[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Postfix in unstable made my system an open spam relay

On Sat, Oct 13, 2001 at 05:44:33PM +0200, Stefan Hornburg (Racke) wrote:
> But allowing relay from is OK ? I'm the maintainer of
> the Courier mail server, where this is the default.

"It depends."

Imagine a larger company with several departments, each using a
different 192.168.x.0 class C subnet. It is common to separate
departments from one another to protect against internal attackers
from other departments. Your configuration would leave open a hole in
that case.

I'd really prefer a "safe by default" policy where only localhost is
allowed by default, with an obvious commented-out section in the
config file showing how to enable relaying.

But as the package maintainer, it's your choice - your default
configuration is certainly safe 99% of the time.



  __   _
  |_) /|  Richard Atterer     |  CS student at the Technische  |  GnuPG key:
  | \/¯|  http://atterer.net  |  Universität München, Germany  |  0x888354F7
  ¯ ´` ¯

Reply to: