[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug in policy checking - is it fixed?

> I am still running 2.99.50-s11 on my production relay, and I wander if
> the problem that I discovered is fixed since then.  Fighting with ORBS,
> I noticed that when they sent
> MAIL FROM:<sender@[my.ip.add.ress]>
> my Zmailer allowed relaying.  Apparently, policy checker, having
> detected the domain in the dotted quad format, treats it as IP address,
> and quite naturally concludes that this is a trusted sender.  Which
> is obviously wrong, because the sender may put anything there.  The
> checker should not try to interpret domain names as dotted quad addrs.

   I think this is configuration issue; the system does not contain
proper support those address literals in the policy searches anyway,
and when I try this at  nic.funet.fi, I get:

	MAIL FROM:<mea@[]>
	553-5.4.3 Policy analysis reports DNS error with your
	553-5.4.3 source domain.   Please correct your source
	553 5.4.3 address and/or the info at the DNS.

> My question is, was this problem addressed recently?  If not, I will
> try to make necessary fixes these days.

	Propably not -- well, depending on your configuration.
	However, I seem to recall having touched  policytest.c
	for something like this a few months ago.

> Eugene

/Matti Aarnio <mea@nic.funet.fi>