@lbutlr:
> Since I have moved all local users to virtual users and switched dovecot =
> to lmtp from lda, I was able to add reject_unverified_recipient to =
> my restrictions, and it occurred to me maybe some of the other =
> restrictions could be eliminated.
>
> Do reject_non_fqdn_recipient, reject_unauth_destination, do anything =
> that isn=E2=80=99t done with the check for unverified recipient?
reject_unauth_destination keeps your system from becoming an open
relay. reject_unverified_recipient is more expensive than
reject_non_fqdn_recipient, so there is some value in keeping the
syntax check.
> Does it matter if there are only hundreds of addresses instead of tens =
> of thousands?
It should not greatly affect table lookup times. An indexed file
has roughly constant time, while trees are logarthmic. But more
recipients mean more probes.
> If nearly all users accounts get at least an email a day, will any =
> probes be done at all after the first day? (That is, how persistent is =
> the persistent database postfix keeps of verified recipients? Does it =
> persists through reloads of postfix, reboots of the system?)
Refresh probes happen when email arrives and a 'postive' stored
result is older than address_verify_positive_refresh_time or a
'negative' stored result is older than address_verify_negative_refresh_time.
The SMTP daemon will not wait for those refresh probes to complete,
as long as the stored result is not expired.
Wietse
