From: Rob F. <rw...@lo...> - 2011-03-03 00:26:52
|
On Thu, 3 Mar 2011, Patrick Ben Koetter wrote: > RFC 2006 <http://tools.ietf.org/rfc/rfc2606.txt> indicates you are right. I > need to do some testing. Maybe I jumped to the wrong conclusion why specifying > "localhost" only causes problems. reject_non_fqdn_helo_hostname will catch a bare 'localhost' since it has no '.', but 'localhost.' doesn't work either, since the implementation specifically checks for '.' within the string. So it'll cause problems here either way, but... > Some simply set it globally and don't disable it or change the policy on > reinjection port. I'd say that's a mistake, and not one amavisd-new should be trying particularly hard to avoid. On my systems, I reject any HELO coming from the outside that looks like localhost, the box's own addresses or domain names, the RFC 2606 reserved names, and a handful of common pseudo-TLDs, including '.localdomain'. But it's perfectly fine to use 'localhost' over the loopback: Received: from localhost (localhost [127.0.0.1]) by jupiter.loonybin.net (Postfix) with ESMTP id 3032BA2813F for <rw...@lo...>; Wed, 2 Mar 2011 18:15:15 -0500 (EST) -Rob |