Noel Jones wrote:
On 5/12/2010 1:56 AM, Aniruddha wrote:
Hi,
I have set up postfix with a mail_transport to Zarafa. To fix an '
Recipient address rejected: User unknown in local recipient table'
error I have to put an empty 'local_recipient_maps =' in postfix's
main.cf.
The correct solution is to point that parameter at a map containing
all your valid users.
Often this is caused by listing a virtual_mailbox_domain in
mydestination. Don't do that.
I do wonder about the security implications of setting this
option. If I understand the documentation correctly it isn't wise to
set this option to empty. Is this correct? Besides the information
below I can't find much information about this option.Thanks in
advance!
Accepting mail for undeliverable recipients will cause postfix to send
non-delivery notices -- bounces -- to the reported envelope sender.
The envelope sender on spam is frequently either a non-working address
or an innocent third party.
This has two results; your queue is filled with undeliverable bounces,
and you send bounces to innocent third parties. The full queue will
badly affect delivery of legit mail, and the backscatter you send to
innocent people will get you blacklisted.
Rejecting the mail during the initial SMTP session avoids these problems.
-- Noel Jones
Postfix provides many different mechanisms to access different formats
of tables and/or define policy agents that can check things like this,
even if the database is part of another software package. For example, I
have my user database in the vpostmaster package and my
smtpd_recipient_restrictions include (directly after the
permit_sasl_authenticated and permit_mynetworks),
check_recipient_access proxy:pgsql:/etc/postfix/vpm_recipient_access
The file vpm_recipient_access contains a single rather complex nested
postgres sql statement which checks the data base and verifies both the
existance of the domain and username on the local mail server. It then
returns DUNNO if the recipient address is valid or "REJECT No such
domain %d" or "REJECT No such user %u in domain %d" You could also, of
course, implement this with simple berkely db files, or by writing a
policy agent.
Previously the vpostmaster policy daemon was validating the recipients,
however I moved this into the postfix sql interface because it is much
faster and causes sooner rejection of bad reciepients in the smtpd
session, increasing the performance of my mail server.
Nataraj
Nataraj
