Re: [AMaViS-user] Better default for $localhost_name?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On Thu, 3 Mar 2011, Patrick Ben Koetter wrote:

> RFC 2006 <http://tools.ietf.org/rfc/rfc2606.txt> indicates you are right. I
> need to do some testing. Maybe I jumped to the wrong conclusion why specifying
> "localhost" only causes problems.

reject_non_fqdn_helo_hostname will catch a bare 'localhost' since it has 
no '.', but 'localhost.' doesn't work either, since the implementation 
specifically checks for '.' within the string.  So it'll cause problems 
here either way, but...

> Some simply set it globally and don't disable it or change the policy on
> reinjection port.

I'd say that's a mistake, and not one amavisd-new should be trying 
particularly hard to avoid.  On my systems, I reject any HELO coming from 
the outside that looks like localhost, the box's own addresses or domain 
names, the RFC 2606 reserved names, and a handful of common pseudo-TLDs, 
including '.localdomain'.  But it's perfectly fine to use 'localhost' over 
the loopback:

Received: from localhost (localhost [127.0.0.1])
     by jupiter.loonybin.net (Postfix) with ESMTP id 3032BA2813F
     for <rw...@lo...>; Wed,  2 Mar 2011 18:15:15 -0500 (EST)

-Rob