Jaroslaw Rafa:
> Dnia 18.02.2022 o godz. 11:17:13 Wietse Venema pisze:
> > Starting to wonder if reject_unverified_recipient should be given
> > more publicity.
>
> Definitely should. I always thought of reject_unverified_recipient only in
> context of a front-end server relaying mail to the final server, which is a
> pretty rare case for me (I usually work with single-server setups). I did
> not think that it can be used in such context as rewriting by canonical
> maps.
Upon closer reading, address verification has limits some of
which are intentional.
Address verification will validate addresses that result from
canonical mappings and of 1-to-1 virtual aliases.
Address verification will not validate addresses that result from
the expansion of 1-to-many virtual aliases. It will just report
that the address before alias expansion is valid.
It does not validate 1-to-many expansions because that would result
in an explosive behavior, because the result would ambiguous if
some addresses in the expansion result are valid and some not, and
because it could be undesirable to reveal what 1-to-many aliases
expand into.
Address verification will also not validate addresses that result
from local aliasing/forwarding with alias_maps or ~/.forward files,
because I was too lazy to write code that determines if these are
1-to-1 or 1-to-many, but also because it might reveal too much
information. It will just report that the address before alias
expansion or forwarding is valid.
Wietse
