[Mimedefang] MX -> 127.0.0.1

David F. Skoll dfs at roaringpenguin.com
Mon Sep 12 16:47:04 EDT 2005


Les Mikesell wrote:

> Any MX of 127.0.0.1 is not only broken but malicious. However, I'd
> expect it to be pretty common to have multiple MX's mixing public
> and private targets on the assumption that inside hosts would hit
> the working private number and outside hosts would fail and then
> connect to the public address.  It's a bad assumption, since anyone
> else might have a different server at that same private address, but
> I'd still guess somebody does it.

I would reject mail from a domain that does that.  If I publish
192.168.1.1 as an MX record, all kinds of bad things could happen
if outside senders sent me mail, from mail being bounced to sensitive
information falling into the wrong hands.  It's a really dumb idea
to publish MX records that resolve to private addresses.

Regards,

David.





More information about the MIMEDefang mailing list