Context Navigation

← Previous Change
Next Change →

virtual_re

Timestamp:

Feb 21, 2013, 11:59:19 PM (11 years ago)

Author:

andersk

Message:

Tighten scripts vhost mail security

Broken MTAs such as MIT’s will rewrite anyone@awesome-cname.mit.edu to
anyone@scripts-vhosts.mit.edu, in violation of RFC 2821.  (This can be
fixed with the Sendmail nocanonify feature or DontExpandCnames option,
which, bewilderingly, are still not the default.)  To prevent such
mail from being misdirected, remove scripts-vhosts from $mydestination
and let it bounce.

Correct r1452 to match literal periods in scripts.mit.edu.

Reserve the well-known (RFC 2142) email addresses
{abuse,hostmaster,noc,postmaster,security}@every-domain for our own
purposes; /etc/aliases maps these to root.

Tested on scripts-f17-dev.

File:

: 1 edited

trunk/server/fedora/config/etc/postfix/virtual_re (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/server/fedora/config/etc/postfix/virtual_re

r1452	r2375
1		/^(.*)@scripts.mit.edu$/ $1@scripts.mit.edu
	1	/^(.*)@scripts\.mit\.edu$/ $1@scripts.mit.edu
	2	/^(abuse\|hostmaster\|noc\|postmaster\|security)@/ $1@scripts.mit.edu
2	3	/^(.)@([^@])\.scripts\.mit\.edu$/ $2+$1
3	4	/^([^@]*)\.scripts\.mit\.edu$/ true

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 2375 for trunk/server/fedora/config/etc/postfix/virtual_re

Legend:

trunk/server/fedora/config/etc/postfix/virtual_re

Download in other formats: