Lukas Haase wrote on 10/13/2010: > Hi,
> I successfully configured dovecot using virtual users (and LDAP/AD). > deliver is the LDA and verifies if the user exists (as recommended in > the WIKI). > However, the howtos in the Wiki say *nothing* about the case that the > recipients should be verified *before* receiving the messages (prevent > backscatter, ...). All configurations in the dovecot-Wiki (postfix and > exim) just accept the mails and pass them to deliver. Also, all howtos > which I found on the web. If the user does not exist, the mail is > bounced because the mail was already accepted by the MTA. Nowadays this > is an unacceptable configuration! By default, Postfix rejects mails for unknown local users.If Postfix accepts mails for unknown users than it's a configuration problem or you don't maintain a list of valid users. > Is there a special reason why there is no discussion about this? It's Postfix related - Dovecot does no checks about valid recipients for Postfix but you can use the same data sources as for Dovecot - no need to maintain user lists for Postfix and Dovecot. Because Postfix needs to check for valid recipients why should there a special hint in the Dovecot Wiki about that? You must first make sure that Postfix works as expected - no other IMAP Server checks vor valid recipients. > However, as postfix seems to be really too unflexible I have set up exim > to handle incoming mail and do the usercheck in the router (with an LDAP > query). But now the user is doubled-checked: Once when receiving with > exim and a second time in deliver. This is not necessary, so I guess I > can disable the LDAP query for deliver and set up a static userdb. Why is Postfix unflexible? Use reject_unverified_recipient for dynamic verification of valid recipients and there's no need to maintain static files. You could also use a LDAP query to retreive a list of valid recipients before you accept the mail for non-existing users. > Why does the Wiki recommened to verfify with deliver when the user needs > to be checked at the MTA anyway? Checking of valid recipients is a Postfix job so you can use relay_recipient_maps, reject_unverified_sender or virtual_mailbox_maps (depending on your configuration). Btw: what does the Wiki recommend? Weblink? -- Daniel
