I am testing a new server running Postfix 2.7.0 on Ubuntu 10.4. I am
using postmulti. The instance for receiving mail is setup like below.
Everything seems to be working fine.
But I feel confused why messages for non existing accounts gets
rejected with messages from policyd-weight and not with user unknown.
It seems that if policyd-weight accepts the connection it does then
get rejected with "Recipient address rejected: User unknown in virtual
mailbox table"
I would think that postfix would reject it right at "reject_unauth_destination".
Is it because having smtpd_reject_unlisted_recipient = yes gets
evaluated later and not as a part of smtpd_recipient_restrictions?
# postmulti -i postfix-in -x postconf -n
alias_database =
alias_maps =
authorized_submit_users = root
config_directory = /etc/postfix-in
data_directory = /var/lib/postfix-in
default_database_type = cdb
default_rbl_reply = $rbl_code Service unavailable; $rbl_class
[$rbl_what] blocked using rbl
default_transport = smtp:[127.0.0.1]:10024
inet_interfaces = $myhostname, localhost
local_header_rewrite_clients =
local_recipient_maps =
local_transport = error:5.1.1 Mailbox unavailable
master_service_disable =
multi_instance_enable = yes
multi_instance_group = mta
multi_instance_name = postfix-in
mydestination =
mydomain = xxxxxx.dk
myhostname = mta1.xxxxxx.dk
mynetworks = 127.0.0.0/8
myorigin = $mydomain
queue_directory = /var/spool/postfix-in
rbl_reply_maps = ${indexedh}rbl_reply_maps
recipient_delimiter = +
relay_transport = $default_transport
smtp_data_done_timeout = 1200s
smtp_destination_recipient_limit = 1000
smtp_send_xforward_command = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_port_logging = no
smtpd_client_restrictions = check_recipient_access
${indexed}receive_all check_client_access
pcre:/etc/postfix-in/fqrdns.pcre check_client_access
regexp:/etc/postfix-in/fqrdns.regexp check_client_access
cidr:/etc/postfix-in/client_blacklist.cidr
smtpd_data_restrictions = check_recipient_access ${indexed}receive_all
check_client_access ${indexed}client_pipeline_access
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions = reject_non_fqdn_recipient
reject_unauth_destination permit_mynetworks check_recipient_access
${indexed}receive_all check_recipient_access
pgsql:/etc/postfix-in/pg-recipient-quota ${indexed}recipient_access
warn_if_reject check_policy_service unix:private/policydjfa
check_policy_service inet:127.0.0.1:12525
smtpd_restriction_classes = restrict_pipeline, permissive
smtpd_sender_restrictions = check_recipient_access
${indexed}receive_all reject_unknown_sender_domain
reject_non_fqdn_sender ${indexed}sender_access
transport_maps = pgsql:/etc/postfix-in/pg-transport
virtual_alias_domains =
virtual_alias_maps = pgsql:/etc/postfix-in/pg-virtual-alias-maps
pgsql:/etc/postfix-in/pg-virtual-mailbox2mailbox
virtual_mailbox_domains = pgsql:/etc/postfix-in/pg-virtual-mailbox-domains
virtual_mailbox_maps = pgsql:/etc/postfix-in/pg-virtual-mailbox
virtual_transport = $default_transport
--
Jesper
