Subject: Re: pppoe(4) man page in conjunction with Postfix leaves gaping relay hole
To: Jun-ichiro itojun Hagino <>
From: Bill Sommerfeld <>
List: tech-userlevel
Date: 10/01/2003 21:34:57
> >     inet -> netmask 0xff000000
> > which causes Postfix to treat as a trusted network to relay for.
> 	now i see the problem.  yes, it has to be fixed (documentation fix only
> 	i suppose).

For its default policy, postfix should probably ignore the netmask
(i.e, assume a /32) on interfaces flagged as IFF_POINTTOPOINT.

And I think that policy is suspect anyway -- would you want
cable-modem customers to have mailers that relay by default for the
virus-ridden infected open proxies on their cable subnet?

(would be simpler if we had IFF_EVIL/IFF_GOOD interface flags ;-) )

							- Bill