|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Magnus Bäck (magnus
dsek.lth.se)
Date: Tue May 01 2007 - 23:27:22 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wednesday, May 02, 2007 at 01:09 CEST,
Sean Kennedy <skennedygeekdom.vcn.com> wrote:
> I am running Postfix 2.3.3. I do recipient address verification with
> relay_recipient_maps that hooks up to an LDAP database. It recently
> came to my attention that aliased addresses aren't canonicalized and
> passed through relay_recipient_maps. So right now, anyone can send to a
> bogus usersomealiaseddomain.com and it would be accepted.
What do you mean by aliased domain? Wildcard rewriting like
example.com example.net
perhaps? Those do indeed break recipient validation and must not be
used.
> Would adding all the aliases to my LDAP database then hooking that into
> virtual_alias_maps work? Is there any easier, perhaps more elegant way
> to do recipient verification on addresses that are aliases?
ITYM recipient validation. Recipient verification is something else.
--
Magnus Bäck
magnusdsek.lth.se
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]