Bug 70089

Summary: Configuration files (*.cf) use "domain.name" as example settings. This must be changed to "example.com" or "example.name".
Product: [Retired] Red Hat Linux Reporter: Andreas Aardal Hanssen <andreaha-bugs>
Component: postfixAssignee: John Dennis <jdennis>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 7.3CC: chris.ricker, kmaraas
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2003-04-23 12:16:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Andreas Aardal Hanssen 2002-07-30 08:33:53 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/4.79 [en] (X11; U; Linux 2.4.18-5 i686)

Description of problem:
Author of Postfix MTA has agreed that this is a must, and latest postfix
includes this: the example domain "domain.name" is being used by postfix users,
causing mails to be delivered to the owner
of "domain.name", which is the .name registry, Global Name Registry, limited.
This is a configuration error by the user, but RedHat should change this
setting, preventing cron reports (and any other reports) to be mailed to the
.name registry.

Version-Release number of selected component (if applicable): All versions

How reproducible: Always

Steps to Reproduce:
1.Install postfix
2.Use default settings
3.Start cron
4.Check logs, see that internal mails are delivered remotely	

Actual Results:  .name registry received cron reports.

Expected Results:  reports should be accepted by postfix, or deferred when
trying to
deliver to example.com or example.name.

Additional info:

Author of Postfix has approved this fix. It's a security issue; the .name
registry can be trusted and does not use the postfix @domain.name mails unless
legitimate, but the data (security reports, postmaster reports, auto-reports
from open-relay-testers etc) flows unencrypted through the web before reaching
the destination..
Comment 1 Chris Ricker 2003-01-10 06:44:10 UTC 
This appears to be fixed in RHL 8.0 and later releases....
Comment 2 Kjartan Maraas 2003-04-02 23:21:07 UTC 
Should this be closed then?