Subject: postfix: Postfix is an Open Relay with setup defaults on ALL IP
pool providers, not only classic "dialup"
Date: Tue, 10 Apr 2007 08:41:26 +0000
Package: postfix
Version: 2.3.8-2+b1
Severity: minor
main.cf documentation should state clearly that
mynetworks_style = subnet
relays open for ALL IP pool providers,
not only for classic ppp "dialup" providers.
documentation could be misleading here on fast reading and it
is unconditional for spammers to use my cable provider
since he assigns mostly static addresses and reserves
them par DHCP, so yesterday I was subject to a coordinated
unexpected spam gang attack using access to "my" subnet and
getting relay access for a short time.
But I'll take that blamage, sorry for any damage.
y
tom
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (990, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages postfix depends on:
ii adduser 3.102 Add and remove users and groups
ii debconf [debconf-2.0] 1.5.13 Debian configuration management sy
ii dpkg 1.13.25 package maintenance system for Deb
ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries
ii libdb4.3 4.3.29-8 Berkeley v4.3 Database Libraries [
ii libsasl2-2 2.1.22.dfsg1-8 Authentication abstraction library
ii libssl0.9.8 0.9.8c-4 SSL shared libraries
ii lsb-base 3.1-23.1 Linux Standard Base 3.1 init scrip
ii netbase 4.29 Basic TCP/IP networking system
ii ssl-cert 1.0.14 Simple debconf wrapper for openssl
Versions of packages postfix recommends:
ii mailx [mail-read 1:8.1.2-0.20050715cvs-1 A simple mail user agent
-- debconf information excluded
Subject: Re: Bug#418511: postfix: Postfix is an Open Relay with setup defaults on ALL IP
Date: Tue, 10 Apr 2007 06:42:33 -0600
forwarded 418511 [email protected]
--
On Tue, Apr 10, 2007 at 08:54:05AM +0000, Debian BTS wrote:
> Package: postfix
> Version: 2.3.8-2+b1
> Severity: minor
>
> main.cf documentation should state clearly that
> mynetworks_style = subnet
> relays open for ALL IP pool providers,
> not only for classic ppp "dialup" providers.
This is precisely why the debian install sets mynetworks=127.0.0.0/8.
(mynetworks_style is newer.) If you can't trust your neighbors, then
you want to have a more restrictive mynetworks_style.
Forwarded upstream.
lamont
Acknowledgement sent
to "Raoul Bhatia [IPAX]" <[email protected]>:
Extra info received and forwarded to list. Copy sent to LaMont Jones <[email protected]>.
(Thu, 15 Jul 2010 17:42:05 GMT) (full text, mbox, link).
Subject: Postfix is an Open Relay with setup defaults on ALL IP
Date: Thu, 15 Jul 2010 19:15:56 +0200
> forwarded 418511 [email protected]
> --
>
> On Tue, Apr 10, 2007 at 08:54:05AM +0000, Debian BTS wrote:
>> Package: postfix
>> Version: 2.3.8-2+b1
>> Severity: minor
>>
>> main.cf documentation should state clearly that
>> mynetworks_style = subnet
>> relays open for ALL IP pool providers,
>> not only for classic ppp "dialup" providers.
>
> This is precisely why the debian install sets mynetworks=127.0.0.0/8.
> (mynetworks_style is newer.) If you can't trust your neighbors, then
> you want to have a more restrictive mynetworks_style.
sorry, but i fail to understand what you want to say by
"relays open for ALL IP pool providers,"
is this "issue" still pending or has it been resolved upstream?
for example, i see an update to main.cf in
http://git.debian.org/?p=users/lamont/postfix.git;a=commitdiff;h=c6e2f813#patch22
cheers,
raoul
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.