On 3/9/2011 11:09 μμ, Noel Jones wrote:
If we use:relay_recipient_maps = (that is, empty) then *all* recipients for the hosted domains (those listed in relay_domains) are accepted/forwarded? Yes. That turns you into a backscatter source, clogging your queue with undeliverable mail and eventually getting you blacklisted. Not recommended.
OK, I understand.
Is there a way we can configure the gateway server to ask the final delivery server (as defined in /etc/postfix/transport) whether the user is valid and decide to allow or reject the mail transfer? In this way we don't have to maintain a list of recipients.http://www.postfix.org/ADDRESS_VERIFICATION_README.html This requires that the next-hop server reply with a 5xx response to nonexistent recipients.
So, in order to implement such a solution, would it be sufficient to do something like the following, on the *gateway* mail server:
smtpd_recipient_restrictions =
permit_mynetworks, reject_unverified_recipient,
reject_unauth_destination
and on the *final destination* (next hop) mail server:
unverified_recipient_reject_code = 550
...??
I guess this is what you mean by "active recipient verification". Right?
Thanks again,
Nick
smime.p7s
Description: S/MIME Cryptographic Signature
