On 10/27/2009 2:35 AM, frantisek holop wrote:
hello there,i am writing a custom filter tool and i am looking for a way to verify that the recipient address is valid--as far as postfix and it's aliases and all it's maps are concerned. probably something like a command line client for verify(8), or a program to somehow evaluate that the condition smtpd_recipient_restrictions = reject_unverified_recipient is fulfilled. i am not sure if spamassassin or the other spam filters are doing something like this, the postfix documentation is quite explicit about verify(8) being very slow on heavy traffic sites, but this functionality would be very useful for greyfiltering/greytrapping as well. going over the logs to see if rcpt is valid is not good enough for me, because i have strict smtpd_helo_restrictions: smtpd_helo_restrictions = permit_mynetworks check_helo_access hash:/etc/postfix/helo_checks reject_invalid_helo_hostname reject_non_fqdn_helo_hostname reject_unknown_helo_hostname and legitimate but misconfigured servers are caught by this before the recipient is verified. i'd like to go over the logs and catch these false positives to whitelist them. one of the signs of these false positives would be to see if the recipient is legitimate. thank you for any pointers. -f
Have postfix do recipient validation before your helo checks. That way, only valid recipients will be rejected by your other rules.
Usually you can do this by putting reject_unlisted_recipient just after permit_mynetworks.
-- Noel Jones
