[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: open-relay?



On Mon, Jan 07, 2002 at 12:11:16AM +0100, Franklin Kingma wrote:
> 
> Sorry._Although_I'm_listed_as_a_best-preference_MX_or_A_for_that_host,/it_is
> n't_in_my_control/locals_file,_so_I_don't_treat_it_as_local
> 
> i think that is the one...
Probably, but my question remains: do you have a control/locals-file ? If the
file doesn't exist, qmail-send will read your local domains from the database
and work without control/locals. However if the file exists, it will use the
contents of that file. I didn't implement the same for rcpthosts since 
- a non-existant rcpthosts is used for a open relay server: reading acceptable
  domains from the database would break this feature (internal mailservers
  can be configured as open relay-servers since unauthorized access is blocked
  by the firewall).
- rcpthosts is read by qmail-smtpd, which would need to be patched to connect
  to the database EVERY time a mail is received. No need to tell you that this
  will almost double the required database-queries. Note that this doesn't
  count for locals: these are only read at startup of qmail-send (or when
  qmail-send receives SIGHUP) and thus don't cause any overhead during mail-
  delivery.

But it's probably not much work to add a configuration-flag (or environment-
variable to qmail-smtpd): usercpthostsfromdb, which will then qmail-smtpd
cause to read rcpthosts from the database. However, the fastest solution is
currently to run:
  psql -d userdb -U userconsult --pset format=unaligned --pset tuples_only \
  -c "select distinct virtual_host from passwd" -o rcpthosts
from a hourly cronjob (something equivalent with mysql).

Kind regards,
Michael Devogelaere.