I have a question about the situation where postfix receives a connection from a client trying to send to an invalid recipient address such as u...@nohow.noway.org.
Currently, postfix responds with: 450 4.1.2 <u...@nohow.noway.org>: Recipient address rejected: Domain not found What seems reasonable to me is the following: -- If postfix receives a response from DNS that the domain does not exist, then reject with 550 -- Otherwise, delay with 450 (DNS failure, etc.) http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient says one can use unverified_recipient_reject_code to change the 450 (temporary) failure to a 550 (permanent) failure "when you trust Postfix's judgments". As a newbie, I'm cautious about changing values from their default because I'm sure the default was chosen for a reason. But, I don't why the default would be to send back a temporary failure (450) if we get an answer from DNS that the domain doesn't exist. It seems like this needlessly leaves the message in the client's queue, where it tries to send over and over, just because maybe the domain might exist sometime in the future. But I'm a newbie and certainly don't know what all of the subtleties and unintended consequences would be if I were to change "unverified_recipient_reject_code to 550. So: 1) Can someone explain what "when you trust Postfix's judgments" means, specifically? 2) What do you gurus do/recommend with "unverified_recipient_reject_code"? 3) If you do recommend changing "unverified_recipient_reject_code" to 550, is there anything to watch out for? Thanks much, Michael