On 3/23/2016 11:25 AM, jaso...@mail-central.com wrote: > Hello, > > I'm learning how to get remote address verification working. My 'mail1' > server receives mail from the net, and checks on 'mail2' to see if the > recipient is valid. > > I've got a question about error/dsn status for the rejections. > > Right now I've got non-existent addresses being rejected, like I'd expect. > > So far, in my 'mail1' main.cf I have > > address_verify_map = lmdb:/var/lib/postfix/verify_cache > address_verify_transport_maps = > static:addressverify:[mail2.example.com]:25 > relay_recipient_maps = > reject_tempfail_action = defer_if_permit > unverified_recipient_tempfail_action = defer_if_permit
The address_verify_transport_maps shouldn't be set unless you require something different from the destination default, such as verifying with a downstream mail store, but normal deliveries go to through a filter that may not know valid recipients. The tempfail actions are used when postfix gets a temporary failure or no response from the downstream server. It's usually best to leave those unset so that the postfix default is used. > > When I send to a non-existent address at my domain, I see this in the 'mail2' > server's logs > > Mar 23 09:01:01 mail2 postfix/qmgr[29724]: 01BA8102D48: > from=<j......@gmail.com>, size=4788, nrcpt=1 (queue active) > Mar 23 09:01:01 mail2 postfix/error[32481]: 01BA8102D48: > to=<noex...@example.com>, relay=none, delay=0.24, delays=0.15/0.03/0/0.06, > dsn=5.0.0, status=bounced (example.com) > Mar 23 09:01:01 mail2 postfix/cleanup[30437]: 3F01C102E80: > message-id=<20160323160101.3f01c102...@mail2.example.com> > Mar 23 09:01:01 mail2 postfix/bounce[32482]: 01BA8102D48: sender > non-delivery notification: 3F01C102E80 > Mar 23 09:01:01 mail2 postfix/qmgr[29724]: 3F01C102E80: from=<>, > size=6713, nrcpt=1 (queue active) > Mar 23 09:01:01 mail2 postfix/qmgr[29724]: 01BA8102D48: removed > > and I receive this at the original sending account > > Reporting-MTA: dns; mail2.example.com > X-Postfix-Queue-ID: 01BA8102D48 > X-Postfix-Sender: rfc822; j......@gmail.com > Arrival-Date: Wed, 23 Mar 2016 09:01:00 -0700 (PDT) > > Final-Recipient: rfc822; noex...@example.com > Original-Recipient: rfc822;noex...@example.com > Action: failed > Status: 5.0.0 > Diagnostic-Code: X-Postfix; example.com > > I get "Status: 5.0.0" and "Action: failed". > > So it seems the rejection is working. > > But, is '5.0.0' the right response here from the remote address verification > check? Is is possible to have a more-informative 'this email doesn't exist' > message/status? Or should I? > > Thanks for helping clear this up. > The response echos what postfix receives from the downstream server. You can include some custom text, but you can't change the status code. http://www.postfix.org/postconf.5.html#unverified_recipient_reject_reason unverified_recipient_reject_reason = Recipient address unknown -- Noel Jones
