I'm doing some more thinking about this, and trying to follow the flow of the
mail and the probes.
Starting at the front, right now I have a postscreen instance on 'mail1'.
It listens to inbound mail then passes mail to amavisd
[mail1.example.com]:25 inet n - n - 1 postscreen
-o smtpd_service_name=psint
psint pass - - n - - smtpd
-o syslog_name=postfix/psint
-o smtpd_proxy_filter=127.0.0.1:30000
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
...
I want the remote address verification to be done BEFORE passing to amavisd.
So if the verify fails because the recipient address does NOT exist when
checked by 'mail1' at the 'mail2' server, then the mail should be rejected
Even though I have the
address_verify_transport_maps =
static:addressverify:[mail2.example.com]:25
it doesn't look like it's actually checking the remote for recipient address
verification; instead it's just failing.
So taking a step back, how do I make sure that the remote address verification
occurs after postscreen, but before the proxy filter pass to amavis?
