One correction: call reject_unverified_recipient after
reject_unauth_destination. I updated the text below.
monodev via Postfix-users:
> I was wondering if there was an option to make alias resolution happen
> before the quota service is queried.
Implementing 100% correct alias expansion in the SMTP server is
not feasible.
One solution is to use reject_unverified_recipient after
reject_unauth_destination, and to connect Postfix to Dovecot with
LMTP. Then, Dovecot will see the final recipient address(es) and
can reject mail for an over-quota recipient before the SMTP server
can accept the recipient.
Something like:
main.cf:
smtpd_recipient_restrictions =
...stuff...
reject_unauth_destination
...dnsbl stuff...
reject_unverified_recipient
mua_recipient_restrictions = permit_sasl_authenticated reject
And with submission services in master.cf that use a simpler form
of smtpd_recipient_restrictions settings
master.cf:
# Port 587
submission inet n - n - - smtpd
...
-o smtpd_recipient_restrictions=$mua_recipient_restrictions
...
# Port 465
submissions inet n - n - - smtpd
...
-o smtpd_recipient_restrictions=$mua_recipient_restrictions
...
The address verification servide will cache the recipient status
which keeps the cost of verification low.
Wietse
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
