[H-GEN] Virtual Webhosting / IP aliasing

Martin Pool martinp at mincom.com
Tue Aug 17 23:28:09 EDT 1999


[ Humbug *General* list - semi-serious discussions about Humbug and
Unix-related topics. ]

At 11:47 18/08/99 +1000, you wrote:

>> Or make your life easy and use exim, and set the "accept mail for
>> top-priority MXs".
>
>Please don't.  Your MTA should be explicty configured.  

without any typos.  Yes, explicit configuration is better.

Here's the relaying option, with some discussion of why it's dangerous.

>relay_domains_include_local_mx option
>Option: relay_domains_include_local_mx
>Type: boolean
>Default: false 
>
>This option permits any host to relay to any domain that has an MX record
pointing at the local host. It causes any domain with an MX record pointing
at the local host to be treated as if it were in `relay_domains'. See
`host_accept_relay' above. `Warning:' Turning on this option opens your
server to the possibility of abuse in that anyone with access to a DNS zone
can list your server in a secondary MX record as a backup for their domain
without your permission. This is not a huge exposure because firstly, it
requires the cooperation of a hostmaster to set up, and secondly, since
their mail is passing through your server, they run the risk of your
noticing and (for example) throwing all their mail away. 


--
Martin
-- 
 /\\\  Mincom | Martin Pool          | martinp at mincom.com
// \\\        | Software Engineer    | Phone: +61 7 3303-3333
\\ ///        | Mincom Ltd.          | 
 \///         | Teneriffe, Brisbane  | Speaking for myself only


--
This is list (humbug) general handled by majordomo at lists.humbug.org.au .
Postings only from subscribed addresses of lists general or general-post.



More information about the General mailing list