Re: Antigen found =*.pif file

To: debian-devel@lists.debian.org
Subject: Re: Antigen found =*.pif file
From: Richard Kettlewell <richardk@chiark.greenend.org.uk>
Date: Sat, 20 Apr 2002 13:32:55 +0100
Message-id: <[🔎] 84g01q5z48.fsf@rjk.greenend.org.uk>
Reply-to: Richard Kettlewell <rjk@terraraq.org.uk>
In-reply-to: <[🔎] 20020420121945.C23721@svana.org> (Martijn van Oosterhout's message of "Sat, 20 Apr 2002 02:32:01 GMT")
References: <[🔎] KC-MSXPROTO2iLcJJVB00013dc2@kc-msxproto2.kc.umkc.edu> <[🔎] 20020419230850.1c383c91.csousa@tvtel.pt> <[🔎] 20020419221936.GB1660@admingilde.org> <[🔎] 20020419221936.GB1660@admingilde.org> <[🔎] 87elhbmimx.fsf@toncho.dhh.gt.org> <[🔎] 84pu0v5ir3.fsf@rjk.greenend.org.uk> <[🔎] 84pu0v5ir3.fsf@rjk.greenend.org.uk> <[🔎] 20020420121945.C23721@svana.org>

Martijn van Oosterhout <kleptog@svana.org> writes:
> Richard Kettlewell wrote:

>> Some MTAs do indeed qualify random unqualified addresses they find
>> with their own mail domain name.
> 
> The reason is so the you can type mail <username> and have it end up at the
> right place. i.e. you don't need to know the mail domain to send a mail to
> the local user. They also fix the from address so that if the message is
> forwarded offsite, the reply still makes it.

That's a reason for "fixing" the addresses on locally submitted mail,
and I agree that it's reasonable to do this in the MTA.

But the message in question was one received from the public internet.
Obviously it shouldn't be mangled this way, as doing so created a
misleading address in exactly the way that someone commented on.  It
should be passed through unchanged (or possibly rejected, if local
policy is really that tight).

FWIW, none of the software which that message passed through on its
way to me "fixed" it in this broken way.  After initial injection it
only passed through Debian machines running Qmail and Exim.

>> Surely it's utterly obvious that this is a bug?  Are any of the
>> faulty machines running Debian?
> 
> Well, it would be a bug to qualify random addresses received in
> headers. But when a message comes in, when is it allowed to qualify
> it and when not?

The information required to get this right is already available to the
MTA: you need to know which messages are from your authorized clients
and which from the rest of the world anyway, to avoid being used as a
spam relay.

Exim already gets this right: qualify_domain is only applied to
locally-generated messages (and you can define which hosts this
applies to).  I'm not familiar with Qmail but from its behaviour it
appears to do the right thing too.

-- 
http://www.greenend.org.uk/rjk/

There is no need to CC me on postings to debian-devel, I read the
list.

-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Antigen found =*.pif file
  - From: Antigen@murphy.debian.org
- Re: Antigen found =*.pif file
  - From: Carlos Sousa <csousa@tvtel.pt>
- Re: Antigen found =*.pif file
  - From: Martin Waitz <tali@admingilde.org>
- Re: Antigen found =*.pif file
  - From: John Hasler <john@dhh.gt.org>
- Re: Antigen found =*.pif file
  - From: Richard Kettlewell <richardk@chiark.greenend.org.uk>
- Re: Antigen found =*.pif file
  - From: Martijn van Oosterhout <kleptog@svana.org>

Prev by Date: Re: Antigen found =*.pif file
Next by Date: Re: Antigen found =*.pif file
Previous by thread: Re: Antigen found =*.pif file
Next by thread: Re: Antigen found =*.pif file
Index(es):
- Date
- Thread