Gerben Wierda:
>
> > On 21 Nov 2016, at 17:33, Wietse Venema <wie...@porcupine.org> wrote:
> >
> > Gerben Wierda:
> >> smtpd_recipient_restrictions =
> >> permit_sasl_authenticated
> >> permit_mynetworks
> >> reject_unauth_destination
> >> reject_unknown_recipient_domain
> >> reject_unverified_recipient
> >
> > You may want to look at these settings (defaults shown):
> >
> > unverified_recipient_defer_code = 450
> > unverified_recipient_reject_code = 450
> > unverified_recipient_reject_reason =
> > unverified_recipient_tempfail_action = $reject_tempfail_action
> > reject_tempfail_action = defer_if_permit
>
> from postconf:
>
> address_verify_map = btree:$data_directory/verify_cache
> unverified_recipient_defer_code = 450
> unverified_recipient_reject_code = 450
> unverified_recipient_reject_reason =
> unverified_recipient_tempfail_action = $reject_tempfail_action
> reject_tempfail_action = defer_if_permit
>
> > I suspect that you're hitting a cached defer_if_permit response.
Actually, the stored info is one of {accepted, deferred, rejected}.
I cannot quickly locate the code that uses the
unverified_recipient_tempfail_action setting.
> Or should I just have to add to main.cf:
> unverified_recipient_reject_code = 550
> and do a reload?
Yes, you probably want to reject mail immediately.
> Another question. The phrase ?Reject the request when mail to the
> RCPT TO address is known to bounce, or when the recipient address
> destination is not reachable.? leads to some confusion for me.
> Does ?not reachable? also include temporary failures?
Temporary failure means that the answer is not known. When making
an irreversible decision (like permanently rejecting mail), Postfix
is quite insistent on making the distinction between having and not
having authoritative information.
Wietse
