I have a question about the situation where postfix receives a connection
from a client trying to send to an invalid recipient address such as
u...@nohow.noway.org.

 

Currently, postfix responds with:

 

450 4.1.2 <u...@nohow.noway.org>: Recipient address rejected: Domain not
found

 

What seems reasonable to me is the following:

-- If postfix receives a response from DNS that the domain does not exist,
then reject with 550

-- Otherwise, delay with 450 (DNS failure, etc.)

 

http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient says one
can use unverified_recipient_reject_code to change the 450 (temporary)
failure to a 550 (permanent) failure "when you trust Postfix's judgments".

 

As a newbie, I'm cautious about changing values from their default because
I'm sure the default was chosen for a reason.  But, I don't why the default
would be to send back a temporary failure (450) if we get an answer from DNS
that the domain doesn't exist.  It seems like this needlessly leaves the
message in the client's queue, where it tries to send over and over, just
because maybe the domain might exist sometime in the future.  But I'm a
newbie and certainly don't know what all of the subtleties and unintended
consequences would be if I were to change "unverified_recipient_reject_code
to 550.  

 

So:

1)  Can someone explain what "when you trust Postfix's judgments" means,
specifically?

2)  What do you gurus do/recommend with "unverified_recipient_reject_code"?

3)  If you do recommend changing "unverified_recipient_reject_code" to 550,
is there anything to watch out for?

 

Thanks much,

Michael

 

 

 

Reply via email to