[Mimedefang] MX -> 127.0.0.1
Kevin A. McGrail
kmcgrail at pccc.com
Mon Sep 12 17:21:13 EDT 2005
> Any MX of 127.0.0.1 is not only broken but malicious. However, I'd
> expect it to be pretty common to have multiple MX's mixing public
> and private targets on the assumption that inside hosts would hit
> the working private number and outside hosts would fail and then
> connect to the public address. It's a bad assumption, since anyone
> else might have a different server at that same private address, but
> I'd still guess somebody does it.
I agree with this answer above and it's the same logic I used to write the
code.
As bad as it sounds, I've personally published documents recommending using
private addresses first and I've read LARGE companies documentation that
does as well (Symantec SMTP for Gateways). I have, of course, stopped such
recommendations many years ago but I am trying to stop malicious actions not
ignorant actions.
I know that DFS would bounce mail in this instance but we will have to agree
to disagree because I erring and allowing SPAM rather than the potential of
a false positive on a bounce.
But Matthew van Eerde has some great points. New version again in a few
minutes for comment and review.
Regards,
KAM
More information about the MIMEDefang
mailing list