> On Nov 23, 2022, at 23:27, Phil Biggs <mb170...@pjb.cc> wrote: > > Thursday, November 24, 2022, 5:24:12 PM, Doug Hardie wrote: > > >> I am trying with the postscreen dns lookup disabled. Here is the main.cf >> section: > >> # postscreen spam filtering >> postscreen_greet_action = enforce >> #postscreen_dnsbl_action = enforce >> #postscreen_dnsbl_sites = bl.spamcop.net zen.spamhaus.org=127.0.0.[2..11] >> b.barr >> acudacentral.org >> postscreen_access_list = permit_mynetworks, >> cidr:/usr/local/etc/postfix/access.cidr >> # >> # Use long queue ids for uniqueness >> enable_long_queue_ids = yes >> # >> # Incoming restrictions and Implement postfwd >> incoming_smtpd_restrictions = >> check_policy_service inet:127.0.0.1:10040, >> reject_invalid_hostname, >> reject_non_fqdn_sender, >> reject_non_fqdn_recipient, >> reject_unknown_sender_domain, >> reject_unknown_recipient_domain, >> reject_unauth_pipelining, >> permit_mynetworks, >> check_recipient_access hash:/usr/local/etc/postfix/tempfail, >> reject_unauth_destination, >> reject_unverified_recipient >> reject_rbl_client bl.spamcop.net, >> reject_rbl_client b.barracudacentral.org, >> reject_rbl_client zen.spamhaus.org, >> permit >> # > > >> Here is main.cf for smtpd: > >> smtpd pass - - n - 50 smtpd >> -o smtpd_recipient_restrictions=$incoming_smtpd_restrictions > > >> However, I seem to be doing the dns for all received emails. I see the log >> message for user User unknown in virtual alias table, and dns requests with >> that same timestamp for spamcop, barracudacentral and spamhaus. I am >> suspecting I am missing a reject statement that will reject the email when >> the user is not in the virtual alias table that needs to be before the rbl >> rejects. I thought that reject_unverified_recipient would do that, but >> apparently not.' > >> -- Doug > > Never heard of the parameter "incoming_smtpd_restrictions" > > Is that really what you have in main.cf
Yes - that is a macro that is referenced in main.cf as shown above — Doug
