Having proved beyond all shadow of a doubt that sending mail to 
root@localhost leaves a security leak a mile wide, what should be done?

The zone administrator (or DNS spoofer) can redirect all root mail, by 
adding a zone entry "localhost.dom.ain." that points to some other 
place than 127.0.0.1.  Is this considered a feature?

I proposed PR install/21999, to modify the /etc/hosts file to include 
"localhost.dom.ain", right next to the "host.dom.ain host" line.

So far, most commentators oppose this change.

Alternatives?
-- 
William Allen Simpson
    Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32