----- Original Message ----- From: /dev/rob0 To: postfix-users@postfix.org Cc: Sent: Monday, July 4, 2011 3:06 PM Subject: Re: unverified_recipient_tempfail_action = permit
>On Mon, Jul 04, 2011 at 04:48:44AM -0700, Charlie Orford wrote: >> unverified_recipient_tempfail_action = permitĀ would have solved >> this problem with the small penalty of a brief period of potential >> backscatter. >> >> Where is the down side? > >That "small penalty" sure is a down side. If I would provide backup >service for someone else, I would absolutely insist that the primary >must never reject my mail for that domain. Let THEM be the spammer, >not me. > >If you're intent on this, you can implement it yourself with simple >scripts. Best would be a small policy service, but a shell script >running from crontab would suffice. > >The cron job would check to see if the primary MX is reachable, and >exit if so. A check_recipient_access lookup for the backup domain >would return "defer" or "defer_if_permit". If the primary MX is not >available, the access map would be changed to return "dunno". > >The cron job continues checking availability of the primary MX, and >changes the access map back, and optionally runs "postfix flush", >when the primary MX comes back. > >A policy service could do the same thing in real time, without the >possible delay of the cron job interval. It could also flag clients >as likely spammers when they attempt to deliver to the backup domain >while the primary MX is up. Hi Rob0, I am not very familiar at all with the postfix policy service but having just read up on it using the links you provided, this looks like a straight forward workaround and I think I'd prefer this to setting the address cache expiration time on the secondary to something like 100 days. Am I right in thinking I could write a policy script that gets called just before reject_unverified_recipient but after reject_unauth_destination. The script would return action=DUNNO if the primary was up or action=OK if the primary was down. I'm working on the assumption that if the policy returns DUNNO, postfix will then proceed to check if the recipient is valid whereas if it returns OK it will halt any further checking of recipient restrictions and accept the mail. Charlie
