Dave Crocker <dhc(_at_)dcrocker(_dot_)net> wrote:
On Fri, 10 Dec 2004 13:58:30 -0500, John Leslie wrote:
Yes, I think this should be part of any implementation: that localhost
is implied without being present in the list of IP addresses.
I am a simple user on an old-fashioned time-sharing machine. I run a
spamming smtp client on a machine run by a credible service that has
a good reputation.
Does not the above convention let me spam my own host?
Probably it does -- I hadn't though through it that far...
But what's the problem?
The sending SMTP client is localhost, meaning it's something under
your own control. (I would hope your machine has a good reputation...)
The net result, I would think, is the same as you'd get anyway from
any other host under your control. The only difference obvious to me is
that if you arrange things so all of your outgoing email reaches a
Mail Submission Agent via a port other than 25, this would bypass some
outgoing checks.
But, to tell truth, I think it's far easier to deal with that by
blocking localhost access to port 25...
Does anything about this belong in Best Practices?
--
John Leslie <john(_at_)jlc(_dot_)net>