On 9/3/2011 2:52 PM, Nikolaos Milas wrote: > On 3/9/2011 10:10 μμ, Noel Jones wrote: > >> Yes, although you may want to use relay: rather than smtp: as the >> transport name. The different name allows postfix to more >> efficiently schedule delivery for those domains, and allows you to >> use different relay delivery settings if needed. -- Noel Jones > > Thanks for the valuable info. > > One more bit. > > If we use: > > relay_recipient_maps = > > (that is, empty) then *all* recipients for the hosted domains (those > listed in relay_domains) are accepted/forwarded?
Yes. That turns you into a backscatter source, clogging your queue with undeliverable mail and eventually getting you blacklisted. Not recommended. > Is there a way we can configure the gateway server to ask the final > delivery server (as defined in /etc/postfix/transport) whether the > user is valid and decide to allow or reject the mail transfer? In > this way we don't have to maintain a list of recipients. http://www.postfix.org/ADDRESS_VERIFICATION_README.html This requires that the next-hop server reply with a 5xx response to nonexistent recipients. > Alternatively, we can use ldap-based checking (because our users are > LDAP-hosted), but what about their aliases (which are also > LDAP-based)? On the main destination server we use: > virtual_mailbox_maps and virtual_alias_maps with ldap-based > definitions. Can/should we use those for relay_recipient_maps? An > additional problem is that on the mail servers of some subdomains > the users are not LDAP-hosted but standard local unix users. Asking > directly the destination server for recipient validation would solve > all these problems. > You can use ldap for valid recipients. Structure your query so that valid aliases are also included. For your Unix users, you can do an automated periodic dump to a hash file and rsync it to the server. You can use both ldap and a hash map in relay_recipient_maps -- that's why the parameter is named "_maps" plural. Or just use active recipient verification. Whichever works best for your environment. -- Noel Jones
