On Sun, Mar 17, 2024 at 09:52:10PM -0700, Glenn Tenney via Postfix-users wrote:
> > It is a reserved domain name, (one of many) that you can use internally,
> > without clashing with *real domains*.
>
> Wow. Once you KNOW it's there, you can find out about "local.invalid".
> BUT if you didn't know it was there, finding out about "local.invalid"
> would be difficult.
The entire "invalid" TLD is reserved by IANA, this isn't a Postfix
thing. I use it for various internal routing tricks without stepping
on real domains. E.g. rewrite some recipients to "discard.invalid"
which is routed in my transport(5) to the discard(8) transport.
> Based on "local.invalid" knowledge from Viktor, am I correct that
> entering the following line in virtual would block that email address?
> user@some.domain user@local.invalid
No. The opposite. This would definintely accept the mail, which would
typically bounce, unless you make it deliverable. As explained, the
access(5) and transport(5) tables are available to reject and/or bounce
some recipients, while virtual(5) is just for aliasing.
> For virtually hosted domains is there any way to "rewrite" any email
> address to a specific email? e.g.
> @some.domain user@another.domain
Just like that.
> > - You can reject SMTP recipients via various restriction checks
> > that perform access(5) lookups against tables of your choice.
>
> How can I do it not based on the network or domain name but a specific
> u...@domain.name?
By putting that address in an access(5) table with "REJECT <reason>" as
the RHS. Then add:
main.cf:
indexed = ${default_database_type}:${config_directory}/
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination,
check_recipient_access ${indexed}rcpt-access
rcpt-access:
# Postmap after each change
user1@domain.example REJECT 5.1.1 purported to not exist
user2@domain.example REJECT 5.7.1 access denied
...
> > - You can route some recipients to the error(8) transport, and
> > this will also lead them to be rejected at SMTP time.
>
> I DID look it up. How do I do this? I don't see a way to use error(8)
> table to do it.
There is no error(8) table, that's delivery agent. There's a transport
table:
main.cf:
# See "indexed = ..." above
transport_maps = ${indexed}transport
transport:
u...@domain.name error:5.1.1 purported to not exist
> > No, it also supports user@domain.
>
> it sure would be nice if that was in that man page!
It is. Look under "TABLE SEARCH ORDER".
> > > ACCESS seems to allow only a domain name or IP (again, without a
> > > user@) on the LHS. This doesn't seem to apply to my query.
> >
> > No, it also supports user@domain.
>
> it sure would be nice if that was in that man page!
It is. Look under "EMAIL ADDRESS PATTERNS".
> > By mapping a user to the error transport.
>
> Oh, PLEASE... just tell me how to map a user to the error transport...
By adding an entry to the transport(5) table, see above.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
