> On 21 Nov 2016, at 17:33, Wietse Venema <wie...@porcupine.org> wrote: > > Gerben Wierda: >> smtpd_recipient_restrictions = >> permit_sasl_authenticated >> permit_mynetworks >> reject_unauth_destination >> reject_unknown_recipient_domain >> reject_unverified_recipient > > You may want to look at these settings (defaults shown): > > unverified_recipient_defer_code = 450 > unverified_recipient_reject_code = 450 > unverified_recipient_reject_reason = > unverified_recipient_tempfail_action = $reject_tempfail_action > reject_tempfail_action = defer_if_permit
from postconf: address_verify_map = btree:$data_directory/verify_cache unverified_recipient_defer_code = 450 unverified_recipient_reject_code = 450 unverified_recipient_reject_reason = unverified_recipient_tempfail_action = $reject_tempfail_action reject_tempfail_action = defer_if_permit > I suspect that you're hitting a cached defer_if_permit response. I don’t understand what that means or what to do about it. Should I just remove /Library/Server/Mail/Data/mta/verify_cache.db and do a reload? Or should I just have to add to main.cf: unverified_recipient_reject_code = 550 and do a reload? And is that last thing safe? Another question. The phrase “Reject the request when mail to the RCPT TO address is known to bounce, or when the recipient address destination is not reachable.” leads to some confusion for me. Does ‘not reachable’ also include temporary failures? If so, wouldn’t this mechanism turn normal 450 into 550 when it is not supposed to do? What I’m looking for is a way that nonexistent local addresses are rejected. The strange thing is, they are of course at some point. When I try to mail to n...@rna.nl <mailto:n...@rna.nl> from a local machine (so ssl_authenticated and local network) I get The server response was: <n...@rna.nl <mailto:n...@rna.nl>>: Recipient address rejected: User unknown in local recipient table But when spammers do this, they currently get a policy response instead. I don’t want to hit outgoing mail (my own users, all authenticated) with this, only incoming for my own destinations, G PS. What command do I use to get my exact postfix version? > > Wietse > >> check_client_access >> regexp:/Library/Server/Mail/Config/postfix/rna_policy_whitelist_clients >> check_sender_access >> regexp:/Library/Server/Mail/Config/postfix/rna_policy_whitelist_senders >> check_policy_service unix:private/policy >> permit >> >> Question: why does this message end up in greylisting while I have >> reject_unverified_recipient set? >> >> Is this potentially an (unexpected) result of smtpd_delay_reject = yes? >> >> Thanks, >> >> G
