org patreon: https://www.patreon.com/gilles
