reject_unverified_recipient is no option as remote sites don't like probing/verify requests. After rechecking, i had a typo in my regex.
Damn! It was working as documented. Sorry. Am Mi., 16. Jan. 2019 um 13:17 Uhr schrieb Wietse Venema < wie...@porcupine.org>: > Stefan Bauer: > > Hi, > > > > how can the following error be detected and an instant bounce/reject will > > be send to the sender? > > > > -- 880 Kbytes in 3 Requests. > > root@mx1:~# mailq > > -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- > > A97288008B 776694 Sun Jan 13 13:14:29 sender@sender > > (Cannot start TLS: handshake > > failure) > > http://www.postfix.org/postconf.5.html#reject_unverified_recipient. > > > Jan 15 14:23:01 mx1 smtp[5985]: SSL_connect error to > recipient.tld[ip]:25: > > -1 > > Jan 15 14:23:01 mx1 smtp[5985]: warning: TLS library problem: > > error:141A318A:SSL routines:tls_process_ske_dhe:dh key too > > small:../ssl/statem/statem_clnt.c:1472: > > Jan 15 14:23:01 mx1 smtp[5985]: A97288008B: to=<recipient@recipient>, > > relay=recipient.tld[ip]:25, delay=173312, delays=173282/15/15/0, > dsn=4.7.5, > > status=deferred (Cannot start TLS: handshake failure) > > > > smtp_delivery_status_filter does not seem to have any effect. > > Then you made a mistake. Which mistake? Insufficient data. > > Wietse >