Wietse Venema via Postfix-users:
> Paul Raines via Postfix-users:
> >
> > I moved from an old sendmail based mail server to a new Postfix one
> > recently. On the old system when a user account was closed I would put an
> > entry in a access map for sendmail like
> >
> > To:olduser@ ERROR:"505 Disabled user account"
> >
> > and this would work fine to prevent any email delivery for that user
> > with an immediate rejection (not a bounce)
> >
> > With Postfix I found I had to change the format of this to
> >
> > olduser@ 505 Disabled user account
> >
> > but my initial tests seemed to work okay so I thought all was well. But
> > after running in production for a few days I found three problems I did
> > not have with sendmail:
> >
> > 1) sending email to an external user with the same name like
> > oldu...@gmail.com fails with the Disabled user account error
>
> The Postfix SMTP server will reject mail for olduser@<any domain>.
>
> Other code paths that you mention (internal forwarding, internal
> aliasing) do not involve the Postfix SMTP server, and rules in
> smtpd_mumble_restrictions have no effect on those.
>
> If you need to reject olduser@<any domain> in all Postfix code paths
> use:
>
> /etc/postfix/main.cf:
> transport_maps = pcre:/etc/postfix/transport.pcre
>
> /etc/postfix/transport.pcre
> # Use \Qtext\E to disable PCRE operators in 'text'.
> /^\Qolduser@\E/ error:5.2.1 Disabled user account
>
> If you want to reject mail for olduser in *some* domains then
> you will need to enumerate those.
>
> /^\Qolduser@dom1.example\E/ error:5.2.1 Disabled user account
> /^\Qolduser@dom2.example\E/ error:5.2.1 Disabled user account
> /^\Qolduser@dom3.example\E/ error:5.2.1 Disabled user account
So far so good, but:
> /^\Qolduser@(dom1.example|dom2.example|dom3.example)\E/ error:5.2.1
> Disabled user account
That last example won't work because the () and | have lost their
special meaning inside \Q ... \E.
I suggest that you stick with one email address per line, and
generate the patterns programmatically from data that you already
have.
> The X.2.1 enhanded status code is defined in RFC 3463 for the case
> of a disabled mailbox.
Note that it's "error:5.2.1 Disabled...". The 5.2.1 is an RFC 3463
"Enhanced status" code, NOT a 5XX SMTP reply code.
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
