> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of mouss > Sent: 08 October 2008 14:03 > Cc: postfix-users@postfix.org > Subject: [SPAM?] Re: My first config - unable to telnet to > port 25, virtual.db missing > Importance: Low > > Paul Cocker wrote: > > Referring to the uppercase, I assume this is based around both > > machines passing directly to the internal server. If, as we do, the > > secondary forwards the mail onto the primary (which skips the > > secondary's headers and examines those that came before) then such > > validation is not a requirement to "good behaviour", correct? > > you're still not getting it. you must implement recipient > validation on all servers that get connections from untrusted > sources. period. it doesn't matter if you call the server > "secondary", "primary" or "Virginia". the server must either > have a copy of the list of valid recipients or use > reject_unverified_recipient. > > when your secondary accepts a transaction, it queues the > message and will later pass it to the primary. this doesn't > happen during the smtp transaction. This is the famous "store > and forward" mechanism. so if the primary rejects a > recipient, your secondary would generate a bounce. and this > is the thing we don't want. we want your secondary to reject > (not bounce). > > http://spamlinks.net/prevent-secure-backscatter.htm > >
But isn't recipient maps purely checking the destination address to see if it's valid? If so, why does it matter when you check the validity so long as you do before it reaches its final destination for that domain and is bounced? Reading the link you provided (very helpful, thanks), is the reason you need to reject during the session: "but should instead reject the mail during the SMTP session, and leave the remote sending server to handle the bounce" TNT Post is the trading name for TNT Post UK Ltd (company number: 04417047), TNT Post (Doordrop Media) Ltd (00613278), TNT Post Scotland Ltd (05695897), TNT Post North Ltd (05701709), TNT Post South West Ltd (05983401), TNT Post Midlands Limited (6458167)and TNT Post London Limited (6493826). Emma's Diary and Lifecycle are trading names for Lifecycle Marketing (Mother and Baby) Ltd (02556692). All companies are registered in England and Wales; registered address: 1 Globeside Business Park, Fieldhouse Lane, Marlow, Buckinghamshire, SL7 1HY.
