Subject: re: localhost security hole
To: Todd Vierling <email@example.com>
From: matthew green <firstname.lastname@example.org>
Date: 06/29/2003 14:51:42
: >The zone administrator (or DNS spoofer) can redirect all root mail, by
: >adding a zone entry "localhost.dom.ain." that points to some other
: >place than 127.0.0.1. Is this considered a feature?
: that doesn't matter. that will only be looked for if "localhost" by
: itself is not found.
...and even that case can be cared for by using "root@localhost." (note
trailing dot, which tells the resolver that search domains must not be
except that the address "root@localhost." is invalid.