Vytenis A:
> Hello everyone,
>
> Is there a way to do a recipient verification for emails in
> virtual_alias_maps?
Have you tried it? Note that it cannot work for aliases that expand
into multiple addresses. If some of those addresses are deliverable
and some not, then the answer depends on the order of completion of
verification tests.
Wietse
> The problem is that our clients are using "u...@localdomain.tld" ->
> "u...@externaldomain.tld" aliases. This leaves me delivering SPAM
> emails to, e.g. "gmail", which hang deffered in my queue.
>
> "amavis" filter requires
> "receive_override_options=no_address_mappings" to prevent multiple
> scans.
>
> Can You give me some advice how to defer emails resolving to
> deferring/nonexistant addresses? Thanks in advance.
>
> MX server configuration below:
>
> # postconf -n
> alias_maps =
> config_directory = /etc/postfix
> debug_peer_level = 2
> debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
> ddd $daemon_directory/$process_name $process_id & sleep 5
> disable_vrfy_command = yes
> inet_interfaces = all
> inet_protocols = ipv4
> local_transport = error:Local delivery is disabled
> mailbox_size_limit = 0
> message_size_limit = 68157440
> mydestination =
> mydomain = provider.tld
> mynetworks =
> postscreen_access_list = cidr:/etc/postfix/whitelist.cidr
> postscreen_dnsbl_action = enforce
> postscreen_dnsbl_sites = zen.spamhaus.org*1 dnsbl.sorbs.net*1
> cbl.abuseat.org*1 bl.spamcop.net*1 b.barracudacentral.org*1
> dnsbl-1.uceprotect.net*1
> postscreen_dnsbl_threshold = 2
> postscreen_greet_action = enforce
> postscreen_greet_wait = ${stress?2}${stress:8}s
> receive_override_options = no_address_mappings
> relayhost = [relayhost.provider.tld]
> smtp_tls_security_level = none
> smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache
> smtpd_client_restrictions = permit
> smtpd_data_restrictions = reject_unauth_pipelining,
> reject_multi_recipient_bounce, reject_unknown_sender_domain,
> reject_rhsbl_sender multi.surbl.org, reject_rhsbl_sender
> dbl.spamhaus.org, check_client_access
> cidr:/etc/postfix/amavis-ip-access, permit
> smtpd_helo_required = yes
> smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
> reject_invalid_helo_hostname, permit
> smtpd_recipient_restrictions = reject_non_fqdn_recipient,
> check_client_access cidr:/etc/postfix/whitelist.cidr,
> check_policy_service inet:1.2.3.4:10031, permit
> smtpd_relay_restrictions = reject_unauth_destination, permit
> smtpd_sender_restrictions = reject_non_fqdn_sender, permit
> smtpd_tls_cert_file = /etc/ssl/xxx.crt
> smtpd_tls_key_file = /etc/ssl/xxx.key
> smtpd_tls_loglevel = 1
> smtpd_tls_protocols = !SSLv2
> smtpd_tls_security_level = may
> smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
> soft_bounce = no
> transport_maps = proxy:mysql:/etc/postfix/mysql-transport-maps.cf
> virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual-alias-maps.cf
> virtual_mailbox_base = /var/spool/mail
> virtual_mailbox_domains =
> proxy:mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
> virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
>
> master.cf
>
> smtpd pass - - - - - smtpd
> smtp inet n - - - 1 postscreen
> dnsblog unix - - - - 0 dnsblog
> tlsproxy unix - - - - 0 tlsproxy
> pickup unix n - - 60 1 pickup
> cleanup unix n - - - 0 cleanup
> qmgr unix n - - 300 1 qmgr
> tlsmgr unix - - - 1000? 1 tlsmgr
> rewrite unix - - - - - trivial-rewrite
> bounce unix - - - - 0 bounce
> defer unix - - - - 0 bounce
> trace unix - - - - 0 bounce
> verify unix - - - - 1 verify
> flush unix n - - 1000? 0 flush
> proxymap unix - - n - - proxymap
> proxywrite unix - - n - 1 proxymap
> smtp unix - - - - - smtp
> relay unix - - - - - smtp
> showq unix n - - - - showq
> error unix - - - - - error
> retry unix - - - - - error
> discard unix - - - - - discard
> lmtp unix - - - - - lmtp
> anvil unix - - - - 1 anvil
> scache unix - - - - 1 scache
>
> amavis unix - - - - 8 lmtp
> -o lmtp_data_done_timeout=1200
> -o lmtp_send_xforward_command=yes
> -o disable_dns_lookups=yes
> -o max_use=20
>
> 127.0.0.1:10025 inet n - - - - smtpd
> -o content_filter=
> -o smtpd_delay_reject=no
> -o smtpd_client_restrictions=permit_mynetworks,reject
> -o smtpd_helo_restrictions=
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o smtpd_relay_restrictions=
> -o smtpd_data_restrictions=reject_unauth_pipelining
> -o smtpd_end_of_data_restrictions=
> -o smtpd_restriction_classes=
> -o mynetworks=127.0.0.1/32
> -o disable_dns_lookups=yes
> -o smtpd_error_sleep_time=0
> -o smtpd_soft_error_limit=1001
> -o smtpd_hard_error_limit=1000
> -o smtpd_client_connection_count_limit=0
> -o smtpd_client_connection_rate_limit=0
> -o
> receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
> -o local_header_rewrite_clients=
> -o smtpd_milters=
> -o local_recipient_maps=
> -o relay_recipient_maps=
>
> --
> V
>
