smtpd_recipient_restrictions = reject_unlisted_recipient vs.smtpd_reject_unlisted_recipient = yes
in [Postfix]
|
Prev: smtpd_recipient_restrictions = reject_unlisted_recipient vs. smtpd_reject_unlisted_recipient = yes
Next: smtpd_recipient_restrictions = reject_unlisted_recipient vs. smtpd_reject_unlisted_recipient = yes
From: Jerry on 23 Jun 2010 13:55 On Wed, 23 Jun 2010 13:15:02 -0400 Phil Howard <ttiphil(a)gmail.com> articulated: > The default for smtpd_reject_unlisted_recipient is yes. How does that > affect using reject_unlisted_recipient in > smtpd_recipient_restrictions? Does it mean it is effectively included > whether you include it or not? I presume I still need to list other > things like "smtpd_recipient_restrictions = permit_mynetworks > permit_sasl_authenticated" so I don't see the point in having a > separate smtpd_reject_unlisted_recipient. > > I had "smtpd_reject_unlisted_recipient = yes" but it doesn't seem to > work (it still accepts mail for unknown/non-existent recipients and > sends a bounce back). > > This is not the only variation I have tried, but here is where I am at > the moment: > > alias_database = cdb:/etc/postfix/aliases > alias_maps = cdb:/etc/aliases > command_directory = /usr/sbin > config_directory = /etc/postfix > daemon_directory = /usr/lib/postfix > data_directory = /var/lib/postfix > default_destination_concurrency_limit = 2 > default_privs = nobody > in_flow_delay = 1s > inet_protocols = ipv4, ipv6 > local_destination_concurrency_limit = 2 > mail_owner = postfix > mydomain = DOMAIN.NAME > myhostname = mx.DOMAIN.NAME > mynetworks = 127.0.0.0/8, 172.16.0.0/12, [::1]/128, [fcca::]/7, > [fe80::]/48 myorigin = $mydomain > proxy_interfaces = FIRE.WALL.IP.ADDR > queue_directory = /var/spool/postfix > recipient_delimiter = + > smtp_bind_address = 172.30.0.25 > smtp_bind_address6 = fcca::25 > smtpd_banner = $myhostname ESMTP - UNSOLICITED BULK OR ILLEGAL EMAIL > IS STRICTLY PROHIBITED > smtpd_recipient_restrictions = > permit_mynetworks permit_sasl_authenticated > reject_unauth_destination > reject_unknown_recipient_domain reject_unverified_recipient > smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/dovecot-auth > smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes > smtpd_tls_cert_file = /etc/ssl/certs/smtp.DOMAIN.NAME.crt > smtpd_tls_key_file = /etc/ssl/private/smtp.DOMAIN.NAME.key > smtpd_tls_security_level = may > soft_bounce = yes > unknown_local_recipient_reject_code = 450 > unverified_recipient_reject_code = 450 > virtual_alias_maps = cdb:/etc/postfix/virtual > virtual_mailbox_domains = /etc/postfix/domains > virtual_transport = dovecot I use Dovecot for virtual transport also. I don't remember exactly why; however, I had to place this in the main.cf file: dovecot_destination_recipient_limit = 1 By the way, your "smtpd_banner" may make you feel good, but like most disclaimers and oral contracts, it isn't worth the paper it is printed on. In fact, it almost sounds like a challenge. -- Jerry ✌ postfix-user(a)seibercom.net _____________________________________________________________________ TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html No guts, no glory, no broken bones. |