pilot error? or idiots at microsoft?

Mark Martinec Mark.Martinec+amavis at ijs.si
Thu Aug 11 11:24:33 CEST 2011


On Wednesday August 10 2011 16:40:26 Michael Scheidell wrote:
> So, we open a bugzilla and put 169.254* addresses into 'local_networks'
> by default? like rfc1918?
> it the example, sa sees the internal (trusted) 172* ip, and sees 'first
> untrusted' (the 169* address!)
> spf fails, rbls are consulted. all could be avoided if ms actually
> followed RFC's
> <http://technet.microsoft.com/en-us/magazine/gg314976.aspx>

The 169.254.0.0/16 should be treated just like 127.0.0.0/8,
::1/128, and 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16.
It is a private address (link-local vs. host-local vs site-local).
As such it should be included in internal_networks, trusted_networks,
and @mynetworks in amavisd.conf.

Just as there is nothing wrong with seeing 127.0.0.1 in a
received trace, there is nothing wrong with seeing 169.254.x.x
there.

  Mark


More information about the amavis-users mailing list