Stan Hoeppner put forth on 9/15/2009 5:44 AM: > Ansgar Wiechers put forth on 9/15/2009 4:28 AM: > >> Then you can't avoid sending backscatter. Period. RFC 2821 clearly >> states: >> >> | If an SMTP server has accepted the task of relaying the mail and >> | later finds that the destination is incorrect or that the mail >> | cannot be delivered for some other reason, then it MUST construct >> | an "undeliverable mail" notification message and send it to the >> | originator of the undeliverable mail >> >>> therefore I don't know what the best way forward would be? >> Maintain a recipient list. > > This is your starting point: > http://www.postfix.org/postconf.5.html#relay_recipient_maps > > This might be useful for AD/LDAP: > http://www2.origogeneris.com:4000/relay_recipients.html > > Google for other solutions. Lots of info on this topic out there. > > FYI my Postfix MX is strictly an anti-spam/gateway server as well, and I use > relay_recipients. Granted, I've got less than 100 valid email addresses that > change rarely, but even if it were 100,000 it still wouldn't be that much > trouble to maintain, assuming I have timely access to address adds/changes on > the downstream MTA(s), which I do.
Sorry, should have included this the first time: http://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall That's your starting point (if you've not read it already). -- Stan
