On 01/21/2011 11:20 PM, Condor wrote: > >> >> Does postconf smtpd_recipient_restrictions show the the same >> as what you've posted above? >> > > Yes, i did not post it because i posted in previous email but here is it > again: > > # postconf smtpd_recipient_restrictions > > smtpd_recipient_restrictions = permit_mynetworks, > permit_sasl_authenticated, reject_unauth_destination, check_helo_access > hash:/etc/postfix/helo_checks, check_sender_access > hash:/etc/postfix/helo_checks, check_recipient_access > pcre:/etc/postfix/recipient_checks.pcre, reject_invalid_hostname, > reject_unauth_pipelining, reject_non_fqdn_sender, > reject_unknown_sender_domain, reject_non_fqdn_recipient, > reject_unknown_recipient_domain, reject_unlisted_sender, > reject_rhsbl_client dbl.spamhaus.org, reject_rhsbl_sender > dbl.spamhaus.org, reject_rbl_client relays.ordb.org, reject_rbl_client > b.barracudacentral.org, reject_rbl_client cbl.abuseat.org, > reject_rbl_client dyna.spamrats.com, reject_rbl_client bl.spamcop.net, > reject_rbl_client zen.spamhaus.org, reject_rbl_client opm.blitzed.org, > reject_rbl_client dnsbl.njabl.org, reject_rbl_client dnsbl.sorbs.net, > reject_rbl_client db.wpbl.info, permit > > > I change my rbl lists and will see did they work, but this > check_recipient_access pcre:/etc/postfix/recipient_checks.pcre still does > not work. I change my file as you tell me: > /^@/ REJECT 550 Invalid address format. > /[!%@].*@/ REJECT 550 This server disallows weird address syntax. > /^postmaster@/ OK > /^hostmaster@/ OK > /^abuse@/ OK > /^nobody@/ REJECT 550 User is unknow. > > Reload postfix configuration once and after that i still can receive email > to nobody mailbox. > I can't find why isn't work. Any advice what i can do ? I change to > check_recipient_access to hash:/etc/postix/block that contain > nob...@my-domain.com REJECT Go away postmap and reload but again does not > work. Server just pass the mail to nobody. >
What are the contents of the file /etc/postfix/helo_checks? Your server also does not reject on the restrictions reject_non_fqdn_sender, reject_unknown_sender_domain, or reject_non_fqdn_recipient. Something is generating an 'OK' or 'permit' result prior to those checks. Maybe it's time you provided your current postconf -n output, as well as the full contents of access maps you're using. Also, replacing your 'OK' results in your access maps with permit_auth_destination may be safer in case you accidentally move them after reject_unauth_destination again in the future. -Mike
