Not a direct answer but the domain in question has an Email verification API. They are definitely probing for valid users.
I wonder if there's ever a valid use case for this. However, if you wanted to allow you would just enable the VERIFY feature. On Thu, Nov 25, 2021, 12:19 PM <post...@ptld.com> wrote: > I am guessing when this happens: > > postfix/smtpd[879005]: connect from smtpout79.briteverify.com > [54.175.215.209] > postfix/smtpd[879005]: 4J0QTC1PzHz4l3gS: client= > smtpout79.briteverify.com[54.175.215.209] > postfix/smtpd[879005]: disconnect from > smtpout79.briteverify.com[54.175.215.209] > helo=1 mail=1 rcpt=1 quit=1 commands=4 > > They are probing for valid usernames. Is there a way to have it output in > the logs what RCPT address they supplied? >
