> On Nov 12, 2017, at 6:15 AM, Tom Marcoen <tom.marc...@gmail.com> wrote:
>
>>> Losing recipient validation is NOT an advantage. Either way,
>>> you need to have a table of valid recipients to avoid backscatter.
>>
>> An alternative to a static table is dynamic recipient verification.
>> This uses a cache with proactive refresh.
>> http://www.postfix.org/ADDRESS_VERIFICATION_README.html
>>
>> Wietse
>
> That is exactly what Peer Heinlein also uses in his book but what I
> forgot to mention. I like this idea as it better isolates your DMZ
> server than when you have your DMZ server access your MySQL database.
>
> So am I correct that the general population would recommend/prefer
> virtual mailbox domains over relay domains in this situation?
Real-time access to the full recipient table (be it via LDAP or SQL)
is more reliable/predictable than a partial cache. Accessing and
caching the data via SMTP/LMTP is perhaps a lower attack surface
than the LDAP or MySQL protocols, but not by much. My personal
preference in such a situation is to use LDAP or SQL. With LDAP
you can spin-up a replica service that is colocated in the DMZ.
--
Viktor.
