Hi,
During migration of an inherited mail system I have the situation that I
would like to reject certain recipient address _after_ they have been
rewritten through the virtual_alias_maps.
The old system had a spam sink where users could redirect certain local
parts. e.g. a user has a catchall account on his domain example.com but
has burned i...@example.com and it is full of spam. The user is able to
configure a redirect from i...@example.com to "spam".
Before the "spam" address was sinkholed via an alias entry that would run
a bit of analytics on the incoming spam and otherwise discard the input.
On the new system I would like to skip all as it was kind of error prone
and just outright reject mail.
My initial plan was to just have a check_recipient_access
hash:/etc/postfix/access_rcpt line added to the
smtpd_recipient_restrictions config item.
In the logs, I can see that the access table is being consulted but
unfortunately it is consulted for the raw RCPT TO header as received from
the client. This is unfortunately before rewriting happens and my
access_rcpt entry matching on spam@{{ $mydestination }} is not queried at
all according to the logs.
Is there a way to configure postfix to check after rewriting of addresses?
cheers,
Andreas
