> On Nov 4, 2017, at 4:20 PM, l carr <pandorasbo...@outlook.com> wrote:
>
>
> If an email is received from an upstream server and in the initial lookup,
> the custom error response is generated, the custom error response is returned
> properly.
As one might expect when LDAP is used as the backend store
for an access(5) table:
http://www.postfix.org/access.5.html
http://www.postfix.org/SMTPD_ACCESS_README.html
> However, if an email is received from an upstream server and the
> initial query leads to another LDAP query and then the custom error
> response, instead of returning the custom error response, the postfix
> server takes each individual word of the error response and turns that
> into an expanded email address.
As one would expect when LDAP is used as the backend store
for a virtual(5) or aliases(5) table:
http://www.postfix.org/virtual.5.html
http://www.postfix.org/aliases.5.html
http://www.postfix.org/ADDRESS_REWRITING_README.html
DO NOT use access(5) data as address rewriting data or vice versa.
> I can also reproduce this issue if I try to do a test directly from the
> postfix server. (sendmail -bv emailaddress)
>
> The LDAP queries are defined using virtual_alias_maps.
Reject error messages don't go into virtual_alias_maps.
That's what access(5) tables are for.
--
Viktor.
