[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: percent-hack - any plans?

> I got it.  The problem is this: local part is checked for % or ! *only*
> if the domain part is among the localnames.  It *should* work against
> ORBS check but it does not seem the Right Thing otherwise.  Imagine
> we are one.com and we have "relaytarget +" for two.com.  Now, spammer
> sends mail to <innocent%aol.com@two.com> through our server.  "two.com"

	Urgle...  Yeah, and the @two.com sends all outgoing email thru
	your server...

	However, I think there should be *some* limit at where to put
	the limit of what the inline policy test code does, and when to
	just use e.g. integrated router based policy analysis functions.
	("The old way".)   They should still work, although *I* don't
	use them myself.

> What do you think?

	See CVS, and report back.

> Eugene

/Matti Aarnio